Microsoft has fixed the “RoguePlanet” zero-day in Microsoft Defender

Microsoft has quietly fixed the “RoguePlanet” zero-day in Microsoft Defender, closing the latest hole exposed by security researcher Nightmare Eclipse after months of public sparring over the company’s handling of vulnerability reports. The vulnerability, tracked as CVE-2026-50656, was addressed through an Read More …

When checking the URL isn’t enough: a Device Code Phishing attack via a Microsoft website

One of the most common pieces of anti-phishing advice is to double-check the website’s domain name before providing your credentials. Typically, a fraudulent domain stands out to the trained eye, differing from the official URL by at least a few Read More …

Verified X ad spreads Mac malware, while ConsentFix steals Microsoft accounts

Cybercriminals are finding new ways to trick people into compromising their own devices and accounts. One campaign used a sponsored ad on X to target Mac users, while another technique, dubbed ConsentFix, steals Microsoft 365 accounts without installing malware. Researchers have Read More …

Microsoft working on a fix for RoguePlanet, a flaw that grants full PC control

A publicly available exploit called RoguePlanet can give attackers the highest level of access on Windows systems. Microsoft has confirmed the vulnerability and says it’s working on a security update. RoguePlanet is tracked under CVE-2026-50656, where it’s described as a Microsoft Defender Elevation Read More …

Microsoft’s open source tools were hacked to steal passwords of AI developers

Microsoft has cut off access to dozens of its open source projects hosted on GitHub as it investigates how hackers apparently breached the projects and injected password-stealing malware into the code. Many of the affected projects relate to Microsoft’s cloud Read More …

Microsoft under fire for threatening security researcher with criminal investigation

After a security researcher published a series of unpatched bugs in Microsoft products, along with code to exploit them, the company is now threatening to take legal action and call the cops on them. Microsoft’s veiled threat reignites a long-running Read More …

Kali365 Phishing-as-a-Service Kit Hijacks Microsoft 365 Access Tokens

The Federal Bureau of Investigation (FBI) is issuing this Public Service Announcement (PSA) to warn the public about an emerging Phishing1-as-a-Service2 (PhaaS) platform called Kali365, first seen in April 2026. Kali365 has primarily been distributed via Telegram, enabling cyber threat actors Read More …

Key Microsoft legacy tool is still being abused to launch malware campaigns

Cybercriminals are increasingly using a legitimate legacy Windows tool to deploy infostealers and loader malware, researchers are saying. A new Bitdefender report has claimed that since the start of 2026, there’s been an uptick in activity related to a Windows utility called Microsoft HTML Read More …

Microsoft shuts down illegal code-signing operation used by ransomware criminals to mask their malware

Microsoft seized websites and took down hundreds of virtual machines running a cybercrime service that allegedly sold code-signing certificates to ransomware gangs, thus making their malware look like legitimate software – and allowing criminals to infect thousands of machines in Read More …