Microsoft's patch for a 0-day exploited by Russian spies fell short. Another Windows flaw is under attack

Microsoft and the US Cybersecurity and Infrastructure Security Agency (CISA) warned that attackers are exploiting a ...

Microsoft Confirms Windows Flaw Is Being Exploited After Incomplete Patch

Microsoft confirmed a Windows zero-click flaw tied to an incomplete patch is being exploited, putting credentials at risk for ...

CISA orders feds to patch Windows flaw exploited as zero-day

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has ordered federal agencies to secure their Windows systems ...

Microsoft: New Remote Desktop warnings may display incorrectly

Microsoft has confirmed a new issue causing newly introduced Windows security warnings to display incorrectly when opening ...
The Hacker News

Microsoft Confirms Active Exploitation of Windows Shell CVE-2026-32202

CVE-2026-32202 actively exploited after April 27 advisory fix, exposing NTLMv2 hashes via zero-click SMB authentication.

US government agencies must patch BlueHammer exploit by May 6

The vulnerability was revealed by a disgruntled researcher.
Dark Reading

Unpatched 'PhantomRPC' Flaw in Windows Enables Privilege Escalation

A researcher discovered five different exploit paths that stem from an architectural weakness in Windows' Remote Procedure ...
Windows Report

CISA Orders Urgent Patch for Actively Exploited Windows Shell Vulnerability

CISA orders urgent patching of a Windows Shell flaw actively exploited in zero-click attacks. Federal agencies must update by ...

Hackers Are Now Using Microsoft Teams to Breach Company Networks Without Using Any Exploits

A newly identified threat group, UNC6692, has been caught running a sophisticated cyberattack campaign that uses Microsoft ...

Incomplete fix for Fancy Bear exploit opens zero-click hole in Windows

Microsoft's partial patching in February 2026 of a zero-day vulnerability abused by Russian state-sponsored threat group ...
Security Boulevard

Microsoft’s April Security Update of High-Risk Vulnerability Notice for Multiple Products

Overview On April 15, NSFOCUS CERT detected that Microsoft released the April Security Update patch, fixing 165 security issues involving Windows, Microsoft Office, Microsoft SQL Server, Microsoft ...

Mythos: AI’s watershed moment or a security nightmare?

Claude Mythos or Mythos is US-based Anthropic's advanced AI model designed to handle complex cybersecurity tasks such as ...