1906 items
Unread (2153) All Dismissed
HIGH
CVE-2026-40819 (CVSS 7.5) — An unauthenticated remote attacker can exploit an unauthenticated SQL Injection vulnerability in the...
NVD CVE-2026-40819 10d ago
HIGH
CVE-2026-40818 (CVSS 7.5) — An unauthenticated remote attacker can exploit an unauthenticated SQL Injection vulnerability in the...
NVD CVE-2026-40818 10d ago
HIGH
CVE-2026-40817 (CVSS 7.5) — An unauthenticated remote attacker can exploit an unauthenticated SQL Injection vulnerability in the...
NVD CVE-2026-40817 10d ago
HIGH
CVE-2026-40816 (CVSS 7.5) — An unauthenticated remote attacker can exploit an unauthenticated SQL Injection vulnerability in the...
NVD CVE-2026-40816 10d ago
HIGH
CVE-2026-40815 (CVSS 7.5) — An unauthenticated remote attacker can exploit an unauthenticated SQL Injection vulnerability in the...
NVD CVE-2026-40815 10d ago
HIGH
CVE-2026-40814 (CVSS 7.5) — An unauthenticated remote attacker can exploit an unauthenticated SQL Injection vulnerability in the...
NVD CVE-2026-40814 10d ago
HIGH
CVE-2026-40813 (CVSS 7.5) — An unauthenticated remote attacker can exploit an unauthenticated SQL Injection vulnerability in the...
NVD CVE-2026-40813 10d ago
HIGH
CVE-2026-40812 (CVSS 7.5) — An unauthenticated remote attacker can exploit an unauthenticated SQL Injection vulnerability in the...
NVD CVE-2026-40812 10d ago
HIGH
CVE-2026-40811 (CVSS 7.5) — An unauthenticated remote attacker can exploit an unauthenticated SQL Injection vulnerability in the...
NVD CVE-2026-40811 10d ago
HIGH
CVE-2026-40810 (CVSS 7.5) — An unauthenticated remote attacker can exploit an unauthenticated SQL Injection vulnerability in the...
NVD CVE-2026-40810 10d ago
HIGH
CVE-2026-3375 (CVSS 7.2) — The LiteSpeed Cache plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the /wp-js...
NVD CVE-2026-3375 10d ago
HIGH
CVE-2025-41670 (CVSS 7.8) — A local user with low privileges may be able to influence the behavior of a privileged system servic...
NVD CVE-2025-41670 10d ago
HIGH
CVE-2025-41669 (CVSS 8.8) — The Web-based Management allows a remote low privileged Engineer user to install additional APPs on ...
NVD CVE-2025-41669 10d ago
HIGH
Microsoft shares mitigation for YellowKey Windows zero-day
BleepingComputer breachesransomwaresupply-chain +48 17d ago
INFO
Azerbaijani Energy Firm Hit by Repeated Microsoft Exchange Exploitation
The Hacker News 24d ago
INFO
Microsoft's MDASH AI System Finds 16 Windows Flaws Fixed in Patch Tuesday
The Hacker News 24d ago
HIGH
Windows Zero-Days Expose BitLocker Bypasses And CTFMON Privilege Escalation
The Hacker News 23d ago
INFO
Zero-Day Exploit Against Windows BitLocker
rss:schneier 19d ago
INFO
Compromised Nx Console 18.95.0 Targeted VS Code Developers with Credential Stealer
The Hacker News 18d ago
INFO
The New Phishing Click: How OAuth Consent Bypasses MFA
The Hacker News 18d ago
INFO
Legacy Windows Tool MSHTA Fuels Surge in Silent Malware Attacks
SecurityWeek 18d ago
HIGH
Microsoft Disrupts Malware-Signing Service Run by ‘Fox Tempest’
SecurityWeek 17d ago
INFO
Stealer Spoofs Google, Microsoft & Apple, Then Backdoors macOS
rss:darkreading 17d ago
HIGH
Cybercrime service disrupted for abusing Microsoft platform to sign malware
BleepingComputer 17d ago
INFO
Webworm Deploys EchoCreep and GraphWorm Backdoors Using Discord and MS Graph API
The Hacker News 17d ago
INFO
Microsoft Takes Down Malware-Signing Service Behind Ransomware Attacks
The Hacker News 17d ago
INFO
Microsoft Rolls Out Mitigations for ‘YellowKey’ BitLocker Bypass
SecurityWeek 16d ago
INFO
Microsoft Open-Sources RAMPART and Clarity to Secure AI Agents During Development
The Hacker News 16d ago
INFO
Microsoft warns of new Defender zero-days exploited in attacks
BleepingComputer 16d ago
INFO
Microsoft Patches Exploited UnDefend and RedSun Defender Zero-Days
SecurityWeek 16d ago
INFO
China's Webworm Uses Discord, Microsoft Graphs to Hack EU Govts.
