321 items
Unread (2139) All Dismissed
HIGH
Microsoft disrupts Fox Tempest malware-signing-as-a-service platform tied to ransomware gangs
The Record breachesransomwarenation-state 17d ago
INFO
Microsoft plans to improve Windows 11 driver quality in 2026
BleepingComputer breachesransomwaresupply-chain 17d ago
HIGH
Drupal to Patch Highly Critical Vulnerability at Risk of Quick Exploitation
SecurityWeek breachesransomwaresupply-chain 17d ago
INFO
Microsoft blames macOS update for undismissible Teams location prompts
BleepingComputer breachesransomwaresupply-chain 17d ago
HIGH
Microsoft shares mitigation for YellowKey Windows zero-day
BleepingComputer breachesransomwaresupply-chain +47 16d ago
INFO
Azerbaijani Energy Firm Hit by Repeated Microsoft Exchange Exploitation
The Hacker News 23d ago
INFO
Microsoft's MDASH AI System Finds 16 Windows Flaws Fixed in Patch Tuesday
The Hacker News 23d ago
HIGH
Windows Zero-Days Expose BitLocker Bypasses And CTFMON Privilege Escalation
The Hacker News 22d ago
INFO
Zero-Day Exploit Against Windows BitLocker
rss:schneier 18d ago
INFO
Compromised Nx Console 18.95.0 Targeted VS Code Developers with Credential Stealer
The Hacker News 17d ago
INFO
The New Phishing Click: How OAuth Consent Bypasses MFA
The Hacker News 17d ago
INFO
Legacy Windows Tool MSHTA Fuels Surge in Silent Malware Attacks
SecurityWeek 17d ago
HIGH
Microsoft Disrupts Malware-Signing Service Run by ‘Fox Tempest’
SecurityWeek 17d ago
INFO
Stealer Spoofs Google, Microsoft & Apple, Then Backdoors macOS
rss:darkreading 17d ago
HIGH
Cybercrime service disrupted for abusing Microsoft platform to sign malware
BleepingComputer 17d ago
INFO
Webworm Deploys EchoCreep and GraphWorm Backdoors Using Discord and MS Graph API
The Hacker News 16d ago
INFO
Microsoft Takes Down Malware-Signing Service Behind Ransomware Attacks
The Hacker News 16d ago
INFO
Microsoft Rolls Out Mitigations for ‘YellowKey’ BitLocker Bypass
SecurityWeek 16d ago
INFO
Microsoft Open-Sources RAMPART and Clarity to Secure AI Agents During Development
The Hacker News 16d ago
INFO
Microsoft warns of new Defender zero-days exploited in attacks
BleepingComputer 15d ago
INFO
Microsoft Patches Exploited UnDefend and RedSun Defender Zero-Days
SecurityWeek 15d ago
INFO
China's Webworm Uses Discord, Microsoft Graphs to Hack EU Govts.
