Security Digest - May 20, 2026

Daily security intelligence briefing for infrastructure and endpoint management teams. Consolidated from authoritative research, vendor advisories, and community discussions.

• Generated (UTC): 2026-05-20 16:47:25 +00:00
• Lookback window: 7 days

🚀 Top Research & Advisories

• Xlsx Payload for rce - (Reddit r/cybersecurity) I am working on asp.net based application i found a xlsx endpoint which allows me to upload record I found stored xss through it but is it possible to get rce ?? submitted by /u/novi_jk [link] [comments]

  Action: Review .NET runtime vulnerabilities and apply patches.

💻 AppSec

• GitHub breach highlights developer tools as part of attack surface - (Reddit r/cybersecurity) Monitor developer tool vulnerabilities and supply chain risks.

• GitHub confirms breach of 3,800 repos via malicious VSCode extension - (BleepingComputer) Monitor developer tool vulnerabilities and supply chain risks.

• Help me understand the risks associated with containerized and or disposable web browsers - (Reddit r/cybersecurity) Monitor developer tool vulnerabilities and supply chain risks.

• Opensource that automatically scans your git repos for breaches - (Reddit r/cybersecurity) Monitor developer tool vulnerabilities and supply chain risks.

🏗 Infrastructure

• CVE-2026-0237 - (NVD) Review VPN client version and deployment.

• CVE-2026-0263 - (CVE.org) Review security controls and policy updates. Review VPN client version and deployment.

• CVE-2026-0264 - (NVD) Review server hardening and AD security posture. Review VPN client version and deployment.

• CVE-2026-0265 - (NVD) Review VPN client version and deployment.

• I know why, but it annoys the piss out of me that a Windows Server 2025 base install uses less resources than Windows 11 pro. - (Reddit r/sysadmin) Review server hardening and AD security posture. Validate workstation security baseline and update compliance.

• Licensing Windows Server Datacenter OEM + VMware + KMS / ADBA – besoin de confirmation - (Reddit r/sysadmin) Review server hardening and AD security posture.

🛠 Infrastructure & Endpoint Control

• “Atrocious implementation”: Microsoft’s unremovable Copilot button is driving Excel users crazy with forced AI in spreadsheets - (Reddit r/Windows11) Review Office update channel health and security baseline compliance.

• Company unable to load outlook public folders - (Reddit r/sysadmin) Review Office update channel health and security baseline compliance.

• CVE-2026-0263 - (CVE.org) Review security controls and policy updates. Review VPN client version and deployment.

• general availability of VMware Workstation 26H1 and VMware Fusion 26H1 - (Reddit r/sysadmin) Validate workstation security baseline and update compliance.

• I know why, but it annoys the piss out of me that a Windows Server 2025 base install uses less resources than Windows 11 pro. - (Reddit r/sysadmin) Review server hardening and AD security posture. Validate workstation security baseline and update compliance.

• I made Windows 11 look like 7 - (Reddit r/Windows11) Validate workstation security baseline and update compliance.

• Is Microsoft Defender being racist? (Seriously, hear me out) - (Reddit r/sysadmin) Review security controls and policy updates.

• M365 + Slack legal Data Access Request - Help Please! - (Reddit r/sysadmin) Review Office update channel health and security baseline compliance.

• Managed google play single app missing from Install set(Android 12+) - (Reddit r/sysadmin) Validate Edge/WebView2 coverage; refresh managed package.

• Microsoft admits Windows 11’s dedicated Copilot key breaks certain workflows: Confirms plans to let users restore “Right Ctrl” or “Context menu” key later this year - (Reddit r/Windows11) Validate workstation security baseline and update compliance.

• Microsoft is fixing one of the most annoying things about Windows 11 — ‘spam’ in search results when looking for files and settings on your PC - (Reddit r/Windows11) Validate Edge/WebView2 coverage; refresh managed package. Validate workstation security baseline and update compliance.

• Microsoft is killing SMS codes for Microsoft account sign-in, aggressively pushes passkeys on Windows 11 - (Reddit r/Windows11) Validate workstation security baseline and update compliance.

• Microsoft is testing different Windows 11 taskbar positions per monitor and new Start menu controls - (Reddit r/Windows11) Validate workstation security baseline and update compliance.

• Microsoft makes significant accessibility improvement in Word - (Neowin) Review Office update channel health and security baseline compliance.

• Microsoft plans to improve Windows 11 driver quality in 2026 - (Reddit r/Windows11) Validate workstation security baseline and update compliance.

• Microsoft Releases Mitigation for Windows BitLocker Security Bypass 0-Day Vulnerability - (CybersecurityNews) Review encryption policy and remediation gaps.

• Microsoft releases new Windows 11 images with the latest preview builds - (Neowin) Validate workstation security baseline and update compliance.

• Network Security and Firewall Engineer - (Reddit r/sysadmin) Review security controls and policy updates.

• Regarding Windows K2, and the community’s peculiar response to it - (Reddit r/Windows11) Validate workstation security baseline and update compliance.

• Stardock releases DeskScapes 2026 adding live wallpaper support in Windows 11 - (Neowin) Validate workstation security baseline and update compliance.

• The real reason everyone stays on Chrome despite its terrible privacy track record - (Neowin) Validate Chrome coverage; update managed package if needed.

• Two different organizations, same mailaddress for microsoft account login. - (Reddit r/sysadmin) Validate Edge/WebView2 coverage; refresh managed package.

• Windows 11 24H2 and 25H2 get fixes for muted audio and non-working apps and notifications - (Neowin) Validate workstation security baseline and update compliance.

• Windows 11’s new “Haptic Signals” feature is a quality of life upgrade I didn’t realize the OS needed until I tried it - (Reddit r/Windows11) Validate workstation security baseline and update compliance.

• Windows Update Hotpatch and cumulative - (Reddit r/sysadmin) Evaluate update rings and expedite actions if needed.

🩹 Patch Tuesday & Update Experience

• Windows Update Hotpatch and cumulative - (Reddit r/sysadmin) Hello everyone, We are starting to switch from WSUS to WUfB and we are a bit lost in the kb it updates. We are using SCCM (not co-managed yet, it's coming) and I switch both from GPO and using SCC…

🔍 Quick Links (Watch Items)

• GitHub breach highlights developer tools as part of attack surface - (Reddit r/cybersecurity)
• Encrypted emails bypassing email security tool - (Reddit r/cybersecurity)
• Remote working India - (Reddit r/cybersecurity)
• Network Security and Firewall Engineer - (Reddit r/sysadmin)
• Windows File Server Audit – How to reliably detect who created a file? (EventID 4663 / 5145 / 4656 confusion) - (Reddit r/sysadmin)
• Career fork in the road and I need help deciding what my best option would be. - (Reddit r/sysadmin)
• Score by collisions, patch by panic: defensive architecture for the post-90-day-disclosure era - (Reddit r/cybersecurity)
• FreePBX Vulnerability Allow Attackers to Gain Access to User Portals - (CybersecurityNews)
• Critical ExifTool Vulnerability Allows Attackers to Compromise Macs via Single Malicious Image - (CybersecurityNews)
• Identity Alone Isn’t Enough: Why Device Security Has to Share the Load - (BleepingComputer)