Skip to main content
COSMICBYTEZLABS
NewsSecurityHOWTOsToolsTraining
StudyProjectsNewsletterHire MeAbout
Subscribe

Press Enter to search or Esc to close

News
Security
HOWTOs
Tools
Training
Study
Projects
Newsletter
Hire Me
About
RSS Feed
Reading List
Subscribe

Stay in the Loop

Get the latest security alerts, tutorials, and tech insights delivered to your inbox.

Subscribe NowFree forever. No spam.
COSMICBYTEZLABS

Your trusted source for IT intelligence, cybersecurity insights, and hands-on technical guides.

1941+ Articles
150+ Guides

CONTENT

  • Latest News
  • Security Alerts
  • HOWTOs
  • Checklists
  • Projects
  • Exam Prep

RESOURCES

  • Search
  • Browse Tags
  • Newsletter Archive
  • Reading List
  • RSS Feed

COMPANY

  • About Us
  • Contact
  • Privacy Policy
  • Terms of Service

© 2026 CosmicBytez Labs. All rights reserved.

System Status: Operational
All tags
119 articles

#Microsoft

All CosmicBytez Labs articles tagged #Microsoft, across news, security advisories, how-to guides, and projects.

  • NewsJul 15, 2026

    Researcher Drops New Windows Zero-Day PoC Hours After Microsoft Patch Tuesday

    Security researcher Chaotic Eclipse released LegacyHive, a proof-of-concept exploit for a Windows User Profile Service privilege escalation vulnerability, just hours after Microsoft's July 2026 Patch Tuesday release.

  • NewsJul 14, 2026

    Microsoft Maps Three Salesforce Attack Paths Tied to a Year of ShinyHunters Activity

    Microsoft has detailed three distinct attack paths used by actors aligned with ShinyHunters to infiltrate corporate Salesforce environments over the past year — none of which required exploiting any vulnerability in the Salesforce platform itself.

  • SecurityJul 14, 2026

    CVE-2026-56155: Microsoft AD FS Access Control Flaw Enables Golden SAML Attacks

    Microsoft's July 2026 Patch Tuesday fixes CVE-2026-56155, an actively exploited privilege escalation flaw in Active Directory Federation Services. Attackers exploit overly permissive ACLs on the DKM container to forge SAML tokens and compromise hybrid identity infrastructure. CISA added it to KEV with a July 28 federal deadline.

  • NewsJul 13, 2026

    Breach at the Beach: Play the Ultimate Entra ID CTF

    Varonis has launched Breach at the Beach, a free hands-on Capture the Flag competition designed to teach defenders how attackers abuse Microsoft Entra ID through realistic attack scenarios — from privilege escalation to lateral movement across identity systems.

  • NewsJul 10, 2026

    Microsoft Reins in RoguePlanet Zero-Day After Public PoC Release

    Researcher 'Nightmare-Eclipse' published a proof-of-concept exploit for a Windows Defender vulnerability in early June after dropping several other...

  • NewsJul 9, 2026

    'GodDamn' Ransomware Uses BYOVD Technique to Kill Security Software at US Companies

    A new ransomware strain dubbed 'GodDamn' is leveraging a Microsoft-signed malicious kernel driver through the Bring Your Own Vulnerable Driver technique...

  • NewsJul 9, 2026

    Microsoft Patches RoguePlanet Zero-Day in Windows Defender After Public PoC

    Microsoft has patched a Windows Defender zero-day vulnerability dubbed RoguePlanet after researcher 'Nightmare-Eclipse' released a working...

  • NewsJul 9, 2026

    GigaWiper: New Windows Backdoor Bundles Disk Wiping, Fake Ransomware, and Spyware

    Microsoft has dissected GigaWiper, a destructive Windows backdoor that combines three distinct destructive capabilities — full disk wiping, fake...

  • NewsJul 4, 2026

    ARToken PhaaS Exposes EvilTokens' Microsoft 365 Phishing Toolkit with AI-Powered BEC

    Cisco Talos has uncovered ARToken, a Phishing-as-a-Service platform affiliated with EvilTokens that weaponizes Microsoft's OAuth device code flow to...