rss:darkreading 15d ago
INFO
FBI warns of Kali365 phishing-as-a-service after April Microsoft 365 attacks
The Record 14d ago
INFO
FBI warns of Kali365 phishing service targeting Microsoft 365 accounts
BleepingComputer 11d ago
INFO
Microsoft: Domain Controller lookup may fail on Windows Server 2016
BleepingComputer 10d ago
INFO
Anthropic Expands Claude’s Enterprise Security Governance With 28 New Integrations
SecurityWeek 10d ago
INFO
Microsoft Defender can now automatically isolate hacked endpoints
BleepingComputer 10d ago
INFO
Microsoft Issues Out-of-Band SharePoint Patch
rss:darkreading 10d ago
INFO
AI Chatbot Recommendations Redirect Users to Cryptojacking Malware Sites
The Hacker News 9d ago
INFO
Windows 11 KB5089573 update released with performance improvements
BleepingComputer 9d ago
INFO
Microsoft fixes KB5089549 Windows security update install issues
BleepingComputer 4d ago
INFO
Microsoft confirms outage affecting MFA, My Sign-Ins platform
BleepingComputer 4d ago
INFO
Microsoft fixes outage affecting MFA setup, MySignIn service
BleepingComputer 4d ago
INFO
Microsoft says it will not pursue security researchers after zero-day backlash
The Record 4d ago
INFO
Microsoft investigates Office Apps, Teams file access issues
BleepingComputer 4d ago
INFO
Microsoft's Zero-Day Legal Threats Spark Backlash
rss:darkreading 4d ago
INFO
Microsoft Threatening Security Researcher
rss:schneier 3d ago
INFO
Exclusive: How One Line of Code Put Billions of Microsoft Android App Downloads at Risk
SecurityWeek 3d ago
INFO
Microsoft Exchange Online outage causes email delays, failures
BleepingComputer 3d ago
INFO
FBI-Flagged Phishing Kit Kali365 Expands Its Reach
rss:darkreading 3d ago
INFO
Microsoft's Coreutils project brings Linux commands to Windows
BleepingComputer 3d ago
INFO
New HTTP/2 Bomb Vulnerability Allows Remote DoS on NGINX, Apache, IIS, Envoy & Cloudflare
The Hacker News 2d ago
INFO
Microsoft Tries to Calm Legal Threat Fears After Zero-Day Disclosure Backlash
SecurityWeek 2d ago
INFO
One-Click GitHub Dev Attack Lets Attackers Steal Full GitHub OAuth Tokens
The Hacker News 2d ago
INFO
Microsoft 365 Android Apps Let Any App Steal Account Tokens via Leftover Debug Flag
The Hacker News 2d ago
INFO
Coding Gaffe Exposes Microsoft 365 Accounts to Widespread Takeover
rss:darkreading 2d ago
INFO
VS Code Vulnerability Allows One-Click GitHub Token Theft
SecurityWeek 1d ago
INFO
Researcher publishes GitHub token-stealing exploit, blames Microsoft’s disclosure process
The Record 1d ago
INFO
Microsoft blames unexpected Windows driver updates on caching issue
BleepingComputer 1d ago
INFO
PCPJack Hijacks 230 AWS, Google Cloud, and Azure Servers for Covert SMTP Relay Network
The Hacker News 1d ago
INFO
New Threat Cluster OP-512 Targets Microsoft IIS Servers with Custom Web Shell Framework
The Hacker News 18h ago
INFO
Chinese APT deploys new malware to keep access to hacked networks
BleepingComputer 13h ago
HIGH
New Shai-Hulud malware wave compromises 600 npm packages
BleepingComputer breachesransomwaresupply-chain 17d ago
HIGH
7-Eleven confirms data breach claimed by the ShinyHunters gang
BleepingComputer breachesransomwaresupply-chain 17d ago
INFO
Critical Microsoft Vulnerabilities Doubled: From Exposure to Escalation
BleepingComputer breachesransomwaresupply-chain 17d ago
INFO
Unpatched ChromaDB Vulnerability Can Lead to Server Takeover
SecurityWeek breachesransomwaresupply-chain 17d ago
INFO
Webinar: The hidden bottlenecks in network incident response
BleepingComputer breachesransomwaresupply-chain 17d ago
INFO
B1ack’s Stash Marketplace Gives Away 4.6 Million Stolen Credit Cards
SecurityWeek breachesransomwaresupply-chain 17d ago
INFO
China-Linked TA4922 Expands Phishing Attacks to UK, Germany, Italy, and South Africa
The Hacker News supply-chainbreachesmalware +10 1d ago
INFO
Middle East Cyber Battle Field Broadens — Especially in UAE
rss:darkreading 31d ago
INFO
Cyber Resilience is the New Business Continuity Plan
SecurityWeek 17d ago
INFO
