Help Net Security newsletters: Daily and weekly news, cybersecurity jobs, open source projects, breaking news – subscribe here!

Please turn on your JavaScript for this page to function normally.

Microsoft

Linux
Dirty Frag: Unpatched Linux vulnerability delivers root access

A week after Copy Fail, another Linux local privilege escalation vulnerability dubbed “Dirty Frag” has been revealed, along with a PoC exploit. What is Dirty Frag …

button
One keypress is all it takes to compromise four AI coding tools

Developers clone unfamiliar repositories all the time. Open-source projects, work from teammates, sample code from a tutorial, a library someone recommended on a forum. The …

Microsoft Teams
Teams calls are about to get a lot harder to fake

Microsoft Teams Calling is getting a new feature that will warn users about suspicious inbound VoIP calls from first-time external callers who might be impersonating trusted brands.

phishing
Microsoft: Phishing campaign used fake compliance notices to compromise employee accounts

Phishers have been using fake workplace compliance notices to try to trick Microsoft account owners into signing in via a fake sign-in page, says the company’s Defender …

Visual Studio Code
Visual Studio Code 1.118 adds auto model selection to Copilot CLI

Microsoft’s editor releases continue on a monthly cadence, with the Insiders build of Visual Studio Code 1.118. The update concentrates on the Copilot CLI integration, …

Microsoft Visual Studio 2026
Visual Studio cloud agents now run inside GitHub Copilot

Microsoft’s April update to Visual Studio introduces cloud agent integration in GitHub Copilot, enabling developers to offload tasks to remote infrastructure for scalable, …

Scott Schnoll
The Exchange Online security controls organizations keep getting wrong

In this Help Net Security interview, Scott Schnoll, Microsoft MVP for Exchange, breaks down the Shared Responsibility Model, where Microsoft secures the cloud while …

Inspect
AI prompt confidentiality and false citations worry researchers

Academic researchers using commercial AI tools for literature review and idea generation are sending unpublished research questions, draft hypotheses, and proprietary domain …

Kaja Ciglic
AI is speeding up nation-state cyber programs

In this Help Net Security interview, Kaja Ciglic, Senior Director, Cybersecurity Policy and Diplomacy at Microsoft, discusses how nation-state cyber programs have changed over …

OneDrive
OneDrive updates focus on AI, access control, and compliance

Microsoft OneDrive’s recent updates focus on improving intelligence, collaboration, and administrative control. “Last year, we made a promise: your files should work for you, …

Microsoft Windows Defender
Researcher drops two more Microsoft Defender zero-days, all three now exploited in the wild

The security researcher who earlier this month published a proof-of-concept (PoC) exploit for a zero-day privilege escalation vulnerability in Microsoft Defender is back with …

Microsoft
Windows is getting stronger RDP file protections to fight phishing attacks

Microsoft has introduced new Windows protections starting with the April 2026 security update to reduce phishing attacks that abuse Remote Desktop (.rdp) files. With these …

Featured news

Resources

Don't miss

Cybersecurity news
Daily newsletter sent Monday-Friday
Weekly newsletter sent on Mondays
Editor's choice newsletter sent twice a month
Periodical newsletter released for important security events and breaking news
Weekly newsletter listing new cybersecurity job positions
Monthly newsletter focusing on open source cybersecurity tools