Windows

Record Microsoft Patch Tuesday, fresh zero-day

AI, Don't miss, Fortra, Hot stuff, Microsoft, Microsoft Defender, News, Patch Tuesday, patching, security update, Tenable, Trend Micro, Windows /

Record Microsoft Patch Tuesday, fresh zero-day 2026-06-10 at 14:23 By Zeljka Zorz Microsoft marked its largest-ever Patch Tuesday this month, by shipping fixes for nearly 200 vulnerabilities. Within hours, “Nightmare Eclipse”, the researcher behind weeks of escalating Windows exploit releases, dropped a proof-of-concept exploit for a new zero-day: “RoguePlanet”, which abuses a race condition in […]

Record Microsoft Patch Tuesday, fresh zero-day Read More »

Microsoft changes how Defender for Endpoint EDR updates are delivered on Windows

cybersecurity, Endpoint Security, Microsoft, News, security update, update, Windows /

Microsoft changes how Defender for Endpoint EDR updates are delivered on Windows 2026-06-08 at 20:33 By Sinisa Markovic Microsoft will distribute Defender for Endpoint EDR updates through Microsoft Update, enabling EDR security improvements to be released independently of monthly Windows operating system updates. The rollout started for Windows 10 devices in late May 2026 and

Microsoft changes how Defender for Endpoint EDR updates are delivered on Windows Read More »

Microsoft Defender vulnerabilities exploited in the wild (CVE-2026-41091, CVE-2026-45498)

Don't miss, Hot stuff, Microsoft, Microsoft Defender, News, vulnerability, vulnerability disclosure, Windows /

Microsoft Defender vulnerabilities exploited in the wild (CVE-2026-41091, CVE-2026-45498) 2026-05-21 at 14:22 By Zeljka Zorz Attackers are exploiting two Microsoft Defender vulnerabilities (CVE-2026-41091 and CVE-2026-45498), Microsoft acknowledged and CISA confirmed by adding them to its Known Exploited Vulnerabilities catalog. The vulnerabilities CVE-2026-41091 allows for local privilege elevation (LPE), and is caused by the Microsoft Malware

Microsoft Defender vulnerabilities exploited in the wild (CVE-2026-41091, CVE-2026-45498) Read More »

Microsoft Rolls Out Mitigations for ‘YellowKey’ BitLocker Bypass

BitLocker, Endpoint Security, Vulnerabilities, Windows, YellowKey /

Microsoft Rolls Out Mitigations for ‘YellowKey’ BitLocker Bypass 2026-05-20 at 18:46 By Ionut Arghire The exploitation is mitigated by preventing the FsTx Auto Recovery Utility from starting when the WinRE image launches. The post Microsoft Rolls Out Mitigations for ‘YellowKey’ BitLocker Bypass appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original

Microsoft Rolls Out Mitigations for ‘YellowKey’ BitLocker Bypass Read More »

Microsoft provides mitigation for “YellowKey” BitLocker bypass flaw (CVE-2026-45585)

CVE, Don't miss, exploit, Hot stuff, Microsoft, News, PoC, vulnerability disclosure, Windows, Windows Server /

Microsoft provides mitigation for “YellowKey” BitLocker bypass flaw (CVE-2026-45585) 2026-05-20 at 11:49 By Zeljka Zorz Microsoft is working on a fix for CVE-2026-45585 (aka “Yellowkey”), a vulnerability that can be used by attackers to bypass protections offered by BitLocker, the full-disk encryption feature built into Windows, and access users’ data. In the meantime, the company

Microsoft provides mitigation for “YellowKey” BitLocker bypass flaw (CVE-2026-45585) Read More »

Legacy Windows Tool MSHTA Fuels Surge in Silent Malware Attacks

Endpoint Security, Malware, Malware & Threats, mshta, Windows /

Legacy Windows Tool MSHTA Fuels Surge in Silent Malware Attacks 2026-05-19 at 16:58 By Kevin Townsend Attackers are increasingly abusing Microsoft’s decades-old MSHTA utility to stealthily deliver stealers, loaders, and persistent malware through phishing, fake software downloads, and LOLBIN-based attack chains. The post Legacy Windows Tool MSHTA Fuels Surge in Silent Malware Attacks appeared first