  • SecurityJul 3, 2026

    CVE-2026-41106: M365 Copilot Open Redirect Allows Unauthenticated Privilege Escalation

    A critical open redirect vulnerability in Microsoft 365 Copilot rated CVSS 9.3 enables unauthenticated attackers to perform privilege escalation over the...

  • NewsJul 2, 2026

    CISA: Microsoft SharePoint RCE Flaw Now Actively Exploited

    CISA added CVE-2026-45659 to its Known Exploited Vulnerabilities catalog, confirming active in-the-wild exploitation of a high-severity SharePoint...

  • NewsJul 2, 2026

    SharePoint RCE CVE-2026-45659 Added to CISA KEV After Active Exploitation

    CISA has added a high-severity Microsoft SharePoint Server remote code execution vulnerability to its Known Exploited Vulnerabilities catalog following...

  • NewsJun 30, 2026

    BlueHammer Vulnerability Exploited in Ransomware Attacks Before Microsoft Patch

    The Microsoft Defender vulnerability CVE-2026-33825 was actively exploited as a zero-day by ransomware groups before Microsoft had the chance to release a...

  • NewsJun 30, 2026

    CISA: Windows BlueHammer Flaw Now Exploited by Ransomware Gangs

    CISA has confirmed that ransomware gangs are actively exploiting BlueHammer, a Microsoft Defender privilege escalation vulnerability previously used in...

  • NewsJun 29, 2026

    Malicious Perplexity Chrome Extension Intercepted Searches and Address Bar Input

    Microsoft uncovered a fake Perplexity AI Chrome extension that silently captured every search query and address bar keystroke, routing the data to an...

  • NewsJun 29, 2026

    In a First, a Court Takedown Goes After Two Cybercrime Tools at Once

    Microsoft and Europol dismantled both StealC and Amadey simultaneously in a single RICO filing — the first time a court-authorized takedown has targeted...

  • NewsJun 25, 2026

    Malicious Edge Extension "Edgecution" Abuses Native Messaging to Deploy Ransomware Backdoor

    Zscaler researchers exposed 'Edgecution', a rogue Microsoft Edge extension that exploits Chrome's Native Messaging protocol to escape the browser sandbox...

  • NewsJun 25, 2026

    Three 'Cybercrime-as-a-Service' Operations Undercut by Microsoft and Law Enforcement

    A two-week joint operation by Microsoft and Europol dismantled three major malware-as-a-service platforms — StealC, Amadey, and SocGholish — seizing 326...

  • NewsJun 24, 2026

    Amadey and StealC Malware Networks Disrupted, 27 Million Stolen Credentials Recovered

    A coordinated law enforcement operation backed by Bitdefender, Bitsight, ESET, and Microsoft has dismantled the infrastructure powering Amadey and StealC,...

  • NewsJun 24, 2026

    Amadey and StealC Malware Operations Disrupted in Operation Endgame Action

    Microsoft, Europol, and international law enforcement partners have dismantled infrastructure supporting the Amadey malware loader and StealC infostealer...

  • NewsJun 24, 2026

    Edgecution: Malicious Edge Extension Escapes Browser Sandbox via Native Messaging

    A malicious Microsoft Edge extension dubbed 'Edgecution' abused the Native Messaging API to escape the browser sandbox and deliver a Python backdoor used...

  • NewsJun 24, 2026

    Microsoft and Europol Dismantle Three Cybercrime-as-a-Service Operations

    Microsoft and Europol jointly targeted the full CaaS supply chain, seizing 300+ servers and disrupting SocGholish, Amadey, and StealC malware infrastructure.

  • NewsJun 22, 2026

    Microsoft Fixes AutoGen Studio Flaw That Enabled Code Execution

    Microsoft has patched the AutoJack vulnerability chain in AutoGen Studio, its AI agent prototyping interface, which allowed attackers to manipulate agents...

  • NewsJun 22, 2026

    Microsoft Says Windows 11 26H2 Is Coming Soon, Details Upgrade Process

    Microsoft has confirmed Windows 11 version 26H2 as the next feature update, with devices running 24H2 and 25H2 able to upgrade via a lightweight...

