Microsoft

OneDrive Gives Web Apps Full Read Access to All Files

OneDrive Gives Web Apps Full Read Access to All Files 2025-05-28 at 15:02 By Kevin Townsend Security researchers warn that OneDrive’s file sharing tool may grant third-party web apps access to all your files—not just the one you choose to upload. The post OneDrive Gives Web Apps Full Read Access to All Files appeared first […]

React to this headline:

Loading spinner

OneDrive Gives Web Apps Full Read Access to All Files Read More »

Russian Government Hackers Caught Buying Passwords from Cybercriminals

Russian Government Hackers Caught Buying Passwords from Cybercriminals 2025-05-27 at 18:01 By Ryan Naraine Microsoft flags a new Kremlin hacking team buying stolen usernames and passwords from infostealer markets for use in cyberespionage attacks.  The post Russian Government Hackers Caught Buying Passwords from Cybercriminals appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

React to this headline:

Loading spinner

Russian Government Hackers Caught Buying Passwords from Cybercriminals Read More »

Signal Adds Screenshot-Blocker to Thwart ‘Windows Recall’ 

Signal Adds Screenshot-Blocker to Thwart ‘Windows Recall’  2025-05-23 at 17:21 By Ryan Naraine Signal said the privacy feature is on by default for every Windows 11 user to block Microsoft from taking screenshots for Windows Recall. The post Signal Adds Screenshot-Blocker to Thwart ‘Windows Recall’  appeared first on SecurityWeek. This article is an excerpt from

React to this headline:

Loading spinner

Signal Adds Screenshot-Blocker to Thwart ‘Windows Recall’  Read More »

Akamai, Microsoft Disagree on Severity of Unpatched ‘BadSuccessor’ Flaw

Akamai, Microsoft Disagree on Severity of Unpatched ‘BadSuccessor’ Flaw 2025-05-22 at 20:08 By Ryan Naraine Akamai documents a privilege escalation flaw in Windows Server 2025 after Redmond declines to ship an immediate patch. The post Akamai, Microsoft Disagree on Severity of Unpatched ‘BadSuccessor’ Flaw appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

React to this headline:

Loading spinner

Akamai, Microsoft Disagree on Severity of Unpatched ‘BadSuccessor’ Flaw Read More »

Microsoft Sinkholes Domains, Disrupts Notorious ‘Lumma Stealer’ Malware Operation

Microsoft Sinkholes Domains, Disrupts Notorious ‘Lumma Stealer’ Malware Operation 2025-05-21 at 21:48 By Ryan Naraine Redmond’s threat hunters found 394,000 Windows systems talking to Lumma controllers, a victim pool included global manufacturers.  The post Microsoft Sinkholes Domains, Disrupts Notorious ‘Lumma Stealer’ Malware Operation appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View

React to this headline:

Loading spinner

Microsoft Sinkholes Domains, Disrupts Notorious ‘Lumma Stealer’ Malware Operation Read More »

Lumma Stealer Malware-as-a-Service operation disrupted

Lumma Stealer Malware-as-a-Service operation disrupted 2025-05-21 at 21:21 By Zeljka Zorz A coordinated action by US, European and Japanese authorities and tech companies like Microsoft and Cloudflare has disrupted the infrastructure behind Lumma Stealer, the most significant infostealer threat at the moment. What is Lumma Stealer? Lumma Stealer is Malware-as-a-Service offering beloved by a wide

React to this headline:

Loading spinner

Lumma Stealer Malware-as-a-Service operation disrupted Read More »

The Windows Subsystem for Linux goes open source

The Windows Subsystem for Linux goes open source 2025-05-20 at 12:47 By Anamarija Pogorelec Microsoft has officially open-sourced the Windows Subsystem for Linux (WSL), closing the very first issue ever filed on the Microsoft/WSL GitHub repository: “Will this be open source?” WSL allows developers to run unmodified Linux command-line tools, utilities, and applications directly on

React to this headline:

Loading spinner

The Windows Subsystem for Linux goes open source Read More »

Patch Tuesday: Microsoft fixes 5 actively exploited zero-days

Patch Tuesday: Microsoft fixes 5 actively exploited zero-days 2025-05-13 at 23:00 By Zeljka Zorz On May 2025 Patch Tuesday, Microsoft has released security fixes for 70+ vulnerabilities, among them five actively exploited zero-days and two publicly disclosed (but not exploited) vulnerabilities. The zero-days and the publicly disclosed flaws Among the zero-days patched is a memory

React to this headline:

Loading spinner

Patch Tuesday: Microsoft fixes 5 actively exploited zero-days Read More »

