Critical Netlogon flaw is under active exploitation.

Top stories: a critical Netlogon vulnerability (CVE-2026-41089) patched in Microsoft’s May 2026 updates is being actively exploited to achieve remote code execution with SYSTEM privileges on Windows domain controllers; US military leaders are debating cautious adoption of AI for battlefield use; and California has sued 23andMe (Chrome Holding Co.) alleging inadequate security, downplaying of a 2023 breach, and payment of a ransom tied to stolen genetic data.