  • NewsJun 22, 2026

    A Record-Breaking Patch Tuesday for June 2026

    Microsoft's June 2026 Patch Tuesday addressed nearly 200 security vulnerabilities — the highest single-month patch count in the company's history —...

  • NewsJun 21, 2026

    Microsoft Links Mastra AI Supply Chain Attack to North Korean Hackers

    Microsoft has attributed a 88-minute automated supply chain attack against 142 Mastra AI npm packages — with over 1.1 million combined weekly downloads —...

  • NewsJun 21, 2026

    Microsoft June 2026 Updates Break Recycle Bin Confirmation Prompts on All Windows Versions

    A bug introduced by June 2026 security updates causes Windows to display internal $R filenames instead of original filenames in the Recycle Bin deletion...

  • NewsJun 19, 2026

    AutoJack Attack Lets One Web Page Hijack AI Agent for Host Code Execution

    Microsoft researchers have detailed AutoJack, a novel exploit chain that turns AI browsing agents into delivery vehicles for remote code execution by...

  • NewsJun 19, 2026

    Microsoft Details Windows Clipper Malware Campaign Using USB LNK Worm and Tor-Based C2

    Microsoft Threat Intelligence has exposed a cryptocurrency clipboard-hijacking campaign active since February 2026 that spreads via malicious USB LNK...

  • NewsJun 17, 2026

    Microsoft Teams Relay Servers Abused in DragonForce Ransomware Attack

    Security researchers have uncovered a DragonForce ransomware attack deploying a new Go-based backdoor that uses Microsoft Teams relay infrastructure for...

  • NewsJun 17, 2026

    Microsoft Working on Defender Patch for RoguePlanet Zero-Day

    Microsoft has confirmed it is developing a security patch for the RoguePlanet zero-day vulnerability in Windows Defender, disclosed publicly last week,...

  • NewsJun 16, 2026

    Fake Microsoft Security Alerts Used to Deploy North Korean NarwhalRAT Malware

    North Korean state-sponsored group APT37 (ScarCruft) is conducting spear-phishing campaigns impersonating Microsoft Account security notifications to...

  • NewsJun 16, 2026

    DragonForce Ransomware Hides C2 Traffic Inside Microsoft Teams Relays

    DragonForce ransomware operators deployed a custom implant called Backdoor.Turn to camouflage command-and-control communications inside legitimate...

  • NewsJun 15, 2026

    SearchLeak: New Attack Turned Microsoft 365 Copilot into 1-Click Data Theft Tool

    Researchers disclosed SearchLeak, a critical vulnerability chain in Microsoft 365 Copilot Enterprise that allows attackers to steal sensitive data from a...

  • NewsJun 13, 2026

    In Other News: Google Security Layoffs, AudiA6 Takedown, $400M Coupang Fine

    This week's security roundup covers Google's controversial security team layoffs, Europol's dismantling of the AudiA6 ransomware crypto laundering...

  • NewsJun 11, 2026

    Microsoft Patches Exploited Exchange Server Vulnerability CVE-2026-42897

    Microsoft has released a patch for CVE-2026-42897, an Exchange Server zero-day that has been under active exploitation since at least May 14, 2026. The...

  • NewsJun 10, 2026

    Microsoft Defender RoguePlanet Zero-Day Grants SYSTEM Access on Updated Windows

    Anonymous researcher Chaotic Eclipse released a PoC exploit for a new Microsoft Defender zero-day named RoguePlanet. The race condition flaw grants SYSTEM...

  • NewsJun 10, 2026

    Microsoft Patches Record 206 Flaws Including Three Zero-Days and Critical RCE Bugs

    Microsoft's June 2026 Patch Tuesday is the largest single release on record, fixing 206 vulnerabilities across its software portfolio — including three...

  • NewsJun 10, 2026

    Microsoft Patches YellowKey, GreenPlasma, and MiniPlasma Zero-Days

    Microsoft's June 2026 Patch Tuesday fixes three actively exploited Windows zero-days: two SYSTEM privilege escalation flaws and a BitLocker bypass...