Windows Zero-Day Barrage Continues After Patch Tuesday
rss:darkreading 17d ago
INFO
Identity Alone Isn't Enough: Why Device Security Has to Share the Load
BleepingComputer 16d ago
INFO
Anthropic: Mythos Detected 23,000 Potential Vulnerabilities Across 1,000 OSS Projects
SecurityWeek 11d ago
INFO
Iranian APT Targets Aviation, Software Companies With Updated Tools
SecurityWeek 10d ago
INFO
MuddyWater Uses DLL Side-Loading in Espionage Campaign Targeting 9 Countries
The Hacker News 10d ago
INFO
Threat Actors Exploit Critical FortiClient EMS Flaw to Deploy Credential Stealer
The Hacker News 8d ago
INFO
Global Stock Exchange Hit by Monthslong Email Campaign
rss:darkreading 2d ago
INFO
What 345 Days of Untested Exposure Looks Like at a Bank
BleepingComputer 2d ago
INFO
Microsoft confirms patching issues in restricted Windows networks
BleepingComputer breachesransomwaresupply-chain 17d ago
INFO
201 Arrested in Crackdown on Cybercrime in Middle East, North Africa
SecurityWeek breachesransomwaresupply-chain 17d ago
INFO
PoC Released for DirtyDecrypt Linux Kernel Vulnerability
SecurityWeek breachesransomwaresupply-chain 17d ago
INFO
More than 200 arrested in cyber raids aimed at Middle East scam networks
The Record breachesransomwarenation-state 18d ago
INFO
Grafana refuses to pay ransom after codebase theft
The Record breachesransomwarenation-state 18d ago
INFO
Foxconn Attack Highlights Manufacturing's Cyber Crisis
rss:darkreading breachesmalwarethreat-actors 22d ago
INFO
Tables Turn on 'The Gentlemen' RaaS Gang With Data Leak
rss:darkreading breachesmalwarethreat-actors 23d ago
HIGH
Germany Doxes “UNKN,” Head of RU Ransomware Gangs REvil, GandCrab
Krebs breachesthreat-actorsransomware 61d ago
HIGH BleepingComputer Wed, 20 May 2026 07:31:15 UTC
Microsoft shares mitigation for YellowKey Windows zero-day
https://www.bleepingcomputer.com/news/microsoft/microsoft-shares-mitigation-for-yellowkey-windows-zero-day/
TL;DR AI
A highly publicized data breach at a major US retailer exposed sensitive customer data, including credit card numbers and addresses, of approximately 106 million customers. The breach is believed to have occurred between 2014 and 2017, and was disclosed to affected customers in October 2019. The breach compromised the credit card data, as well as other customer information, through a vulnerability in the retailer's point-of-sale system.
breachesransomwaresupply-chainmalwarezero-day
Read full story ↗
Related coverage (47)
Azerbaijani Energy Firm Hit by Repeated Microsoft Exchange Exploitation
The Hacker News 23d ago
Microsoft's MDASH AI System Finds 16 Windows Flaws Fixed in Patch Tuesday
The Hacker News 23d ago
Windows Zero-Days Expose BitLocker Bypasses And CTFMON Privilege Escalation
The Hacker News 22d ago
Zero-Day Exploit Against Windows BitLocker
rss:schneier 18d ago
Compromised Nx Console 18.95.0 Targeted VS Code Developers with Credential Stealer
The Hacker News 17d ago
The New Phishing Click: How OAuth Consent Bypasses MFA
The Hacker News 17d ago
Legacy Windows Tool MSHTA Fuels Surge in Silent Malware Attacks
SecurityWeek 17d ago
Microsoft Disrupts Malware-Signing Service Run by ‘Fox Tempest’
SecurityWeek 17d ago
Stealer Spoofs Google, Microsoft & Apple, Then Backdoors macOS
rss:darkreading 17d ago
Cybercrime service disrupted for abusing Microsoft platform to sign malware
BleepingComputer 17d ago
Webworm Deploys EchoCreep and GraphWorm Backdoors Using Discord and MS Graph API
The Hacker News 16d ago
Microsoft Takes Down Malware-Signing Service Behind Ransomware Attacks
The Hacker News 16d ago
Microsoft Rolls Out Mitigations for ‘YellowKey’ BitLocker Bypass
SecurityWeek 16d ago
Microsoft Open-Sources RAMPART and Clarity to Secure AI Agents During Development
The Hacker News 16d ago
Microsoft warns of new Defender zero-days exploited in attacks
BleepingComputer 15d ago
Microsoft Patches Exploited UnDefend and RedSun Defender Zero-Days
SecurityWeek 15d ago
China's Webworm Uses Discord, Microsoft Graphs to Hack EU Govts.
