News • Insights • Analysis
A publicly available exploit called RoguePlanet can give attackers the highest level of access on Windows systems. Microsoft has confirmed the vulnerability and says it’s working on a security update. RoguePlanet is tracked under CVE-2026-50656, where it’s described as a Microsoft Defender Elevation Read More …
Microsoft has cut off access to dozens of its open source projects hosted on GitHub as it investigates how hackers apparently breached the projects and injected password-stealing malware into the code. Many of the affected projects relate to Microsoft’s cloud Read More …
After a security researcher published a series of unpatched bugs in Microsoft products, along with code to exploit them, the company is now threatening to take legal action and call the cops on them. Microsoft’s veiled threat reignites a long-running Read More …
The Federal Bureau of Investigation (FBI) is issuing this Public Service Announcement (PSA) to warn the public about an emerging Phishing1-as-a-Service2 (PhaaS) platform called Kali365, first seen in April 2026. Kali365 has primarily been distributed via Telegram, enabling cyber threat actors Read More …
Cybercriminals are increasingly using a legitimate legacy Windows tool to deploy infostealers and loader malware, researchers are saying. A new Bitdefender report has claimed that since the start of 2026, there’s been an uptick in activity related to a Windows utility called Microsoft HTML Read More …
Microsoft seized websites and took down hundreds of virtual machines running a cybercrime service that allegedly sold code-signing certificates to ransomware gangs, thus making their malware look like legitimate software – and allowing criminals to infect thousands of machines in Read More …
Microsoft is publishing 137 vulnerabilities on May 2026 Patch Tuesday. Microsoft is not aware of exploitation in the wild or public disclosure for any of these vulnerabilities. So far this month, Microsoft has provided patches to address 133 browser vulnerabilities, which Read More …
Researchers at Rapid7 say that they have spotted what they believe was an Iranian intelligence cyber unit masquerading as the Chaos ransomware gang to hide a state-sponsored espionage operation. The intrusion was spotted earlier this year, and investigators say breadcrumbs Read More …
Microsoft has pushed out an out-of-band update to address the restart loop that hit some Windows Server devices after its April update. The fix will spare administrators the headache of forced server restarts after installing the April 2026 update. (A Read More …
Microsoft is publishing 167 vulnerabilities on April 2026 Patch Tuesday. Microsoft is aware of exploitation in the wild for one of today’s vulnerabilities, and public disclosure for one other. Microsoft evaluates 19 of the vulnerabilities published today as more likely Read More …