  • SecurityJun 9, 2026

    CVE-2026-11645: Google Chromium V8 Out-of-Bounds Read and Write Vulnerability

    A critical out-of-bounds read and write vulnerability in the Chromium V8 engine allows remote attackers to execute arbitrary code inside a sandbox via a...

  • NewsJun 6, 2026

    Miasma Worm Hits 73 Microsoft GitHub Repositories in Major Supply Chain Attack

    Microsoft's GitHub presence has become the latest target of the self-replicating Miasma supply chain worm, with 73 repositories across Azure, Azure-Samples…

  • NewsJun 5, 2026

    Chinese APT UNC5221 Deploys Three New Malware Families to Maintain M365 Access

    Chinese espionage group UNC5221 is actively using the Brickstorm backdoor alongside two newly discovered malware families — Plenet and AgentPSD — to maintain…

  • NewsJun 2, 2026

    One Line of Code Put Billions of Microsoft Android App Downloads at Risk

    A single development-mode setting left in production code bypassed Android protections designed to prevent unauthorized apps from accessing Microsoft account…

  • NewsJun 2, 2026

    Microsoft's Coreutils Project Brings Linux Commands to Windows

    Microsoft announced Coreutils for Windows at Build 2026, bringing widely used Linux command-line utilities — ls, grep, cat, awk, and more — to Windows as…

  • NewsJun 1, 2026

    Microsoft Says It Will Not Pursue Security Researchers After Zero-Day Backlash

    Following intense backlash from the security research community over Microsoft's removal of GitHub researcher accounts and statements labeling zero-day…

  • NewsJun 1, 2026

    Microsoft's Zero-Day Legal Threats Spark Backlash

    After a disgruntled security researcher published several unpatched zero-day exploits in recent weeks, Microsoft seemingly indicated that criminal charges…

  • NewsMay 29, 2026

    Microsoft Says Zero-Day Public Releases Are 'Never Justifiable' as Researcher Threatens More Drops

    Microsoft publicly condemned unauthorized zero-day disclosures as 'never justifiable' after a security researcher published working proof-of-concept...

  • NewsMay 28, 2026

    Microsoft Slams Public Zero-Day Disclosures Amid GitHub Researcher Account Removal

    Microsoft condemns uncoordinated public zero-day disclosure, urging the security community to adopt CVD after removing a researcher's GitHub account.

  • NewsMay 26, 2026

    Microsoft: Domain Controller Lookup May Fail on Windows

    Microsoft has confirmed a new known issue affecting Windows Server 2016 systems where domain controller lookups fail after installing the KB5087537 May 2026.

  • NewsMay 26, 2026

    Microsoft Patches SharePoint RCE Flaw CVE-2026-45659 Across

    Microsoft has released updates fixing CVE-2026-45659, a CVSS 8.8 remote code execution vulnerability in SharePoint Server that requires no specialized.

  • NewsMay 22, 2026

    FBI Warns of Kali365 Phishing-as-a-Service Targeting

    The FBI has published an advisory on Kali365, a Telegram-based phishing-as-a-service platform that captures legitimate OAuth tokens to gain persistent...

  • NewsMay 22, 2026

    Microsoft Warns of Two Actively Exploited Defender

    Microsoft has disclosed two Windows Defender vulnerabilities under active exploitation in the wild, including CVE-2026-41091 — a privilege escalation flaw...

  • NewsMay 21, 2026

    Microsoft Warns of New Defender Zero-Days Exploited in Attacks

    Microsoft has issued emergency patches for two Windows Defender vulnerabilities that were actively exploited as zero-days before fixes were available....

  • NewsMay 19, 2026

    Cybercrime Service Disrupted for Abusing Microsoft Platform

    Microsoft has disrupted a malware-signing-as-a-service operation that exploited the company's Artifact Signing service to produce fraudulent code-signing...

  • NewsMay 18, 2026

    Microsoft Exchange Zero-Day Under Attack, No Patch Available

    A zero-day XSS vulnerability in Microsoft Exchange Server (CVE-2026-42897) is being actively exploited in the wild, allowing attackers to compromise...