Legacy Windows Tool MSHTA Fuels Surge in Silent Malware Attacks Read More »

Researcher Drops MiniPlasma Windows Exploit for Unpatched 2020 CVE

exploit, MiniPlasma, unpatched, Vulnerabilities, vulnerability, Windows /

Researcher Drops MiniPlasma Windows Exploit for Unpatched 2020 CVE 2026-05-18 at 13:58 By Ionut Arghire The researcher dropped the MiniPlasma exploit that uses the original proof-of-concept (PoC) code targeting the bug. The post Researcher Drops MiniPlasma Windows Exploit for Unpatched 2020 CVE appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original

Researcher Drops MiniPlasma Windows Exploit for Unpatched 2020 CVE Read More »

Microsoft’s WinUI agent plugin trims token use by over 70% during development

Claude Code, GitHub, Microsoft, News, programming, software development, Windows /

Microsoft’s WinUI agent plugin trims token use by over 70% during development 2026-05-14 at 18:25 By Sinisa Markovic Microsoft published a plugin on May 13 that lets GitHub Copilot CLI and Claude Code drive the full WinUI 3 development cycle, from project scaffolding through signed MSIX packaging. The WinUI agent plugin ships one agent, eight

Microsoft’s WinUI agent plugin trims token use by over 70% during development Read More »

Researcher Drops YellowKey, GreenPlasma Windows Zero-Days

BitLocker, Chaotic Eclipse, GreenPlasma, Vulnerabilities, Windows, YellowKey, Zero-Day /

Researcher Drops YellowKey, GreenPlasma Windows Zero-Days 2026-05-14 at 11:16 By Ionut Arghire YellowKey is a BitLocker bypass that requires physical access. GreenPlasma enables elevation of privileges to System. The post Researcher Drops YellowKey, GreenPlasma Windows Zero-Days appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Researcher Drops YellowKey, GreenPlasma Windows Zero-Days Read More »

Microsoft May 2026 Patch Tuesday: Many fixes, but no zero-days

Automox, Don't miss, Hot stuff, Microsoft, MS Office, News, Tenable, Trend Micro, Windows, Windows Server /

Microsoft May 2026 Patch Tuesday: Many fixes, but no zero-days 2026-05-13 at 00:31 By Zeljka Zorz Microsoft has marked May 2026 Patch Tuesday by releasing fixes for 120+ CVE-numbered vulnerabilities, none of which (for a change) are actively exploited or have been publicly disclosed. Still, some deserve more consideration and should be addressed sooner than

Microsoft May 2026 Patch Tuesday: Many fixes, but no zero-days Read More »

Microsoft Patches 137 Vulnerabilities

Microsoft, Patch Tuesday, Vulnerabilities, vulnerability, Windows /

Microsoft Patches 137 Vulnerabilities 2026-05-12 at 21:50 By Ionut Arghire Fresh security updates resolve critical flaws in Azure, Windows, Dynamics 365, and the SSO Plugin for Jira & Confluence. The post Microsoft Patches 137 Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Microsoft Patches 137 Vulnerabilities Read More »

Rustinel: Open-source endpoint detection for Windows and Linux

Don't miss, Endpoint Security, GitHub, Hot stuff, Linux, News, open source, scanning, security telemetry, Windows /

Rustinel: Open-source endpoint detection for Windows and Linux 2026-05-11 at 08:51 By Mirko Zorz Open-source endpoint detection has long been split between Windows-focused tools built around Sysmon and Linux tools built around eBPF or auditd. Defenders running mixed environments have had to stitch together separate pipelines, separate rule sets, and separate maintenance burdens. Rustinel, a

Rustinel: Open-source endpoint detection for Windows and Linux Read More »

No Patch for New PhantomRPC Privilege Escalation Technique in Windows

PhantomRPC, privilege escalation, unpatched, Vulnerabilities, vulnerability, Windows /

No Patch for New PhantomRPC Privilege Escalation Technique in Windows 2026-04-28 at 15:09 By Ionut Arghire A fake RPC server can be used to listen for RPC requests and impersonate the target service to elevate privileges to System. The post No Patch for New PhantomRPC Privilege Escalation Technique in Windows appeared first on SecurityWeek. This