rss:darkreading 15d ago
INFO
FBI warns of Kali365 phishing-as-a-service after April Microsoft 365 attacks
The Record 14d ago
INFO
FBI warns of Kali365 phishing service targeting Microsoft 365 accounts
BleepingComputer 12d ago
INFO
Microsoft: Domain Controller lookup may fail on Windows Server 2016
BleepingComputer 11d ago
INFO
Anthropic Expands Claude’s Enterprise Security Governance With 28 New Integrations
SecurityWeek 11d ago
INFO
Microsoft Defender can now automatically isolate hacked endpoints
BleepingComputer 11d ago
INFO
Microsoft Issues Out-of-Band SharePoint Patch
rss:darkreading 10d ago
INFO
AI Chatbot Recommendations Redirect Users to Cryptojacking Malware Sites
The Hacker News 10d ago
INFO
Windows 11 KB5089573 update released with performance improvements
BleepingComputer 10d ago
INFO
Microsoft fixes KB5089549 Windows security update install issues
BleepingComputer 5d ago
INFO
Microsoft confirms outage affecting MFA, My Sign-Ins platform
BleepingComputer 5d ago
INFO
Microsoft fixes outage affecting MFA setup, MySignIn service
BleepingComputer 5d ago
INFO
Microsoft says it will not pursue security researchers after zero-day backlash
The Record 5d ago
INFO
Microsoft investigates Office Apps, Teams file access issues
BleepingComputer 5d ago
INFO
Microsoft's Zero-Day Legal Threats Spark Backlash
rss:darkreading 4d ago
INFO
Microsoft Threatening Security Researcher
rss:schneier 4d ago
INFO
Exclusive: How One Line of Code Put Billions of Microsoft Android App Downloads at Risk
SecurityWeek 4d ago
INFO
Microsoft Exchange Online outage causes email delays, failures
BleepingComputer 3d ago
INFO
FBI-Flagged Phishing Kit Kali365 Expands Its Reach
rss:darkreading 3d ago
INFO
Microsoft's Coreutils project brings Linux commands to Windows
BleepingComputer 3d ago
INFO
New HTTP/2 Bomb Vulnerability Allows Remote DoS on NGINX, Apache, IIS, Envoy & Cloudflare
The Hacker News 3d ago
INFO
Microsoft Tries to Calm Legal Threat Fears After Zero-Day Disclosure Backlash
SecurityWeek 3d ago
INFO
One-Click GitHub Dev Attack Lets Attackers Steal Full GitHub OAuth Tokens
The Hacker News 3d ago
INFO
Microsoft 365 Android Apps Let Any App Steal Account Tokens via Leftover Debug Flag
The Hacker News 3d ago
INFO
Coding Gaffe Exposes Microsoft 365 Accounts to Widespread Takeover
rss:darkreading 2d ago
INFO
VS Code Vulnerability Allows One-Click GitHub Token Theft
SecurityWeek 2d ago
INFO
Researcher publishes GitHub token-stealing exploit, blames Microsoft’s disclosure process
The Record 2d ago
INFO
Microsoft blames unexpected Windows driver updates on caching issue
BleepingComputer 2d ago
INFO
PCPJack Hijacks 230 AWS, Google Cloud, and Azure Servers for Covert SMTP Relay Network
The Hacker News 1d ago
INFO
New Threat Cluster OP-512 Targets Microsoft IIS Servers with Custom Web Shell Framework
The Hacker News 1d ago
INFO
Chinese APT deploys new malware to keep access to hacked networks
BleepingComputer 21h ago
INFO
Miasma Worm Hits 73 Microsoft GitHub Repositories in Major Supply Chain Attack
The Hacker News 8h ago
HIGH
CVE-2026-9200 (CVSS 7.5) — The Query Shortcode plugin for WordPress is vulnerable to Local File Inclusion in all versions up to...