  • NewsMay 18, 2026

    MiniPlasma Windows 0-Day Enables SYSTEM Privilege

    A new Windows kernel privilege escalation zero-day dubbed MiniPlasma, released by researcher Chaotic Eclipse, grants SYSTEM-level access on fully patched...

  • NewsMay 17, 2026

    Microsoft Backpedals: Edge to Stop Loading Cleartext

    Microsoft is reversing course on a controversial Edge browser behavior that loaded all saved passwords into process memory in cleartext at startup — a...

  • NewsMay 17, 2026

    New Windows ''MiniPlasma'' Zero-Day Exploit Gives SYSTEM

    A cybersecurity researcher has released a proof-of-concept exploit for a Windows privilege escalation zero-day dubbed MiniPlasma that lets attackers gain...

  • NewsMay 17, 2026

    Tycoon2FA Hijacks Microsoft 365 Accounts via Device-Code

    The Tycoon2FA phishing-as-a-service platform has added device-code phishing to its arsenal and abuses Trustifi click-tracking URLs to bypass Microsoft 365...

  • NewsMay 16, 2026

    Microsoft Rejects Critical Azure Vulnerability Report, No

    A security researcher claims Microsoft silently patched an Azure Backup for AKS vulnerability after rejecting his disclosure report — issuing no CVE and...

  • NewsMay 16, 2026

    Microsoft Warns of Exchange Server Zero-Day Exploited in the Wild

    Microsoft has shared mitigations for CVE-2026-42897 until a permanent patch can be released for affected Exchange Server versions actively being targeted...

  • NewsMay 15, 2026

    Microsoft Exchange, Windows 11 Hacked on Second Day of Pwn2Own

    On day two of Pwn2Own Berlin 2026, competitors demonstrated 15 unique zero-day vulnerabilities and collected $385,750 in awards, successfully exploiting...

  • NewsMay 15, 2026

    Microsoft Warns of Exchange Zero-Day Flaw Exploited in Attacks

    Microsoft shared mitigations for a high-severity Exchange Server vulnerability being actively exploited that allows threat actors to execute arbitrary...

  • NewsMay 14, 2026

    Windows Zero-Days Expose BitLocker Bypasses and CTFMON

    An anonymous researcher has publicly disclosed two new unpatched Windows zero-days — YellowKey enabling BitLocker bypass and GreenPlasma targeting CTFMON...

  • NewsMay 13, 2026

    Microsoft May 2026 Patch Tuesday: 137 Flaws Fixed, Zero

    Microsoft's May 2026 Patch Tuesday addresses 137 vulnerabilities including nine critical flaws — but for the first time in two years, not a single...

  • NewsMay 13, 2026

    Microsoft May 2026 Patch Tuesday Fixes 120 Flaws, No

    Microsoft's May 2026 Patch Tuesday delivers security updates for 120 vulnerabilities across Windows, Edge, Office, Azure, and more — with no zero-days...

  • NewsMay 13, 2026

    Microsoft Patches 138 Vulnerabilities Including DNS and Netlogon RCE Flaws

    Microsoft's May 2026 Patch Tuesday addresses 138 security vulnerabilities across its product portfolio, including 30 rated Critical — with notable DNS...

  • NewsMay 13, 2026

    Windows BitLocker Zero-Day Gives Access to Protected

    A cybersecurity researcher has published proof-of-concept exploits for two unpatched Windows vulnerabilities — YellowKey (BitLocker bypass) and...

  • NewsMay 2, 2026

    Microsoft Tests Modern Windows Run Dialog With Dark Mode

    Microsoft is testing a redesigned Run dialog for Windows 11 that brings dark mode support and improved performance over the legacy Win+R dialog that has...

  • NewsApr 29, 2026

    CISA Adds Actively Exploited ConnectWise and Windows Flaws

    CISA has added two actively exploited vulnerabilities to its Known Exploited Vulnerabilities catalog — CVE-2024-1708 affecting ConnectWise ScreenConnect...

