Security Digest - May 15, 2026

Daily security intelligence briefing for infrastructure and endpoint management teams. Consolidated from authoritative research, vendor advisories, and community discussions.

Generated (UTC): 2026-05-15 15:59:01 +00:00
Lookback window: 7 days

🚀 Top Research & Advisories

Chrome 148 Update Patches Critical Vulnerabilities - (Reddit r/cybersecurity) submitted by /u/rkhunter_ [link] [comments]

Action: Validate Chrome coverage; update managed package if needed.
SentinelOne. Backup delete attempt at 06:28, Kill process mitigation action at 06:31. Was the deletion blocked or not? - (Reddit r/cybersecurity) Hi everyone, I'm reviewing a "Critical - Ransomware" alert ("VSS Shadow Copies Deletion Attempt detected") and I have a question about the timestamps and mitigation logic. Here is the timeline from the report: 06:28:24 - vssad…

Action: Review Office update channel health and security baseline compliance.

💻 AppSec

OneDrive Sync supports up 1 million items - Coming soon. - (Reddit r/sysadmin) Review .NET runtime vulnerabilities and apply patches.
Shai-Hulud Worm Steals npm, GitHub, AWS, and Kubernetes Secrets From Developers - (CybersecurityNews) Monitor developer tool vulnerabilities and supply chain risks.

🏗 Infrastructure

Small business running SQL Server 2016 on EverRun (EOL July 13, 2026). Need to upgrade software ASAP. Planning a hardware upgrade later. Looking for advice on the best path forward. - (Reddit r/sysadmin) Review server hardening and AD security posture.
Windows Server 2019 Standard with very high WMI Provider Host and Service Host: Windows Event Log CPU usage causing CPU to stay at 100% - (Reddit r/sysadmin) Review server hardening and AD security posture.

🛡 Security Ops

Anyone go from ManageEngine AdSelfService, ADAudit, and ADManager standalone to AD360 - (Reddit r/sysadmin) Review CA/MFA settings for tightening opportunities.
Tycoon 2FA Operators Adopt OAuth Device Code Phishing to Bypass MFA - (CybersecurityNews) Review CA/MFA settings for tightening opportunities.

🛠 Infrastructure & Endpoint Control

Anyone know much about MS Defender? - (Reddit r/cybersecurity) Review security controls and policy updates.
Beyond Acceleration and Automation: How AI + Intelligence Changes Cyber Defence - (Reddit r/cybersecurity) Review security controls and policy updates.
FYI: Enabling Windows Hotpatch while Update Secure Boot Certs Might Not Be a Great Combination - (Reddit r/sysadmin) Evaluate update rings and expedite actions if needed.
How does Microsoft plans to reduce RAM usage in Windows 11? - (Reddit r/Windows11) Validate workstation security baseline and update compliance.
KB5089573: Microsoft shuts down critics, confirms Windows 11 “low latency” performance fix - (Neowin) Validate workstation security baseline and update compliance.
Microsoft backpedals: Edge to stop loading passwords into memory - (BleepingComputer) Validate Edge/WebView2 coverage; refresh managed package.
Microsoft commits to native UI for Windows 11 as users push back against web app slop - (Reddit r/Windows11) Validate workstation security baseline and update compliance.
Microsoft Edge, Windows 11 and LiteLLM Hacked in Pwn2Own Berlin 2026 - (CybersecurityNews) Validate Edge/WebView2 coverage; refresh managed package. Validate workstation security baseline and update compliance.
Microsoft launches Cloud‑Initiated Driver Recovery for remote rollback of faulty updates — no user action or OEM intervention will be needed to handle broken drivers delivered via Windows Update - (Reddit r/Windows11) Evaluate update rings and expedite actions if needed.
Microsoft promises to fix driver quality in Windows, here’s how - (Neowin) Validate workstation security baseline and update compliance.
Microsoft says it needs feedback to fix Windows 11 UX, launches Windows Insider research panel - (Reddit r/Windows11) Validate workstation security baseline and update compliance.
Microsoft’s next Windows 11 update will “accelerate app launch and core shell experiences” as new ‘Low Latency Profile’ feature prepares for rollout - (Reddit r/Windows11) Validate workstation security baseline and update compliance.
Network setup for monitoring data usage - (Reddit r/sysadmin) Review security controls and policy updates.
Odd issue with adding network printer - Network Discovery issue? - (Reddit r/sysadmin) Validate workstation security baseline and update compliance.
PSA: Microsoft Edge GPO setting to suppress asking users to reset to Microsoft recommended default settings - (Reddit r/sysadmin) Validate Edge/WebView2 coverage; refresh managed package.
Remote Desktop issues - (Reddit r/sysadmin) Review security controls and policy updates.
Replacing on-prem fileserver with Sharepoint. - (Reddit r/sysadmin) Review Office update channel health and security baseline compliance.
Shared Drive - ‘Request from RCP is unavailable’ - (Reddit r/sysadmin) Validate workstation security baseline and update compliance.
This legacy app somehow still exists in Windows 11, despite zero use - (Neowin) Validate workstation security baseline and update compliance.
Why does the hard drive Removal Policy setting have two elements? - (Reddit r/Windows11) Validate workstation security baseline and update compliance.
Windows 11 25H2 gets shared audio, improved Task Manager, better performance, and more - (Neowin) Validate workstation security baseline and update compliance.
Windows 11 and Microsoft Edge hacked at Pwn2Own Berlin 2026 - (BleepingComputer) Validate Edge/WebView2 coverage; refresh managed package. Validate workstation security baseline and update compliance.
Windows 11 KB5089549 can now be downloaded for USB installs using official Microsoft tool - (Neowin) Validate workstation security baseline and update compliance.

