G7 releases AI SBOM, DELL Support BSOD, Dirty Frag sequel

In today’s cybersecurity news…

G7 countries release AI SBOM guidance

Agencies from U.S., Canada, Japan, Germany, France, Italy, the United Kingdom, along with the European Union have now published the Software Bill of Materials for AI – Minimum Elements, focusing on AI. A SBOM is a “detailed, machine-readable manifest that catalogs every component, library, dependency, and module incorporated into a software product to provide full transparency into its composition.” This document aims to “help public and private sector organizations enhance transparency in their AI systems and supply chains,” making it easier to track vulnerabilities and reduce risks.

(Security Week)

Dell confirms its SupportAssist software causes Windows BSOD crashes

The company has confirmed that its SupportAssist software is causing blue-screen of death crashes on some Windows systems. This follows a flood of user reports about random reboots that have been affecting Dell devices since Friday. Version 5.5.16.0 of the Dell SupportAssist Remediation service is responsible for this series of crashes, and the company says it is working towards a resolution. An easy workaround is to simply disable the Dell SupportAssist Remediation service or uninstall it.

(BleepingComputer)

Dirty Frag 2: Electric Boogaloo. Its sequel arrives as Fragnesia

Following up on a story we covered on Tuesday, it appears the Linux kernel vulnerability Dirty Frag which itself was a follow up of the Copy Fail bug, is now returning as Fragnesia, a Linux kernel local privilege escalation flaw. It “allows unprivileged users to gain root by corrupting page cache memory” and has its own CVE number (CVE-2026-46300). According to researcher Hyunwoo Kim, who discovered Dirty Frag, this “Fragnesia” bug emerged as “an unintended side effect of patches shipped to fix the original Dirty Frag vulnerabilities.”

(The Register)

Ransomware campaigns increasingly turning to threats of physical violence

According to a report from security firm Semperis, in as many as 40% of global ransomware attacks in 2025, the criminals in charge of the attacks threatened to physically harm members of staff who refused to pay their ransom demand. This number was even higher in the U.S., at 46%. This is made easy for the hackers who often gain access to PII, allowing them to call individuals at work, quoting their home address, social security numbers, and other types of personal data. In other cases, the violence is not threatened against people, but against machinery, such as “demonstrating their control by turning devices such as robots and conveyor belts on and off – actions that could easily lead to injuries or even death.” In most cases, according to an FBI report, the hackers who make these threats are young, between 17 and 25 years and work for – or are recruited by – financially motivated gangs.

(BBC News)

Huge thanks to our sponsor, Doppel

UK moves to shield security researchers in cybercrime law rewrite

The British government announced on Wednesday its intention to rewrite key cybercrime laws after “years of warnings that outdated legislation was hindering security researchers and weakening the country’s cyber defenses.” This would be an update of the Computer Misuse Act 1990 intended to address a long-running complaint that its cybercrime law no longer reflects the realities of modern defensive security work. It was written “before the rise of cloud computing, ransomware gangs, cryptocurrency laundering, and the modern cybersecurity industry.” Researchers and industry groups have argued for years that the law’s broad unauthorized-access provisions can create legal uncertainty around legitimate activities such as vulnerability research, penetration testing and threat intelligence operations.”

(The Record)

Microsoft closes in on its own annual vulnerability record

Adding to a story covered yesterday regarding Microsoft’s MDASH vulnerability tool, it should be noted that Tuesday, Patch Tuesday, the company issued patches “for more than 130 security vulnerabilities, putting it on pace to break its own annual record.” Representatives acknowledge that “AI tools are driving a surge in vulnerability discovery across the industry.” Microsoft has already patched more than 500 vulnerabilities in 2026 and Tom Gallagher, vice president of engineering at Microsoft’s Security Response Center, said in a blog post “the company expects releases to continue trending larger.”

(The Record)

KongTuke hackers use Microsoft Teams for corporate breaches

Initial access broker KongTuke has “moved to Microsoft Teams for social engineering attacks, taking as little as five minutes to gain persistent access to corporate networks.” This is done by tricking users into pasting a PowerShell command that delivers a remote access trojan. Initial access brokers (IAB) like KongTuke then sell company network access to ransomware operators, who use it to deploy file-theft and data-encrypting malware. A central element to this campaign is cybercriminals using Teams to reach out to company employees, pretending to be IT and help-desk staff.

(BleepingComputer)

AI hallucinations are creating real security risks

AI hallucinations are “introducing serious security risks into critical infrastructure decision-making by exploiting human trust through highly confident yet incorrect outputs.” This highlights a major weakness in AI, specifically its lacks a mechanism to recognize uncertainty, instead, generating a ‘most probable response’ based on patterns in its training data.” According to the Artificial Analysis organization’s AA-Omniscience benchmark, 36 out of 40 AI models tested were found to be “more likely to provide a confident, incorrect answer than a correct one on difficult questions.” As AI takes on a larger role in cybersecurity operations, organizations “must treat every AI-generated response as a potential vulnerability until a human has verified it.” A link to the AA-Omniscience report is available in the show notes to this episode.

(The Hacker News and AA-Omniscience)