No Patch for New PhantomRPC Privilege Escalation Technique in Windows Read More »

Incomplete Windows Patch Opens Door to Zero-Click Attacks

APT28, exploited, Russia, Vulnerabilities, vulnerability, Windows /

Incomplete Windows Patch Opens Door to Zero-Click Attacks 2026-04-27 at 20:43 By Ionut Arghire The initial vulnerability was exploited by Russia-linked APT28 in attacks against Ukraine and EU countries. The post Incomplete Windows Patch Opens Door to Zero-Click Attacks appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Incomplete Windows Patch Opens Door to Zero-Click Attacks Read More »

Windows is getting stronger RDP file protections to fight phishing attacks

Microsoft, News, phishing, security update, Windows /

Windows is getting stronger RDP file protections to fight phishing attacks 2026-04-16 at 01:19 By Sinisa Markovic Microsoft has introduced new Windows protections starting with the April 2026 security update to reduce phishing attacks that abuse Remote Desktop (.rdp) files. With these updates, the Remote Desktop Connection app displays stronger warning dialogs before a connection

Windows is getting stronger RDP file protections to fight phishing attacks Read More »

Organizations Warned of Exploited Windows, Adobe Acrobat Vulnerabilities

acrobat, Adobe, CISA KEV, exploited, Vulnerabilities, Windows /

Organizations Warned of Exploited Windows, Adobe Acrobat Vulnerabilities 2026-04-14 at 12:00 By Ionut Arghire The security defects allow attackers to escalate privileges and execute arbitrary code remotely. The post Organizations Warned of Exploited Windows, Adobe Acrobat Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Organizations Warned of Exploited Windows, Adobe Acrobat Vulnerabilities Read More »

Hackers hijacked CPUID downloads, served STX RAT to victims

data theft, Don't miss, Hot stuff, Kaspersky, Malware, News, Remote Access Trojan, Windows /

Hackers hijacked CPUID downloads, served STX RAT to victims 2026-04-13 at 16:08 By Zeljka Zorz If you tried to download software from CPUID’s website late last week, you might have downloaded malware instead. “Investigations are still ongoing, but it appears that a secondary feature (basically a side API) was compromised for approximately six hours between

Hackers hijacked CPUID downloads, served STX RAT to victims Read More »

BlueHammer: Windows zero-day exploit leaked

0-day, CYDERES, Don't miss, exploit, Hot stuff, News, PoC, Windows, Windows Defender, Windows Server /

BlueHammer: Windows zero-day exploit leaked 2026-04-08 at 23:29 By Zeljka Zorz A buggy but functional proof-of-concept (PoC) exploit for an unpatched Windows local privilege escalation vulnerability dubbed BlueHammer has been published on GitHub by someone who goes by the handle Chaotic Eclipse and Nightmare Eclipse. Several security researchers have fixed the bugs in the exploit

BlueHammer: Windows zero-day exploit leaked Read More »

Windows Security app gets Secure Boot certificate status indicators as 2026 expiration approaches

certificates, Microsoft, News, tips, Windows /

Windows Security app gets Secure Boot certificate status indicators as 2026 expiration approaches 2026-04-03 at 14:57 By Anamarija Pogorelec Microsoft’s Secure Boot certificates, issued in 2011, are approaching expiration in 2026. To help IT administrators track whether devices have received replacement certificates, Microsoft has added new status indicators to the Windows Security app, under Device

Windows Security app gets Secure Boot certificate status indicators as 2026 expiration approaches Read More »

Windows 11 gets a rebuilt console engine with regex search, Sixel images and a 10x speed boost

Microsoft, News, Windows /

Windows 11 gets a rebuilt console engine with regex search, Sixel images and a 10x speed boost 2026-03-31 at 16:05 By Anamarija Pogorelec Microsoft released Windows 11 Insider Preview Build 29558.1000 to the Canary Channel, part of the optional 29500 build series. The build carries a set of changes focused on the Windows Console, a

Windows 11 gets a rebuilt console engine with regex search, Sixel images and a 10x speed boost Read More »

Scroll to Top