NVD CVE-2026-9200 10d ago
HIGH
CVE-2026-8994 (CVSS 8.1) — The Login with NEAR plugin for WordPress is vulnerable to Authentication Bypass in all versions up t...
NVD CVE-2026-8994 10d ago
HIGH
CVE-2026-8787 (CVSS 8.8) — The Firebase Support & Chat Management plugin for WordPress is vulnerable to privilege escalation in...
NVD CVE-2026-8787 10d ago
CRITICAL
CVE-2026-8760 (CVSS 9.8) — The Login with OTP plugin for WordPress is vulnerable to authentication bypass in all versions up to...
NVD CVE-2026-8760CVE-2024-11178 10d ago
INFO
CISA Urges Immediate Patching of Exploited LiteSpeed cPanel Plugin Zero-Day
SecurityWeek breachesransomwaresupply-chain 10d ago
INFO
Anthropic Releases New Claude Sandbox, Security Guidance Plugin
SecurityWeek breachesransomwaresupply-chain 10d ago
HIGH
CVE-2026-9632 (CVSS 8.8) — A flaw has been found in UTT HiPER 1250GW up to 3.2.7-210907-180535. Affected by this issue is the f...
NVD CVE-2026-9632 10d ago
HIGH
CVE-2026-9631 (CVSS 8.8) — A vulnerability was detected in UTT HiPER 1250GW up to 3.2.7-210907-180535. Affected by this vulnera...
NVD CVE-2026-9631 10d ago
HIGH
CVE-2026-9628 (CVSS 8.8) — A weakness has been identified in UTT HiPER 1200GW up to 2.5.3-170306. Affected is an unknown functi...
NVD CVE-2026-9628 10d ago
HIGH
CVE-2026-9627 (CVSS 8.8) — A security flaw has been discovered in UTT HiPER 1200GW up to 2.5.3-170306. This impacts the functio...
NVD CVE-2026-9627 10d ago
MEDIUM
CVE-2026-9156 (CVSS 6.5) — Tanium addressed a denial of service vulnerability in Tanium Server.
NVD CVE-2026-9156 10d ago
HIGH
CVE-2026-49014 (CVSS 7.4) — In GDAL 3.1.0 through 3.13.0, scanForGeometryContainers in the netCDF driver allows code execution v...
NVD CVE-2026-49014 10d ago
HIGH
CVE-2026-9606 (CVSS 7.3) — A vulnerability has been found in itsourcecode Courier Management System 1.0. Impacted is an unknown...
NVD CVE-2026-9606 10d ago
HIGH
CVE-2026-9605 (CVSS 7.3) — A flaw has been found in GNU libredwg up to 0.13.4.8160. This issue affects the function bit_read_RC...
NVD CVE-2026-9605 10d ago
HIGH
CVE-2026-9312 (CVSS 8.2) — A server-side request forgery (SSRF) vulnerability was identified in GitHub Enterprise Server that a...
NVD CVE-2026-9312 10d ago
CRITICAL
CVE-2026-48027 (CVSS 9.8) — Nx Console is the user interface for Nx & Lerna. On 19 May 2026, a malicious version of Nx Console, ...
NVD CVE-2026-48027 +1 9d ago
CRITICAL
CVE-2026-48027: Nx Console Embedded Malicious Code Vulnerability (Nx Nx Console)
CISA KEV 10d ago
CRITICAL
CVE-2026-45321: TanStack Unspecified Vulnerability (TanStack TanStack)
CISA KEV CVE-2026-45321actively-exploited 10d ago
CRITICAL
CVE-2026-8398: Daemon Tools Lite Embedded Malicious Code Vulnerability (Daemon Daemon Tools Lite)
CISA KEV CVE-2026-8398actively-exploited 10d ago
HIGH
CVE-2026-9584 (CVSS 7.3) — A security vulnerability has been detected in code-projects Project Management System 1.0. Affected ...
NVD CVE-2026-9584 10d ago
HIGH
CVE-2026-45298 (CVSS 8.6) — Dozzle is a realtime log viewer for docker containers. Prior to 10.5.2, in a default dozzle deploy (...
NVD CVE-2026-45298 10d ago
CRITICAL
CVE-2026-44985 (CVSS 9.6) — Dozzle is a realtime log viewer for docker containers. Prior to 10.5.2, he WebSocket upgrader for th...
