# Tech-Radar Briefing – Donnerstag, 21. May 2026 ## 🔴 SECURITY ALERTS (20) - **Microsoft Releases Rampart And Clarity Tools To Improve AI Agent Safety** [Petri IT Knowledgebase](https://petri.com/microsoft-rampart-clarity-ai-safety-tools/) - **Microsoft Releases Mitigation for YellowKey BitLocker Bypass CVE-2026-45585 Exploit** [The Hacker News](https://thehackernews.com/2026/05/microsoft-releases-mitigation-for.html) - **How New Windows Zero-Day Bugs Bypass BitLocker and Enable SYSTEM-Level Access** [Petri IT Knowledgebase](https://petri.com/windows-zero-days-bitlocker-privilege-controls/) - **Sicherheitsupdate: Hartkodierter Schlüssel ermöglicht Zugriffe auf Apache OFBiz** [Heise Security](https://www.heise.de/news/Sicherheitsupdate-Hartkodierter-Schluessel-ermoeglicht-Zugriffe-auf-Apache-OFBiz-11300620.html) - **Node.js: Vier kritische Sicherheitslücken mit Höchstwertung in vm2 geschlossen** [Heise Security](https://www.heise.de/news/Node-js-Vier-kritische-Sicherheitsluecken-mit-Hoechstwertung-in-vm2-geschlossen-11300256.html) - **Drupal critical update to fix bug with high exploitation risk** [BleepingComputer](https://www.bleepingcomputer.com/news/security/drupal-critical-update-to-fix-bug-with-high-exploitation-risk/) - **KI-Ära: Laut Verizon mehr Angriffe über Lücken als mit gestohlenen Zugangsdaten** [Heise Security News](https://www.heise.de/news/KI-Aera-Laut-Verizon-mehr-Angriffe-ueber-Luecken-als-mit-gestohlenen-Zugangsdaten-11299991.html) - **Microsoft shares mitigation for YellowKey Windows zero-day** [BleepingComputer](https://www.bleepingcomputer.com/news/microsoft/microsoft-shares-mitigation-for-yellowkey-windows-zero-day/) - **Modernize Java in days, not months (Sponsor)** [TLDR DevOps](https://www.ibm.com/new/product-blog/how-blue-pearl-modernized-an-outdated-codebase-and-a-resolved-a-risky-security-posture-with-ibm-bob?utm_content=BOBWW&p1=Display&p2=446883403&p3=247627917) - **Single-source MCP servers fail 1 in 4 prompts. Self-built is no better (Sponsor)** [TLDR Tech](https://cloud-login.cdata.com/u/signup/identifier?state=hKFo2SB1Wmp3V3pvNUtpOUtReDZBOEdyQnRkeUJzOWc0dUdjUaFur3VuaXZlcnNhbC1sb2dpbqN0aWTZIGlFVG5XTTU1RWprNnB5Rm1lYmdQTTQtZlZsajk4akhto2NpZNkgOGR0SmJEQVZIVDBleHp2OWNQRHV4eEZCaHpxc2o3OG0) - **Clear your calendar, Drupal user: You have a critically urgent patch to install** [The Register](https://www.theregister.com/security/2026/05/19/drupal-warns-admins-to-brace-for-highly-critical-core-patch/5242728) - **Drupal to Release Urgent Core Security Updates on May 20, Sites Told to Prepare** [The Hacker News](https://thehackernews.com/2026/05/drupal-to-release-urgent-core-security.html) - **SEPPMail Secure E-Mail Gateway Vulnerabilities Enable RCE and Mail Traffic Access** [The Hacker News](https://thehackernews.com/2026/05/seppmail-secure-e-mail-gateway.html) - **Critical Microsoft Vulnerabilities Doubled: From Exposure to Escalation** [BleepingComputer](https://www.bleepingcomputer.com/news/security/critical-microsoft-vulnerabilities-doubled-from-exposure-to-escalation/) - **⚡ Weekly Recap: Exchange 0-Day, npm Worm, Fake AI Repo, Cisco Exploit and More** [The Hacker News](https://thehackernews.com/2026/05/weekly-recap-exchange-0-day-npm-worm.html) - **Ivanti, Fortinet, SAP, VMware, n8n Patch RCE, SQL Injection, Privilege Escalation Flaws** [The Hacker News](https://thehackernews.com/2026/05/ivanti-fortinet-sap-vmware-n8n-patch.html) - **Millionen-Preisgeld und Exchange-Exploit: So war die Pwn2Own 2026** [Heise Security News](https://www.heise.de/news/Millionen-Preisgeld-und-Exchange-Exploit-So-war-die-Pwn2Own-2026-11297824.html) - **Mozilla warns UK: Breaking VPNs will not magically fix Britain's age-check mess** [The Register](https://www.theregister.com/security/2026/05/18/mozilla-warns-uk-breaking-vpns-will-not-magically-fix-britains-age-check-mess/5241770) - **Zero-Day Exploit Against Windows BitLocker** [Schneier on Security](https://www.schneier.com/blog/archives/2026/05/zero-day-exploit-against-windows-bitlocker.html) - **MiniPlasma Windows 0-Day Enables SYSTEM Privilege Escalation on Fully Patched Systems** [The Hacker News](https://thehackernews.com/2026/05/miniplasma-windows-0-day-enables-system.html) ## 🔥 TOP STORIES (5) - [Microsoft Open-Sources RAMPART and Clarity to Secure AI Agents During Development](https://thehackernews.com/2026/05/microsoft-open-sources-rampart-and.html) *The Hacker News* - [MMS in Deutschland vor dem Aus](https://www.heise.de/news/MMS-in-Deutschland-vor-dem-Aus-11301494.html?wt_mc=rss.red.ho.ho.rdf.beitrag.beitrag) *Heise Online Newsticker* - [Even Claude agrees: hole in its sandbox was real and dangerous](https://www.theregister.com/security/2026/05/20/even-claude-agrees-hole-in-its-sandbox-was-real-and-dangerous/5243662) *The Register* - [Intel's CEO reveals early hiring challenges as bankruptcy concerns deterred top talent](https://www.theregister.com/systems/2026/05/20/intels-ceo-reveals-early-hiring-challenges-as-bankruptcy-concerns-deterred-top-talent/5243546) *The Register* - [OpenAI floats buy-before-your-try AI availability guarantee](https://www.theregister.com/ai-ml/2026/05/20/openai-wants-upfront-cash-for-guaranteed-ai-capacity/5243694) *The Register* ## 📊 Dein Tag in Zahlen - Neue Artikel: 408 | Security: 0 | AI: 0 - Heißester Tag: "ai" (454x)