  • NewsApr 26, 2026

    Microsoft Now Lets Admins Uninstall Copilot on Enterprise

    Following the April 2026 Patch Tuesday, Microsoft has made broadly available a new MDM policy setting that enables IT administrators to fully uninstall...

  • NewsApr 26, 2026

    Microsoft Patch Tuesday, March 2026 Edition

    Microsoft patched 77 security vulnerabilities in March 2026 with no actively exploited zero-days, a welcome reprieve following February's five-zero-day...

  • NewsApr 26, 2026

    Patch Tuesday, April 2026 Edition

    Microsoft released patches for 167 security vulnerabilities in April 2026, including an actively exploited SharePoint Server zero-day and the publicly...

  • NewsApr 25, 2026

    Microsoft Rolls Out Revamped Windows Insider Program

    Microsoft is rolling out a revamped Windows Insider Program experience as part of broader plans to address performance and reliability concerns affecting...

  • NewsApr 25, 2026

    Microsoft to Roll Out Entra Passkeys on Windows in Late

    Microsoft is rolling out passkey support for phishing-resistant passwordless authentication to Microsoft Entra-protected resources from Windows devices...

  • NewsApr 24, 2026

    Windows Update Gets New Controls to Reduce Forced Restarts

    Microsoft is rolling out Windows Update improvements that give users more control over how updates are installed while reducing disruption from frequent...

  • SecurityApr 24, 2026

    CVE-2026-24303: Microsoft Partner Center Privilege

    A critical privilege escalation vulnerability in Microsoft Partner Center allows an authorized attacker to elevate their privileges over a network,...

  • SecurityApr 24, 2026

    CVE-2026-32210: Microsoft Dynamics 365 Online SSRF Enables

    A critical server-side request forgery vulnerability in Microsoft Dynamics 365 (Online) allows an unauthenticated remote attacker to perform spoofing over...

  • NewsApr 22, 2026

    Microsoft Teams to Get Efficiency Mode for Low-Resource PCs

    Microsoft is rolling out a new Efficiency Mode for Microsoft Teams that automatically throttles CPU and memory usage on hardware-constrained devices,...

  • NewsApr 22, 2026

    Over 1,300 Microsoft SharePoint Servers Vulnerable to Ongoing Spoofing Attacks

    More than 1,300 internet-facing Microsoft SharePoint servers remain unpatched against a spoofing vulnerability exploited as a zero-day, with active...

  • NewsApr 20, 2026

    Microsoft Releases Emergency Updates to Fix Windows Server

    Microsoft released out-of-band updates to address critical issues affecting Windows Server systems that emerged after the installation of April 2026 Patch...

  • NewsApr 19, 2026

    Microsoft Drops Its Second-Largest Monthly Patch Batch on Record

    Microsoft's April 2026 Patch Tuesday addressed 169 CVEs — the second-largest monthly update in company history — including one actively exploited...

  • NewsApr 19, 2026

    Microsoft Issues Patches for SharePoint Zero-Day and 168

    Microsoft's April 2026 Patch Tuesday addresses a record 169 security vulnerabilities including a SharePoint zero-day actively exploited in the wild, 8...

  • NewsApr 19, 2026

    Microsoft, Salesforce Patch AI Agent Data Leak Flaws

    Prompt injection vulnerabilities in Salesforce Agentforce and Microsoft Copilot would have allowed unauthenticated attackers to exfiltrate sensitive CRM...

  • NewsApr 19, 2026

    ThreatsDay Bulletin: Defender 0-Day, SonicWall Brute-Force

    This week's threat roundup covers an unpatched Microsoft Defender zero-day, active SonicWall brute-force campaigns, a 17-year-old Excel RCE vulnerability...

  • NewsApr 17, 2026

    Recently Leaked Windows Zero-Days Now Exploited in Active

    Threat actors are actively exploiting three recently disclosed Windows security vulnerabilities that allow attackers to gain SYSTEM or elevated...

  • NewsApr 17, 2026

    Three Microsoft Defender Zero-Days Actively Exploited; Two

    Huntress is warning that threat actors are actively exploiting three privilege escalation vulnerabilities in Microsoft Defender — codenamed BlueHammer,...