NVD CVE-2026-44985 10d ago
HIGH
CVE-2026-44966 (CVSS 8.3) — Velocity.js is a JavaScript implementation of the Apache Velocity template engine. In 2.1.5 and earl...
NVD CVE-2026-44966 10d ago
HIGH
CVE-2026-9580 (CVSS 7.3) — A vulnerability was determined in JeecgBoot up to 3.9.1. The affected element is the function LoginC...
NVD CVE-2026-9580 10d ago
MEDIUM
CVE-2026-44837 (CVSS 5.9) — view_component is a framework for building reusable, testable, and encapsulated view components in R...
NVD CVE-2026-44837 10d ago
HIGH
CVE-2026-9575 (CVSS 7.3) — A vulnerability has been found in itsourcecode Student Transcript Processing System 1.0. This issue ...
NVD CVE-2026-9575 10d ago
HIGH
CVE-2026-9574 (CVSS 7.3) — A flaw has been found in itsourcecode Student Transcript Processing System 1.0. This vulnerability a...
NVD CVE-2026-9574 10d ago
MEDIUM
CVE-2026-44833 (CVSS 5.9) — Snipe-IT is an IT asset/license management system. Prior to 8.4.1, an open redirect vulnerability in...
NVD CVE-2026-44833 10d ago
HIGH
CVE-2026-44832 (CVSS 8.8) — Snipe-IT is an IT asset/license management system. Prior to 8.4.1, aAn authenticated user with only ...
NVD CVE-2026-44832 10d ago
HIGH
Popular GitHub Action Tags Redirected to Imposter Commit to Steal CI/CD Credentials
The Hacker News supply-chainbreachesmalware +81 18d ago
INFO
ABB AC500 V3 Stack Buffer Overflow in Cryptographic Message Syntax
rss:cisa-advisories 25d ago
INFO
Fuji Electric Tellus
rss:cisa-advisories 25d ago
INFO
ABB AC500 V3 Multiple Vulnerabilities
rss:cisa-advisories 25d ago
INFO
Subnet Solutions PowerSYSTEM Center
rss:cisa-advisories 25d ago
INFO
ABB Automation Builder Gateway for Windows
rss:cisa-advisories 25d ago
INFO
ABB WebPro SNMP Card PowerValue Multiple Vulnerabilities
rss:cisa-advisories 25d ago
INFO
Siemens Siemens ROS#
rss:cisa-advisories 23d ago
INFO
Siemens gWAP
rss:cisa-advisories 23d ago
INFO
Siemens SIMATIC
rss:cisa-advisories 23d ago
INFO
Siemens Ruggedcom Rox
rss:cisa-advisories 23d ago
INFO
Siemens Ruggedcom Rox
rss:cisa-advisories 23d ago
INFO
Siemens Simcenter Femap
rss:cisa-advisories 23d ago
INFO
Universal Robots Polyscope 5
rss:cisa-advisories 23d ago
INFO
Siemens Ruggedcom Rox
rss:cisa-advisories 23d ago
INFO
Siemens Teamcenter
rss:cisa-advisories 23d ago
INFO
Siemens Solid Edge
rss:cisa-advisories 23d ago
INFO
Siemens SENTRON 7KT PAC1261 Data Manager
rss:cisa-advisories 23d ago
INFO
Siemens Opcenter RDnL
rss:cisa-advisories 23d ago
INFO
Siemens Ruggedcom Rox
rss:cisa-advisories 23d ago
INFO
Siemens Industrial Devices
rss:cisa-advisories 23d ago
INFO
Siemens SIMATIC S7 PLC Web Server
rss:cisa-advisories 23d ago
INFO
Siemens SIPROTEC 5
rss:cisa-advisories 23d ago
INFO
Siemens SIMATIC
rss:cisa-advisories 23d ago
INFO
Grafana GitHub Token Breach Led to Codebase Download and Extortion Attempt
The Hacker News 20d ago
INFO
Kieback & Peter DDC Building Controllers
rss:cisa-advisories 18d ago
INFO
Siemens RUGGEDCOM APE1808 Devices
rss:cisa-advisories 18d ago
INFO
ABB CoreSense HM and CoreSense M10
rss:cisa-advisories 18d ago
INFO
ScadaBR
rss:cisa-advisories 18d ago
INFO
ZKTeco CCTV Cameras
rss:cisa-advisories 18d ago
INFO
CISA Exposes Secrets, Credentials in 'Private' Repo
rss:darkreading 17d ago
INFO
GitHub Investigating TeamPCP Claimed Breach of ~4,000 Internal Repositories
The Hacker News 17d ago
INFO
GitHub investigates internal repositories breach claimed by TeamPCP
BleepingComputer 17d ago
INFO
GitHub confirms breach of 3,800 repos via malicious VSCode extension
BleepingComputer 17d ago
INFO
Schnieider Electric EcoStruxure Machine Expert HVAC (SEVD-2026-132-01)
rss:cisa-advisories 17d ago