🩹 Patch Tuesday & Update Experience

FYI: Enabling Windows Hotpatch while Update Secure Boot Certs Might Not Be a Great Combination - (Reddit r/sysadmin) Last month, the Intune product team globally modified everyone's tenant to enable Hotpatch by default. Arguably the 'right' thing to do as it will get devices secure faster. However, the u…
KB5089549 disables the new taskbar animation - (Reddit r/Windows11) Today my PC decided to update while I went to the toilet. The new kb5089549 update decided to bless me by removing the new smooth taskbar autohide animation and by replacing it with the old choppy one…
KB5089573: Microsoft shuts down critics, confirms Windows 11 “low latency” performance fix - (Neowin) Despite the criticism, Microsoft has been headstrong about its new "low latency profile" performance fix. With KB5089573, the feature will be rolling out. Read more…
Microsoft launches Cloud‑Initiated Driver Recovery for remote rollback of faulty updates — no user action or OEM intervention will be needed to handle broken drivers delivered via Windows Update - (Reddit r/Windows11) submitted by /u/rkhunter_ [link] [comments]

🔍 Quick Links (Watch Items)

Zabbix alternative - (Reddit r/sysadmin)
Windows Server 2019 Standard with very high WMI Provider Host and Service Host: Windows Event Log CPU usage causing CPU to stay at 100% - (Reddit r/sysadmin)
FYI: Enabling Windows Hotpatch while Update Secure Boot Certs Might Not Be a Great Combination - (Reddit r/sysadmin)
Does enabling Hotpatch updates mean you only get quality updates quarterly? - (Reddit r/sysadmin)
Automating Code Security Reviews - (Reddit r/cybersecurity)
AI coding tools on developer machines — looking for input on how you’re handling it - (Reddit r/cybersecurity)
Small business running SQL Server 2016 on EverRun (EOL July 13, 2026). Need to upgrade software ASAP. Planning a hardware upgrade later. Looking for advice on the best path forward. - (Reddit r/sysadmin)
Beyond Acceleration and Automation: How AI + Intelligence Changes Cyber Defence - (Reddit r/cybersecurity)
PraisonAI Vulnerability Exploited Within Hours of Public Disclosure - (CybersecurityNews)
Exchange Server has a “critical” security bug, but Microsoft does not have a proper fix yet - (Neowin)