Microsoft
New “HashJack” attack can hijack AI browsers and assistants
Security researchers at Cato Networks have uncovered a new indirect prompt injection technique that can force popular AI browsers and assistants to deliver phishing links or …
Microsoft cracks down on malicious meeting invites
Phishing is shifting into places people rarely check. Meeting invites that plant themselves on calendars can survive long after the malicious email is gone. That leaves a …
BlueCodeAgent helps developers secure AI-generated code
When AI models generate code, they deliver power and risk at the same time for security teams. That tension is at the heart of the new tool called BlueCodeAgent, designed to …
The next tech divide is written in AI diffusion
AI is spreading faster than any major technology in history, according to a Microsoft report. More than 1.2 billion people have used an AI tool within three years of the first …
Patch Tuesday: Microsoft fixes actively exploited Windows kernel vulnerability (CVE-2025-62215)
Microsoft has delivered a rather light load of patches for November 2025 Patch Tuesday: some 60+ vulnerabilities have received a fix, among them an actively exploited Windows …
November 2025 Patch Tuesday forecast: Windows Exchange Server EOL?
November 2025 Patch Tuesday is now live: Patch Tuesday: Microsoft fixes actively exploited Windows kernel vulnerability (CVE-2025-62215) October 2025 Patch Tuesday was one for …
Veeam App for Microsoft Sentinel brings backup intelligence directly into the SOC
Veeam Software launched its new Veeam App for Microsoft Sentinel. The solution provides advanced integration with Veeam Data Platform and empowers organizations to detect, …
Microsoft releases urgent fix for actively exploited WSUS vulnerability (CVE-2025-59287)
Microsoft has released an out-of-band security update that “comprehensively” addresses CVE-2025-59287, a remote code execution vulnerability in the Windows Server …
What Microsoft’s 2025 report reveals about the new rules of engagement in cyberdefense
Adversaries are using AI to sharpen attacks, automate operations, and challenge long-standing defenses, according to a new Microsoft report. Researchers describe a year in …
Microsoft revokes 200 certs used to sign malicious Teams installers
By revoking 200 software-signing certificates, Microsoft has hampered the activities of Vanilla Tempest, a ransomware-wielding threat actor that has been targeting …
Microsoft patches three zero-days actively exploited by attackers
On October 2025 Patch Tuesday, Microsoft released fixes for 175+ vulnerabilities, including three zero-days under active attack: CVE-2025-24990, CVE-2025-59230, and …
October 2025 Patch Tuesday forecast: The end of a decade with Microsoft
A lot of classic software is reaching end-of-life (EOL) this month. Windows 10, Office 2016 and Exchange Server 2016 have survived after nearly a decade of service. Not far …
Featured news
Resources
Don't miss
- Google fixes Android vulnerabilities “under targeted exploitation” (CVE-2025-48633, CVE-2025-48572)
- How a noisy ransomware intrusion exposed a long-term espionage foothold
- Creative cybersecurity strategies for resource-constrained institutions
- Product showcase: UserLock IAM for Active Directory
- Cryptomixer crypto laundering service taken down by law enforcement