INFO
Senator presses CISA for answers about alleged GitHub repository leak
The Record 17d ago
INFO
GitHub confirms being hacked by TeamPCP, says customer data unaffected
The Record 17d ago
INFO
Grafana breach caused by missed token rotation after TanStack attack
BleepingComputer 16d ago
INFO
GitHub Confirms Breach, 4K Internal Repos Stolen
rss:darkreading 16d ago
INFO
GitHub Internal Repositories Breached via Malicious Nx Console VS Code Extension
The Hacker News 16d ago
INFO
GitHub links repo breach to TanStack npm supply-chain attack
BleepingComputer 16d ago
INFO
ABB Terra AC Wallbox
rss:cisa-advisories 16d ago
INFO
ABB B&R Automation Studio
rss:cisa-advisories 16d ago
INFO
ABB B&R Automation Runtime
rss:cisa-advisories 16d ago
INFO
ABB B&R PCs
rss:cisa-advisories 16d ago
INFO
Grafana Says Codebase and Other Data Stolen via TanStack Supply Chain Attack
SecurityWeek 15d ago
INFO
Megalodon GitHub Attack Targets 5,561 Repos with Malicious CI/CD Workflows
The Hacker News 15d ago
INFO
CISA Security Leak
rss:schneier 15d ago
INFO
Lawmakers Demand Answers as CISA Tries to Contain Data Leak
Krebs 14d ago
INFO
Packagist Supply Chain Attack Infects 8 Packages Using GitHub-Hosted Linux Malware
The Hacker News 13d ago
INFO
npm Adds 2FA-Gated Publishing and Package Install Controls Against Supply Chain Attacks
The Hacker News 13d ago
INFO
Laravel Lang packages hijacked to deploy credential-stealing malware
BleepingComputer 13d ago
INFO
Over 5,500 GitHub Repositories Infected in ‘Megalodon’ Supply Chain Attack
SecurityWeek 12d ago
INFO
ABB Terra AC
rss:cisa-advisories 11d ago
INFO
ABB LVS MConfig
rss:cisa-advisories 11d ago
INFO
ABB Ability Camera Connect
rss:cisa-advisories 11d ago
INFO
Eppendorf BioFlo 320
rss:cisa-advisories 11d ago
INFO
ABB AbilityTM Zenon Remote Transport Vulnerability
rss:cisa-advisories 11d ago
INFO
ABB AC500 V2
rss:cisa-advisories 11d ago
INFO
ABB B&R Automation Runtime DoS Vulnerability in System Diagnostics Manager (SDM)
rss:cisa-advisories 11d ago
INFO
Feeding Frenzy: 'Megalodon' Malware Infects Thousands of GitHub Repos
rss:darkreading 10d ago
INFO
Malicious npm Package Stole Files From Claude AI User Directory via GitHub
The Hacker News 9d ago
INFO
ABB EIBPORT
rss:cisa-advisories 9d ago
INFO
Jinan USR IOT Technology Limited (PUSR) USR-W610 RS232/485 to Wi-Fi/Ethernet Converter
rss:cisa-advisories 9d ago
INFO
ABB Busch-Welcome 2 Wire Door Opener Actuator
rss:cisa-advisories 9d ago
INFO
Fourth Frontier Frontier X Mobile Application, Frontier X2
rss:cisa-advisories 9d ago
INFO
CP Plus 8 Ch. Network Video Recorder
rss:cisa-advisories 9d ago
INFO
XCharge C6
rss:cisa-advisories 9d ago
INFO
KMW CCTV Security Cameras
rss:cisa-advisories 9d ago
INFO
MacGregor Voyage Data Recorder (VDR) G4e
rss:cisa-advisories 9d ago
INFO
Supply Chain Compromises Impact Nx Console and GitHub Repositories
rss:cisa-advisories 9d ago
INFO
Microsoft Slams Public Zero-Day Disclosures Amid GitHub Researcher Account Removal
The Hacker News 9d ago
INFO
Microsoft calls zero-day releases ‘never justifiable’ as researcher threatens to drop more
The Record 8d ago
INFO
OpenAI Codex Authentication Tokens Stolen in codexui-android npm Supply Chain Attack
The Hacker News 5d ago
INFO
Red Hat removes tainted packages after software pipeline compromise
The Record 4d ago
INFO
VS Code zero-day lets hackers steal GitHub tokens in one click
BleepingComputer 3d ago
INFO
NAVTOR NavBox
rss:cisa-advisories 2d ago
INFO
Hitachi Energy MACH HiDraw
rss:cisa-advisories 2d ago
INFO
Hitachi Energy ITT600 Explorer
rss:cisa-advisories 2d ago
INFO
B&R PPT30 Operating System