  • NewsApr 9, 2026

    Microsoft Suspends Dev Accounts for High-Profile Open

    Microsoft has suspended developer accounts used to maintain several prominent open-source projects without prior notice or a quick reinstatement path,...

  • NewsApr 7, 2026

    Authorities Disrupt APT28 Router DNS Hijacks Targeting

    An international law enforcement operation has dismantled FrostArmada, an APT28 campaign that hijacked DNS on compromised MikroTik and TP-Link routers to...

  • NewsApr 7, 2026

    Medusa Ransomware Exploits Zero-Days to Deploy Ransomware

    Microsoft has raised the alarm over Medusa ransomware's unprecedented operational speed, with the group now exploiting zero-day vulnerabilities before...

  • NewsApr 7, 2026

    Storm-1175 Deploys Medusa Ransomware at 'High Velocity'

    Microsoft says the financially motivated cybercrime group Storm-1175, linked to China, has exploited N-day and zero-day vulnerabilities in high-velocity...

  • NewsApr 6, 2026

    Disgruntled Researcher Leaks BlueHammer Windows Zero-Day

    A security researcher operating under the aliases 'Chaotic Eclipse' and 'Nightmare-Eclipse' has publicly released exploit code for an unpatched Windows...

  • NewsApr 6, 2026

    Medusa Ransomware Group Exploits Zero-Days to Strike Within

    Microsoft warns that Medusa ransomware operators are exploiting zero-day vulnerabilities approximately one week before public disclosure, enabling the...

  • NewsApr 6, 2026

    Microsoft Links Storm-1175 to Medusa Ransomware Zero-Day

    Microsoft has formally attributed Medusa ransomware zero-day attacks to Storm-1175, a China-based financially motivated cybercriminal group that has...

  • NewsApr 4, 2026

    Microsoft Details Cookie-Controlled PHP Web Shells

    Microsoft Defender researchers have documented a stealthy PHP web shell technique that uses HTTP cookies as a covert command-and-control channel on Linux...

  • NewsApr 3, 2026

    Microsoft Now Force-Upgrades Unmanaged Windows 11 24H2 PCs

    Microsoft has begun automatically upgrading unmanaged Windows 11 Home and Pro devices from 24H2 to 25H2, removing user choice from the update process for...

  • SecurityApr 3, 2026

    CVE-2026-26135: Azure Custom Locations SSRF Enables

    A critical server-side request forgery vulnerability in Azure Custom Locations Resource Provider allows an authorized attacker to elevate privileges over...

  • NewsMar 19, 2026

    CISA Adds Zimbra XSS and SharePoint RCE to KEV; Cisco FMC

    CISA added actively exploited Zimbra Collaboration Suite and Microsoft SharePoint vulnerabilities to its Known Exploited Vulnerabilities catalog on March...

  • NewsMar 17, 2026

    Microsoft Shares Fix for Windows C: Drive Access Issues on Samsung PCs

    Microsoft has published a multi-step recovery procedure for Samsung Galaxy Book 4 laptops running Windows 11 24H2/25H2 where the Samsung Galaxy Connect...

  • NewsMar 17, 2026

    Microsoft Halts Forced Global Rollout of Microsoft 365

    Microsoft has stopped automatically installing the Microsoft 365 Copilot app on Windows devices outside the European Economic Area, reversing a bundling...

  • NewsMar 16, 2026

    Stryker Cyberattack Wiped Tens of Thousands of Devices — No

    A cyberattack on medical technology giant Stryker remotely wiped tens of thousands of employee devices using only legitimate Microsoft tools — no malware...

  • NewsMar 15, 2026

    Windows 11 February Update Breaks C:\ Drive Access on Samsung PCs

    Microsoft is investigating a new bug affecting Samsung laptops after the February 2026 security update — some users are unable to access their C: drive...

  • NewsMar 14, 2026

    Microsoft Releases Windows 11 OOB Hotpatch to Fix Three

    Microsoft has pushed an out-of-band hotpatch (KB5084597) to Windows 11 Enterprise devices to address three integer-overflow RCE flaws in RRAS, one rated...

