Microsoft KB5089573 Fixes Windows 11 Patch Tuesday Install Failures
Microsoft has released cumulative update KB5089573 for Windows 11 versions 24H2 and 25H2, aimed at improving stability and resolving installation issues repo...
Microsoft
20 articles
Windows Netlogon 0-Click RCE Vulnerability Under Active Exploitation
Microsoft’s May 2026 Patch Tuesday release has taken a critical turn after security researchers confirmed that a high-risk Windows Netlogon vulnerability is ...
Google Chrome’s DBSC Now Generally Available to Prevent Account Takeovers
Google has officially made Device Bound Session Credentials (DBSC) generally available for the Chrome browser on Windows. This architectural upgrade delivers...
Malicious npm packages abuse dependency confusion to profile developer environments
A dependency confusion campaign leveraged 33 malicious npm packages to collect reconnaissance data from developer and build environments. This report details...
Microsoft and security researcher’s dueling posts about cybersecurity disclosures get nasty
Microsoft and a prominent cybersecurity researcher have gotten into a very public and rather personal exchange of unpleasantries about what responsible cyber...
Microsoft is named a Leader in the 2026 Gartner® Magic Quadrant™ for Endpoint Protection
Microsoft is named a Leader in the 2026 Gartner® Magic Quadrant™ for Endpoint Protection. The post Microsoft is named a Leader in the 2026 Gartner® Magic Qua...
Prison communication service Pay Tel exposed hundreds of thousands of driver's licenses
Cybersecurity firm UpGuard discovered an unprotected Microsoft Azure server managed by Pay Tel containing at least 300,000 driver's license scans and other g...
Microsoft calls zero-day releases ‘never justifiable’ as researcher threatens to drop more
Each vulnerability was published with working proof-of-concept code to the Microsoft-owned code repository GitHub, making them immediately available to both ...
Ransomware Abuses SYSTEM Task to Encrypt Drives with Elevated Privileges
A newly analyzed ransomware strain, “The Gentlemen,” is raising concern among security researchers due to its ability to combine strong encryption with aggre...
Microsoft Calls the Zero-Day Dumps Irresponsible. The Researcher Says Microsoft Started It.
A researcher dropped 6 Windows zero-days with no warning. Three are now exploited in the wild.
Notepad++ vulnerabilities could enable arbitrary code execution on Windows systems
Two arbitrary code execution vulnerabilities in Notepad++ let local attackers run commands of their choice on Windows machines by tampering with the editor’s...
Microsoft 365 Copilot redesign brings context and actions into one workspace
Microsoft 365 Copilot, an AI assistant that helps people write, summarize, analyze information, and complete work tasks, has been redesigned. It now serves a...
The Gentlemen are coming for your files, and then your network
Ransomware operators have spent years refining the art of locking files. Now, some are working harder to get those lockers to every reachable system first.
MicrosoftSystem64 Malware Abuses Hugging Face for Stealthy Data Theft
A sophisticated supply chain attack targeting the npm ecosystem has been uncovered, involving a malicious package named js-logger-pack that evolved into a po...
Product showcase: TotalAV helps iOS users clean up their digital mess
TotalAV Mobile Security helps protect devices from malicious websites, SMS scams, unsafe public Wi-Fi networks, and exposed credentials. The app is available...
Malicious RVTools Installer Uses Sectigo Cert to Evade SmartScreen
A malicious fake RVTools installer is abusing a legitimately issued Sectigo code‑signing certificate to slip past Microsoft Defender SmartScreen and many end...
Typosquatted npm packages used to steal cloud and CI/CD secrets
The Mini Shai-Hulud campaign used malicious npm packages to target cloud and CI/CD credentials across developer environments. This report details the attack ...
[remote] Microsoft - NTLMv2 Hash Capture
Microsoft - NTLMv2 Hash Capture
Resecurity Supports Microsoft DCU in Disrupting Fox Tempest ’s Cybercriminal Code-Signing Ecosystem
Microsoft and Resecurity disrupted Fox Tempest, a malware-signing service that used fake Microsoft certificates to make malware look legitimate. Resecurity s...
The Gentlemen ransomware: Dissecting a self-propagating Go encryptor
Microsoft Threat Intelligence presents a comprehensive analysis of The Gentlemen, a Go-based ransomware deployed by affiliates of Storm-2697 that combines pe...