rss:cisa-advisories 2d ago
INFO
Hitachi Energy RTU500
rss:cisa-advisories 2d ago
INFO
Claude Code GitHub Action Flaw Let One Malicious Issue Hijack Repositories
The Hacker News 2d ago
INFO
State Cyber Leaders Beg Congress for More Funding, Support
rss:darkreading breachesmalwarethreat-actors 10d ago
HIGH
Mini Shai-Hulud Worm Compromises TanStack, Mistral AI, Guardrails AI & More Packages
The Hacker News supply-chainbreachesmalware +3 25d ago
INFO
After Replacing TeamPCP Malware, 'PCPJack' Steals Cloud Secrets
rss:darkreading 29d ago
INFO
GitHub Confirms Hack Impacting 3,800 Internal Repositories
SecurityWeek 17d ago
INFO
The Hackers Behind Shai-Hulud: Lucky or Skilled?
rss:darkreading 10d ago
CRITICAL
CVE-2026-48689 (CVSS 9.8) — FastNetMon Community Edition through 1.2.9 contains an off-by-one heap-based buffer overflow in the ...
NVD CVE-2026-48689 10d ago
CRITICAL
CVE-2026-3660 (CVSS 9.8) — IBM Engineering Lifecycle Management 7.0.3 ( through ) Interim Fix 021, 7.1.0 ( through ) Interim Fi...
NVD CVE-2026-3660 10d ago
INFO
For Enterprises, Security Remains Agentic AI's Biggest Challenge
rss:darkreading breachesmalwarethreat-actors 10d ago
HIGH
CVE-2026-9560 (CVSS 7.8) — Privilege escalation via background service of OpenVPN Connect 3.5.1 through 3.8.1 on macOS allows a...
NVD CVE-2026-9560 10d ago
HIGH BleepingComputer Wed, 20 May 2026 07:31:15 UTC
Microsoft shares mitigation for YellowKey Windows zero-day
https://www.bleepingcomputer.com/news/microsoft/microsoft-shares-mitigation-for-yellowkey-windows-zero-day/
TL;DR AI
A highly publicized data breach at a major US retailer exposed sensitive customer data, including credit card numbers and addresses, of approximately 106 million customers. The breach is believed to have occurred between 2014 and 2017, and was disclosed to affected customers in October 2019. The breach compromised the credit card data, as well as other customer information, through a vulnerability in the retailer's point-of-sale system.
breachesransomwaresupply-chainmalwarezero-day
Read full story ↗
Related coverage (48)
Azerbaijani Energy Firm Hit by Repeated Microsoft Exchange Exploitation
The Hacker News 24d ago
Microsoft's MDASH AI System Finds 16 Windows Flaws Fixed in Patch Tuesday
The Hacker News 24d ago
Windows Zero-Days Expose BitLocker Bypasses And CTFMON Privilege Escalation
The Hacker News 23d ago
Zero-Day Exploit Against Windows BitLocker
rss:schneier 19d ago
Compromised Nx Console 18.95.0 Targeted VS Code Developers with Credential Stealer
The Hacker News 18d ago
The New Phishing Click: How OAuth Consent Bypasses MFA
The Hacker News 18d ago
Legacy Windows Tool MSHTA Fuels Surge in Silent Malware Attacks
SecurityWeek 18d ago
Microsoft Disrupts Malware-Signing Service Run by ‘Fox Tempest’
SecurityWeek 17d ago
Stealer Spoofs Google, Microsoft & Apple, Then Backdoors macOS
rss:darkreading 17d ago
Cybercrime service disrupted for abusing Microsoft platform to sign malware
BleepingComputer 17d ago
Webworm Deploys EchoCreep and GraphWorm Backdoors Using Discord and MS Graph API
The Hacker News 17d ago
Microsoft Takes Down Malware-Signing Service Behind Ransomware Attacks
The Hacker News 17d ago
Microsoft Rolls Out Mitigations for ‘YellowKey’ BitLocker Bypass
SecurityWeek 16d ago
Microsoft Open-Sources RAMPART and Clarity to Secure AI Agents During Development
The Hacker News 16d ago
Microsoft warns of new Defender zero-days exploited in attacks
BleepingComputer 16d ago
Microsoft Patches Exploited UnDefend and RedSun Defender Zero-Days
SecurityWeek 16d ago
China's Webworm Uses Discord, Microsoft Graphs to Hack EU Govts.