  • NewsMar 4, 2026

    Europol-Coordinated Action Dismantles Tycoon2FA — 330

    An international coalition led by Europol and Microsoft has taken down Tycoon2FA, a phishing-as-a-service platform responsible for 87.5 million phishing...

  • SecurityFeb 25, 2026

    Microsoft MSHTML Framework Security Feature Bypass

    An actively exploited protection mechanism failure in the Windows MSHTML (Trident) engine allows attackers to bypass browser security zones and shell...

  • SecurityFeb 25, 2026

    Microsoft Office Word OLE Security Feature Bypass

    An actively exploited zero-day in Microsoft Word allows attackers to bypass OLE protections and execute malicious Office documents silently, without...

  • SecurityFeb 20, 2026

    Microsoft February 2026 Patch Tuesday Fixes Six Actively

    Microsoft's February 2026 Patch Tuesday addresses roughly 60 vulnerabilities including six actively exploited zero-days across Windows, Office, and Azure...

  • SecurityFeb 20, 2026

    Critical RCE in Microsoft Semantic Kernel Python SDK

    A maximum-severity code injection vulnerability in Microsoft's Semantic Kernel Python SDK allows authenticated attackers to execute arbitrary code through...

  • NewsFeb 17, 2026

    Adani Pledges $100 Billion for Renewable-Powered AI Data

    Indian conglomerate Adani announces a massive $100 billion investment to develop renewable energy-powered AI data centers across India, partnering with...

  • NewsFeb 17, 2026

    Microsoft Discovers 'AI Recommendation Poisoning' via Chatbot Prompts

    Microsoft's Defender team tracked over 50 unique prompt injection payloads from 31 companies using 'Summarize with AI' buttons to manipulate chatbot...

  • SecurityFeb 15, 2026

    GitHub Copilot Command Injection Flaws Enable Remote Code

    Multiple high-severity command injection vulnerabilities discovered in GitHub Copilot extensions for VS Code, Visual Studio, and JetBrains could allow...

  • SecurityFeb 11, 2026

    Microsoft Patch Tuesday February 2026: 6 Actively Exploited

    Microsoft's February 2026 Patch Tuesday addresses 60 vulnerabilities including 6 actively exploited zero-days and 3 publicly disclosed issues, with...

  • NewsFeb 10, 2026

    Microsoft Hit by Back-to-Back Outages: M365 Admin Center

    Microsoft 365 admin center is experiencing degraded access across North America, just days after a major Azure infrastructure outage knocked out VMs, AKS,...

  • SecurityFeb 10, 2026

    Windows SmartScreen Bypass Under Active Exploitation

    Actively exploited Windows Shell vulnerability bypasses SmartScreen protection, allowing malicious files to execute without security warnings. Patch...

  • SecurityFeb 5, 2026

    Microsoft Exchange Server SSRF to RCE Chain Actively

    A server-side request forgery vulnerability in Exchange Server is being chained with deserialization flaws for unauthenticated remote code execution....

  • SecurityFeb 4, 2026

    CISA Adds Four Critical Vulnerabilities to KEV Catalog

    CISA has updated the Known Exploited Vulnerabilities catalog with four actively exploited flaws including Microsoft Office and SmarterMail vulnerabilities.

  • NewsFeb 1, 2026

    Microsoft Announces Major Security Features for Copilot

    New AI-powered threat detection and automated incident response capabilities coming to Microsoft 365 E5 subscribers this quarter.

  • NewsJan 20, 2026

    AI-Powered Phishing Achieves 54% Click-Through Rate

    Microsoft reveals adversaries using AI for automated vulnerability discovery, phishing campaigns, and malware generation. AI-crafted phishing emails...

  • SecurityJan 14, 2026

    Microsoft January 2026 Patch Tuesday: 114 Flaws Fixed, One

    Microsoft's first security update of 2026 addresses 114 vulnerabilities including three zero-days. One flaw is actively exploited in the wild with CISA...