Security Digest - May 28, 2026

Daily security intelligence briefing for infrastructure and endpoint management teams. Consolidated from authoritative research, vendor advisories, and community discussions.

• Generated (UTC): 2026-05-28 17:31:57 +00:00
• Lookback window: 7 days

🚀 Top Research & Advisories

• Microsoft vs Chaotic Eclipse: three zero-days now actively exploited - (Reddit r/cybersecurity) This one has been building for a month and it came to a head this week. A researcher going by Chaotic Eclipse has released six Windows zero-days publicly over the past several weeks, covering Defender, BitLocker, and Windows CTFMON. The researcher&#3…

  Action: Review encryption policy and remediation gaps. Review security controls and policy updates.

💻 AppSec

• Released: Dataforge Honeypot - (Reddit r/cybersecurity) Monitor developer tool vulnerabilities and supply chain risks.

🏗 Infrastructure

• Advice moving domain without LDAP signing from 2012 to 2025 - (Reddit r/sysadmin) Review server hardening and AD security posture.

• After a year of using Windows Server 2025, I’m finally throwing in the towel - (Reddit r/sysadmin) Evaluate update rings and expedite actions if needed. Review server hardening and AD security posture. Validate workstation security baseline and update compliance.

• Can you enforce strong Active Directory password rules without frustrating users? - (BleepingComputer) Review server hardening and AD security posture.

• Microsoft confirms Domain Controller bug in Windows Server 2016 - (Neowin) Review server hardening and AD security posture.

• Why is VPN integration in Windows so weird compared to other OSes? - (Reddit r/Windows11) Review server hardening and AD security posture.

🛠 Infrastructure & Endpoint Control

• 3CX/M365 SSO Integration - M365 Groups & 3CX Departments - (Reddit r/sysadmin) Review Office update channel health and security baseline compliance.

• 5 things Microsoft isn’t fixing with Windows 11 that I’d love to see happen - (Reddit r/Windows11) Validate workstation security baseline and update compliance.

• After a year of using Windows Server 2025, I’m finally throwing in the towel - (Reddit r/sysadmin) Evaluate update rings and expedite actions if needed. Review server hardening and AD security posture. Validate workstation security baseline and update compliance.

• Anyone else dealing with standalone Copilot reinstalling through EdgeUpdate after removal? - (Reddit r/sysadmin) Review Office update channel health and security baseline compliance. Validate Edge/WebView2 coverage; refresh managed package.

• Dualboot Windows 11 automated install - (Reddit r/sysadmin) Validate workstation security baseline and update compliance.

• Is Gophish still usable in 2026? - (Reddit r/cybersecurity) Review Office update channel health and security baseline compliance. Review security controls and policy updates.

• Laptop windows 11 desktop custom design - (Reddit r/Windows11) Validate workstation security baseline and update compliance.

• Looking for a modern WAF alternative to ModSecurity (Coraza integration with pfSense/HAProxy/Nginx) - (Reddit r/sysadmin) Review security controls and policy updates. Validate Edge/WebView2 coverage; refresh managed package.

• Looking for a new Ticketing system - (Reddit r/sysadmin) Review Office update channel health and security baseline compliance.

• Microsoft brings AirPods-style audio sharing to Windows 11, letting two people listen on one PC with their own headphones - (Reddit r/Windows11) Validate workstation security baseline and update compliance.

• Microsoft confirms plans to integrate Copilot with the Taskbar on Windows 11 this summer: Ask Copilot expected to debut “mid-2026” - (Reddit r/Windows11) Validate workstation security baseline and update compliance.

• Microsoft confirms Windows 11 has been downgrading graphics drivers, reveals when a fix is coming / Did they fix it with today’s update? - (Reddit r/Windows11) Validate workstation security baseline and update compliance.

• Microsoft Defender can now automatically isolate hacked endpoints - (Reddit r/Windows11) Review security controls and policy updates.

• Microsoft is finally bringing All Accounts view to Outlook on Windows - (Neowin) Review Office update channel health and security baseline compliance.

• Microsoft rolls out optional Windows 11 KB5089573 update that makes your PC genuinely faster and more responsive - (Reddit r/Windows11) Validate workstation security baseline and update compliance.

• Microsoft Should Let Users Resize the Windows 11 Start Menu - (Reddit r/Windows11) Validate workstation security baseline and update compliance.

• Microsoft’s Windows 11 CPU boost is rolling out, and here’s how to enable it right now - (Reddit r/Windows11) Validate workstation security baseline and update compliance.

• Public CAs are exiting client authentication. Most organisations haven’t inventoried what depends on it. - (Reddit r/cybersecurity) Validate Chrome coverage; update managed package if needed.

• Qualcomm unveils Snapdragon C low-end SoC for cheap Windows 11 devices - (Reddit r/Windows11) Validate workstation security baseline and update compliance.

• Scan for all user’s calendar items that are “Out of Office” for public PTO dashboard? - (Reddit r/sysadmin) Review Office update channel health and security baseline compliance.

• Taskbar Zones? not app groups. - (Reddit r/Windows11) Review Office update channel health and security baseline compliance. Validate Chrome coverage; update managed package if needed. Validate Edge/WebView2 coverage; refresh managed package.

• We have very strange Exchange Online behavior (Germany) in calendar sharing and calendar access - (Reddit r/sysadmin) Review Office update channel health and security baseline compliance.

• We security-reviewed our own free CVE tool and shipped the fixes - EPSS Lookup Tool v2.7 - (Reddit r/cybersecurity) Validate Edge/WebView2 coverage; refresh managed package.

• What actually happens to your CPU when Windows 11’s Low Latency Profile is working - (Reddit r/Windows11) Validate workstation security baseline and update compliance.

• Windows 11 Dark Mode is not fully applying to the Start Menu search bar. The search box remains white while the rest of the UI is dark themed. - (Reddit r/Windows11) Validate workstation security baseline and update compliance.

• Windows 11 KB5089573 update released with performance improvements - (BleepingComputer) Validate workstation security baseline and update compliance.

🩹 Patch Tuesday & Update Experience

• After a year of using Windows Server 2025, I’m finally throwing in the towel - (Reddit r/sysadmin) There is something fundamentally wrong with Windows Server 2025. TLDR : Listen to the seasoned admins here: don't install Server 2025 . Just don't . It's still not ready for prime time , a…

• Windows 11 KB5089573 update released with performance improvements - (BleepingComputer) System.Xml.XmlElement

🔍 Quick Links (Watch Items)

• Hackers exploit FortiClient EMS flaw to push infostealer malware - (BleepingComputer)
• New Gogs 0-Day Vulnerability Lets Attackers Run Malicious Code on the Server Remotely - (CybersecurityNews)
• What’s an attack vector people massively underestimate in 2026? - (Reddit r/cybersecurity)
• We security-reviewed our own free CVE tool and shipped the fixes - EPSS Lookup Tool v2.7 - (Reddit r/cybersecurity)
• Critical OpenVPN Connect for macOS Vulnerability Let Attackers Execute Arbitrary Commands - (CybersecurityNews)
• New Linux CIFSwitch Kernel Vulnerability Allows Attackers to Gain Root Access - (CybersecurityNews)
• Calling Cyber Security Beginners - (Reddit r/cybersecurity)
• After a year of using Windows Server 2025, I’m finally throwing in the towel - (Reddit r/sysadmin)
• Microsoft vs Chaotic Eclipse: three zero-days now actively exploited - (Reddit r/cybersecurity)
• Proxmox Datacenter Manager 1.1 available - (Reddit r/sysadmin)