cybr.cx Daily Digest — May 14, 2026

Critical Vulnerabilities

CVE-2026-41957 / CVE-2026-34176 / CVE-2026-32673 / CVE-2026-32643 — F5 BIG-IP & BIG-IQ (CVSS 8.7–8.8) Four separate vulnerabilities landed this week across F5's BIG-IP and BIG-IQ platforms. CVE-2026-41957 allows authenticated remote code execution via the Configuration utility through undisclosed vectors. CVE-2026-34176 enables authenticated remote command injection through an undisclosed iControl REST endpoint in Appliance mode — a security boundary crossing that should alarm anyone relying on that isolation guarantee. CVE-2026-32673 allows Resource Administrator or Administrator-level accounts to run arbitrary system commands at elevated privileges via scripted monitors. CVE-2026-32643 lets Certificate Manager-level accounts modify configuration objects to achieve arbitrary command execution. If you're running BIG-IP or BIG-IQ, these four together represent a serious privilege escalation and lateral movement surface — patch or restrict access to the management plane now.

CVE-2026-45227 — Heym before 0.0.21 (CVSS 8.8) Heym's custom Python tool executor contains a sandbox escape that lets authenticated workflow authors use object-graph introspection to recover the unrestricted __import__ function, then import blocked modules like os and subprocess. In agentic or multi-tenant AI workflow environments where Heym is deployed, this effectively hands any workflow author a shell. Update to 0.0.21 immediately and audit who has workflow authoring permissions.

CVE-2026-3425 — RTMKit Addons for Elementor for WordPress ≤2.0.2 (CVSS 8.8) A Local File Inclusion vulnerability in the get_content AJAX action's path parameter allows Author-level WordPress users and above to include and execute arbitrary PHP files on the server. In shared hosting environments or sites with multiple contributor accounts, this is a trivial path to full server compromise. Update the plugin and review contributor-level account hygiene on affected installations.

CVE-2026-44293 — protobuf.js before 7.5.6 / 8.0.2 (CVSS 8.8) A crafted protobuf schema descriptor with a non-string default value for a bytes field can cause attacker-controlled code to be emitted into the JavaScript generated by toObject conversion. Any application that compiles untrusted or user-supplied .proto definitions is directly exposed to code injection at generation time. This one is particularly nasty in supply chain contexts — update protobufjs across all pipelines and treat external schemas as hostile input.

CVE-2026-6281 — Lenovo Personal Cloud Storage devices (CVSS 8.8) Remote authenticated users on the local network can execute arbitrary commands on affected Lenovo Personal Cloud Storage devices. Lenovo's advisory is sparse on specifics, which makes scoping difficult. Check Lenovo's support pages for affected model numbers and apply firmware updates; in the meantime, consider isolating these devices from broader network segments.

Headline News

YellowKey: A BitLocker Zero-Day That Looks Like a Backdoor
A newly disclosed zero-day exploit dubbed YellowKey reportedly allows an attacker to bypass Microsoft BitLocker full-disk encryption using only files loaded from a USB stick — no credentials, no TPM bypass complexity, just plug in and walk away with the data. The exploit has drawn intense scrutiny because the mechanism appears to leverage what researchers are describing as a deliberate backdoor-like design choice rather than a conventional implementation bug, though Microsoft has not confirmed that characterisation. If the claims hold up under broader peer review, this represents one of the most significant attacks on Windows at-rest encryption in years and would affect any enterprise relying on BitLocker as its primary data protection control for lost or stolen hardware. Practitioners should watch for Microsoft's official response closely — and in the meantime, consider whether additional encryption layers or pre-boot authentication controls are warranted for high-value endpoints.

Malicious OpenAI Impersonator Repo Pulls 244,000 Downloads on Hugging Face
A fraudulent repository masquerading as an OpenAI "Privacy Filter" model reached the number-one trending position on Hugging Face and racked up 244,000 downloads in under 18 hours before the platform removed it — a stark demonstration of how effectively threat actors can weaponise developer trust in AI model repositories. The repo was credential-harvesting, silently exfiltrating passwords from machines that downloaded and ran the package. The scale and speed of the compromise reflects a maturing playbook: malicious actors are now treating AI model hubs the same way they treat npm and PyPI, exploiting the combination of trending algorithms, brand impersonation, and the assumption that popular equals safe. Any organisation pulling models from public repositories without hash verification, sandboxed execution environments, or explicit allow-listing of approved sources should treat this as a wake-up call — the AI supply chain is wide open.

Foxconn Ransomware Attack Highlights Persistence of Manufacturing Sector Exposure
Foxconn, one of the world's largest contract electronics manufacturers, has confirmed a ransomware attack that has drawn renewed attention to the persistent vulnerability of large industrial and manufacturing supply chain operators. The incident underscores a pattern that defenders know well but executives continue to underestimate: scale and revenue do not translate to security maturity, and manufacturing environments with legacy OT/IT integration represent a particularly rich target set for ransomware groups. For practitioners supporting industrial or supply chain customers, this is a useful data point to bring to board-level conversations about incident response planning and OT network segmentation — the argument that "we're too big to be meaningfully disrupted" has not aged well.

Schrödinger's Feed

A team of scientists has demonstrated a three-dimensional quantum system capable of storing quantum information for exponentially long periods at finite temperatures — without active error correction. This is the kind of result that most physicists had filed under "theoretically impossible," since thermal noise was considered an essentially insurmountable enemy of passive quantum memory at any practical temperature. If the result survives replication and scaling, it could dramatically change the timeline for fault-tolerant quantum computing, which is currently the main technical barrier between today's noisy hardware and the cryptographically relevant machines that break RSA and ECC. Practitioners tracking post-quantum migration timelines should note: assumptions about "how long we have" before cryptographically relevant quantum computing arrives are worth revisiting more frequently than annual.

/dev/random

Apparently you can still register a free *.city.state.us locality domain — these are the obscure, government-designated subdomain spaces that predate the commercial DNS gold rush and have largely been forgotten by everyone except a dedicated corner of the internet. A detailed guide on how to actually navigate the bureaucratic archaeology required to claim one has been making the rounds, and the process is exactly as charmingly obtuse as you'd expect from infrastructure designed in an era when the web was mostly universities and enthusiasts. There's something poetically appealing about owning something.portland.or.us in 2026 — the digital equivalent of finding an unlocked government building and setting up a desk. No known CVEs associated with locality domains at time of publication, which puts them ahead of several Elementor plugins.