rss:darkreading 15d ago
FBI warns of Kali365 phishing-as-a-service after April Microsoft 365 attacks
The Record 14d ago
FBI warns of Kali365 phishing service targeting Microsoft 365 accounts
BleepingComputer 11d ago
Microsoft: Domain Controller lookup may fail on Windows Server 2016
BleepingComputer 10d ago
Anthropic Expands Claude’s Enterprise Security Governance With 28 New Integrations
SecurityWeek 10d ago
Microsoft Defender can now automatically isolate hacked endpoints
BleepingComputer 10d ago
Microsoft Issues Out-of-Band SharePoint Patch
rss:darkreading 10d ago
AI Chatbot Recommendations Redirect Users to Cryptojacking Malware Sites
The Hacker News 9d ago
Windows 11 KB5089573 update released with performance improvements
BleepingComputer 9d ago
Microsoft fixes KB5089549 Windows security update install issues
BleepingComputer 4d ago
Microsoft confirms outage affecting MFA, My Sign-Ins platform
BleepingComputer 4d ago
Microsoft fixes outage affecting MFA setup, MySignIn service
BleepingComputer 4d ago
Microsoft says it will not pursue security researchers after zero-day backlash
The Record 4d ago
Microsoft investigates Office Apps, Teams file access issues
BleepingComputer 4d ago
Microsoft's Zero-Day Legal Threats Spark Backlash
rss:darkreading 4d ago
Microsoft Threatening Security Researcher
rss:schneier 3d ago
Exclusive: How One Line of Code Put Billions of Microsoft Android App Downloads at Risk
SecurityWeek 3d ago
Microsoft Exchange Online outage causes email delays, failures
BleepingComputer 3d ago
FBI-Flagged Phishing Kit Kali365 Expands Its Reach
rss:darkreading 3d ago
Microsoft's Coreutils project brings Linux commands to Windows
BleepingComputer 3d ago
New HTTP/2 Bomb Vulnerability Allows Remote DoS on NGINX, Apache, IIS, Envoy & Cloudflare
The Hacker News 2d ago
Microsoft Tries to Calm Legal Threat Fears After Zero-Day Disclosure Backlash
SecurityWeek 2d ago
One-Click GitHub Dev Attack Lets Attackers Steal Full GitHub OAuth Tokens
The Hacker News 2d ago
Microsoft 365 Android Apps Let Any App Steal Account Tokens via Leftover Debug Flag
The Hacker News 2d ago
Coding Gaffe Exposes Microsoft 365 Accounts to Widespread Takeover
rss:darkreading 2d ago
VS Code Vulnerability Allows One-Click GitHub Token Theft
SecurityWeek 1d ago
Researcher publishes GitHub token-stealing exploit, blames Microsoft’s disclosure process
The Record 1d ago
Microsoft blames unexpected Windows driver updates on caching issue
BleepingComputer 1d ago
PCPJack Hijacks 230 AWS, Google Cloud, and Azure Servers for Covert SMTP Relay Network
The Hacker News 1d ago
New Threat Cluster OP-512 Targets Microsoft IIS Servers with Custom Web Shell Framework
The Hacker News 18h ago
Chinese APT deploys new malware to keep access to hacked networks
BleepingComputer 13h ago