Microsoft Defender
Microsoft working on patch for RoguePlanet Defender zero-day (CVE-2026-50656)
Microsoft has acknowledged the local elevation of privilege issue in Microsoft Defender that can be triggered via the “RoguePlanet” exploit, and is “working …
Record Microsoft Patch Tuesday, fresh zero-day
Microsoft marked its largest-ever Patch Tuesday this month, by shipping fixes for nearly 200 vulnerabilities. Within hours, “Nightmare Eclipse”, the researcher …
Microsoft Defender Vulnerability Management gets a smarter exposure score
Microsoft Defender Vulnerability Management’s updated exposure score model adds vulnerability risk signals and asset context to help teams understand where risk is …
Microsoft Defender vulnerabilities exploited in the wild (CVE-2026-41091, CVE-2026-45498)
Attackers are exploiting two Microsoft Defender vulnerabilities (CVE-2026-41091 and CVE-2026-45498), Microsoft acknowledged and CISA confirmed by adding them to its Known …
DigiCert breached via malicious screensaver file
A targeted social engineering attack against DigiCert’s support channel led to the compromise of internal systems and the unauthorized issuance of EV Code Signing …
Researcher drops two more Microsoft Defender zero-days, all three now exploited in the wild
The security researcher who earlier this month published a proof-of-concept (PoC) exploit for a zero-day privilege escalation vulnerability in Microsoft Defender is back with …
AI-enabled device code phishing campaign exploits OAuth flow for account takeover
A phishing campaign that bypasses the standard 15-minute expiration window through automation and dynamic code generation, leveraging the OAuth Device Code Authentication flow …
New Defender deployment tool streamlines Windows device onboarding with single executable
Microsoft’s Defender deployment tool for Windows helps administrators manage device onboarding at scale with updated progress visibility and additional controls. Onboarding …
Microsoft Defender update lets SOC teams manage, vet response tools
Microsoft introduced library management in Microsoft Defender to help security analysts working with live response manage scripts and tools they use to triage, investigate and …
Project Ire: Microsoft’s autonomous malware detection AI agent
Microsoft is working on a AI agent whose main goal is autonomous malware detection and the prototype – dubbed Project Ire – is showing great potential, the company …
Microsoft introduces protection against email bombing
By the end of July 2025, all Microsoft Defender for Office 365 customers should be protected from email bombing attacks by default, Microsoft has announced on Monday. What is …
Microsoft fixes actively exploited zero-days (CVE-2024-43451, CVE-2024-49039)
November 2024 Patch Tuesday is here, and Microsoft has dropped fixes for 89 new security issues in its various products, two of which – CVE-2024-43451 and CVE-2024-49039 …
Featured news
Resources
Don't miss
- Law enforcement hits StealC and Amadey malware networks
- Cisco Unified CM flaw actively exploited to drop webshells (CVE-2026-20230)
- Where IT meets OT and railway cybersecurity gets harder
- Praxen: Open-source AI agent behavior verification
- Product showcase: How to evaluate AI SOC platforms and where Prophet AI leads