A new vulnerability prediction metric called LEV is being tested by NIST and CISA to improve the identification of exploited vulnerabilities. Meanwhile, Signal reacts to Microsoft’s Recall feature by disabling screenshots on Windows 11, and AI-assisted discovery finds a Linux kernel flaw CVE-202537899. #LEVMetrics #LinuxCVE202537899
Keypoints :
- NIST and CISA introduced the LEV metric to better predict which vulnerabilities are exploited in the wild.
- LEV aims to supplement existing systems like EPSS and KEV lists by providing deterministic, reproducible likelihood scores.
- Microsoft’s Recall feature, integrated into Windows 11, faces resistance from security researchers and Signal Messenger for privacy concerns.
- Signal disables screenshots by default on Windows 11 to prevent content capture, citing security and content protection reasons.
- Cybersecurity researcher Shaun Healin discovered a zero-day Linux kernel vulnerability CVE-202537899 using OpenAI’s 03 model.
- The vulnerability involves a use-after-free flaw in Linux’s SMB implementation, which could allow remote code execution.
- The flaw was identified by AI without additional tools and has been patched; users are advised to update systems promptly.
- Youtube Video: https://www.youtube.com/watch?v=AbqdNFHhJfE
- Youtube Channel: Hak5
- Youtube Published: Wed, 28 May 2025 17:34:53 +0000