Zero-Day Attacks Highlight Another Busy Microsoft Patch Tuesday

Zero-Day Attacks Highlight Another Busy Microsoft Patch Tuesday 2025-05-13 at 21:16 By Ryan Naraine Patch Tuesday: Microsoft patches at least 70 security bugs and flagged five zero-days in the “exploitation detected” category. The post Zero-Day Attacks Highlight Another Busy Microsoft Patch Tuesday appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original

React to this headline:

Loading spinner

Zero-Day Attacks Highlight Another Busy Microsoft Patch Tuesday Read More »

May 2025 Patch Tuesday forecast: Panic, change, and hope

May 2025 Patch Tuesday forecast: Panic, change, and hope 2025-05-09 at 09:11 By Help Net Security April was an event-filled month for cybersecurity. Patch Tuesday came to us quickly on April 8 – the earliest first Tuesday possible in a given month. We again saw large numbers of CVEs addressed with 84 in Windows 11

React to this headline:

Loading spinner

May 2025 Patch Tuesday forecast: Panic, change, and hope Read More »

Microsoft Accounts Go Passwordless by Default

Microsoft Accounts Go Passwordless by Default 2025-05-02 at 12:32 By Ionut Arghire Microsoft is prioritizing passwordless sign-in and sign-up methods, and is making new accounts passwordless by default. The post Microsoft Accounts Go Passwordless by Default appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to this headline:

React to this headline:

Loading spinner

Microsoft Accounts Go Passwordless by Default Read More »

Tech Giants Propose Standard For End-of-Life Security Disclosures

Tech Giants Propose Standard For End-of-Life Security Disclosures 2025-04-30 at 18:50 By Ryan Naraine The OpenEoX model proposes a shared data format that can be integrated into SBOMs, security advisories, and other ecosystem tools.  The post Tech Giants Propose Standard For End-of-Life Security Disclosures appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

React to this headline:

Loading spinner

Tech Giants Propose Standard For End-of-Life Security Disclosures Read More »

Top must-visit companies at RSAC 2025

Top must-visit companies at RSAC 2025 2025-04-25 at 07:34 By Help Net Security RSAC 2025 Conference is taking place at the Moscone Center in San Francisco from April 28 – May 1. With hundreds of booths, countless product demos, and nonstop buzz, navigating RSAC can be overwhelming. That’s why we’ve done the legwork to highlight

React to this headline:

Loading spinner

Top must-visit companies at RSAC 2025 Read More »

Microsoft Purges Dormant Azure Tenants, Rotates Keys to Prevent Repeat Nation-State Hack 

Microsoft Purges Dormant Azure Tenants, Rotates Keys to Prevent Repeat Nation-State Hack  2025-04-21 at 22:47 By Ryan Naraine Microsoft security chief Charlie Bell says the SFI’s 28 objectives are “near completion” and that 11 others have made “significant progress.” The post Microsoft Purges Dormant Azure Tenants, Rotates Keys to Prevent Repeat Nation-State Hack  appeared first

React to this headline:

Loading spinner

Microsoft Purges Dormant Azure Tenants, Rotates Keys to Prevent Repeat Nation-State Hack  Read More »

Microsoft vulnerabilities: What’s improved, what’s at risk

Microsoft vulnerabilities: What’s improved, what’s at risk 2025-04-17 at 08:02 By Help Net Security Microsoft reported a record 1,360 vulnerabilities in 2024, according to the latest BeyondTrust Microsoft Vulnerabilities Report. The volume marks an 11% increase from the previous record in 2022 and fits within a broader post-pandemic trend: more vulnerabilities, more products, and more

React to this headline:

Loading spinner

Microsoft vulnerabilities: What’s improved, what’s at risk Read More »

Microsoft fixes actively exploited Windows CLFS zero-day (CVE-2025-29824)

Microsoft fixes actively exploited Windows CLFS zero-day (CVE-2025-29824) 2025-04-08 at 22:16 By Zeljka Zorz April 2025 Patch Tuesday is here, and Microsoft has delivered fixes for 120+ vulnerabilities, including a zero-day (CVE-2025-29824) that’s under active attack. CVE-2025-29824 CVE-2025-29824 is a user-after-free vulnerability in the Windows Common Log File System (CLFS) that can be – and

React to this headline:

Loading spinner

Microsoft fixes actively exploited Windows CLFS zero-day (CVE-2025-29824) Read More »

Microsoft Patches 125 Windows Vulns, Including Exploited CLFS Zero-Day

Microsoft Patches 125 Windows Vulns, Including Exploited CLFS Zero-Day 2025-04-08 at 22:03 By Ryan Naraine Patch Tuesday: Microsoft ships urgent cover for another WIndows CLFS vulnerability already exploited in the wild. The post Microsoft Patches 125 Windows Vulns, Including Exploited CLFS Zero-Day appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original

React to this headline:

Loading spinner

Microsoft Patches 125 Windows Vulns, Including Exploited CLFS Zero-Day Read More »

Scroll to Top