Turn specs into evals for any agent with ASSERT
Adaptive Spec-driven Scoring for Evaluation and Regression Testing (ASSERT) is an open-source framework for converting natural language behavior requirements...
Microsoft
20 articles
June Patch Tuesday marks a ‘new normal’ with over 200 CVEs, 32 rated ‘critical’
June’s Patch Tuesday security updates have arrived, with SAP fixing four critical vulnerabilities and Microsoft addressing over 200 CVEs. Microsoft’s to-do l...
Microsoft patches Exchange Server zero-day exploited in attacks
Microsoft has patched an actively exploited Exchange Server vulnerability that allows threat actors to execute arbitrary JavaScript code in cross-site script...
Microsoft ships largest Patch Tuesday on record, with one bug under active attack
The release comes after Microsoft’s security leadership acknowledged last month that AI tools are driving a surge in vulnerability discovery across the indus...
New Browser-in-the-Browser phishing uses fake login popups to steal Microsoft 365 credentials
A new Browser-in-the-Browser (BitB) phishing campaign is targeting Microsoft 365 users with fake login popups designed to closely mimic legitimate browser au...
73 Microsoft Packages Weaponized in Password Stealer Attack
GitHub disabled 73 repositories across four Microsoft organizations Azure, Azure-Samples, microsoft, and MicrosoftDocs inside a 105-second window. Each repo ...
New Windows CTF 0-Day Vulnerability Lets Attackers Gain Elevated Privileges
Microsoft has disclosed a new zero-day vulnerability in the Windows Collaborative Translation Framework (CTFMON) that could allow attackers to gain elevated ...
New Windows Zero-Day Exploit ‘RoguePlanet’ Released
Exploiting a race condition in Microsoft Defender, the exploit leads to local privilege escalation to SYSTEM. The post New Windows Zero-Day Exploit ‘RoguePla...
Microsoft: Some Windows PCs fail to install latest monthly updates
Microsoft warned customers on Tuesday that they may have issues installing the latest monthly updates on some Windows devices that were upgraded to Windows 1...
Record Microsoft Patch Tuesday, fresh zero-day
Microsoft marked its largest-ever Patch Tuesday this month, by shipping fixes for nearly 200 vulnerabilities. Within hours, “Nightmare Eclipse”, the research...
Microsoft patches YellowKey, GreenPlasma, MiniPlasma zero-days
On Tuesday, Microsoft patched two zero-day vulnerabilities that let attackers gain SYSTEM privileges on fully patched Windows systems, and a third one that g...
Tax Phishing Emails Deliver In-Memory Malware to Windows Systems
Cybercriminals are leveraging tax-themed phishing emails to deploy sophisticated in-memory malware on Windows systems, bypassing traditional disk-based detec...
Chaotic Eclipse Unveils RoguePlanet Exploit Targeting Fully Patched Windows
The researcher Chaotic Eclipse released a PoC for the RoguePlanet Microsoft Defender zero-day, which can grant SYSTEM privileges on fully patched Windows sys...
Microsoft Patches Record 206 Flaws, Including Three Zero-Days and Critical RCE Bugs
Microsoft on Tuesday released fixes for a record 206 security vulnerabilities impacting its software portfolio, including three flaws that have been publicly...
Microsoft June 2026 Patch Tuesday Fixes 206 Flaws and 3 Zero-Days
Microsoft’s June 2026 patch Tuesday resolves 206 vulnerabilities, including 3 critical zero-days and severe 9.8 CVSS kernel, network and HTTP.
AI red teaming comes of age
When Ram Shankar Siva Kumar launched Microsoft’s AI red team in 2019, the discipline barely existed. “The running joke used to be that people who used to wor...
“AI Worms”, researchers demonstrate autonomous malware capable of adapting to any online device
A study by the University of Toronto shows how artificial intelligence can power autonomous worms capable of tailoring attacks against Windows, Linux and IoT...
Microsoft Fixes 200 CVEs in June Patch Tuesday
Microsoft has patched 200 vulnerabilities including three zero-days
Windows BitLocker 0-Day Flaw Enables Security Feature Bypass Attacks
Microsoft has disclosed a newly identified zero-day vulnerability in Windows BitLocker that could allow attackers to bypass one of the operating system’s cor...
Windows Defender Zero-Day “RoguePlanet” Lets Attackers Gain SYSTEM Privileges
A newly disclosed zero-day vulnerability dubbed “RoguePlanet” is affecting Microsoft Defender, allowing attackers to escalate privileges and obtain full SYST...