rss:darkreading 15d ago
FBI warns of Kali365 phishing-as-a-service after April Microsoft 365 attacks
The Record 14d ago
FBI warns of Kali365 phishing service targeting Microsoft 365 accounts
BleepingComputer 12d ago
Microsoft: Domain Controller lookup may fail on Windows Server 2016
BleepingComputer 11d ago
Anthropic Expands Claude’s Enterprise Security Governance With 28 New Integrations
SecurityWeek 11d ago
Microsoft Defender can now automatically isolate hacked endpoints
BleepingComputer 11d ago
Microsoft Issues Out-of-Band SharePoint Patch
rss:darkreading 10d ago
AI Chatbot Recommendations Redirect Users to Cryptojacking Malware Sites
The Hacker News 10d ago
Windows 11 KB5089573 update released with performance improvements
BleepingComputer 10d ago
Microsoft fixes KB5089549 Windows security update install issues
BleepingComputer 5d ago
Microsoft confirms outage affecting MFA, My Sign-Ins platform
BleepingComputer 5d ago
Microsoft fixes outage affecting MFA setup, MySignIn service
BleepingComputer 5d ago
Microsoft says it will not pursue security researchers after zero-day backlash
The Record 5d ago
Microsoft investigates Office Apps, Teams file access issues
BleepingComputer 5d ago
Microsoft's Zero-Day Legal Threats Spark Backlash
rss:darkreading 4d ago
Microsoft Threatening Security Researcher
rss:schneier 4d ago
Exclusive: How One Line of Code Put Billions of Microsoft Android App Downloads at Risk
SecurityWeek 4d ago
Microsoft Exchange Online outage causes email delays, failures
BleepingComputer 3d ago
FBI-Flagged Phishing Kit Kali365 Expands Its Reach
rss:darkreading 3d ago
Microsoft's Coreutils project brings Linux commands to Windows
BleepingComputer 3d ago
New HTTP/2 Bomb Vulnerability Allows Remote DoS on NGINX, Apache, IIS, Envoy & Cloudflare
The Hacker News 3d ago
Microsoft Tries to Calm Legal Threat Fears After Zero-Day Disclosure Backlash
SecurityWeek 3d ago
One-Click GitHub Dev Attack Lets Attackers Steal Full GitHub OAuth Tokens
The Hacker News 3d ago
Microsoft 365 Android Apps Let Any App Steal Account Tokens via Leftover Debug Flag
The Hacker News 3d ago
Coding Gaffe Exposes Microsoft 365 Accounts to Widespread Takeover
rss:darkreading 2d ago
VS Code Vulnerability Allows One-Click GitHub Token Theft
SecurityWeek 2d ago
Researcher publishes GitHub token-stealing exploit, blames Microsoft’s disclosure process
The Record 2d ago
Microsoft blames unexpected Windows driver updates on caching issue
BleepingComputer 2d ago
PCPJack Hijacks 230 AWS, Google Cloud, and Azure Servers for Covert SMTP Relay Network
The Hacker News 1d ago
New Threat Cluster OP-512 Targets Microsoft IIS Servers with Custom Web Shell Framework
The Hacker News 1d ago
Chinese APT deploys new malware to keep access to hacked networks
BleepingComputer 21h ago
Miasma Worm Hits 73 Microsoft GitHub Repositories in Major Supply Chain Attack
The Hacker News 8h ago