Microsoft
Microsoft releases urgent fix for actively exploited WSUS vulnerability (CVE-2025-59287)
Microsoft has released an out-of-band security update that “comprehensively” addresses CVE-2025-59287, a remote code execution vulnerability in the Windows Server …
What Microsoft’s 2025 report reveals about the new rules of engagement in cyberdefense
Adversaries are using AI to sharpen attacks, automate operations, and challenge long-standing defenses, according to a new Microsoft report. Researchers describe a year in …
Microsoft revokes 200 certs used to sign malicious Teams installers
By revoking 200 software-signing certificates, Microsoft has hampered the activities of Vanilla Tempest, a ransomware-wielding threat actor that has been targeting …
Microsoft patches three zero-days actively exploited by attackers
On October 2025 Patch Tuesday, Microsoft released fixes for 175+ vulnerabilities, including three zero-days under active attack: CVE-2025-24990, CVE-2025-59230, and …
October 2025 Patch Tuesday forecast: The end of a decade with Microsoft
A lot of classic software is reaching end-of-life (EOL) this month. Windows 10, Office 2016 and Exchange Server 2016 have survived after nearly a decade of service. Not far …
European Windows 10 users get an additional year of free security updates
Windows 10 users in the European Economic Area (EEA) will be able to receive extended security updates until October 14, 2026, without having to pay for them or to back up …
Microsoft spots LLM-obfuscated phishing attack
Cybercriminals are increasingly using AI-powered tools and (malicious) large language models to create convincing, error-free emails, deepfakes, online personas, …
Microsoft disrupts the RaccoonO365 Phishing-as-a-Service operation, names alleged leader
Microsoft and Cloudflare have disrupted a Phishing-as-a-Service operation selling the RaccoonO365 kit for stealing Microsoft 365 account credentials. “Using a court …
September 2025 Patch Tuesday forecast: The CVE matrix
September 2025 Patch Tuesday is now live: Microsoft, Adobe, SAP deliver critical fixes for September 2025 Patch Tuesday We work in an industry driven by Common Vulnerabilities …
Fake macOS help sites push Shamos infostealer via ClickFix technique
Criminals are taking advantage of macOS users’ need to resolve technical issues to get them to infect their machines with the Shamos infostealer, Crowdstrike researchers …
Free courses: Master AI tools from Microsoft, AWS, and Google
Learn how AI technologies can be applied to enhance security, create safe and responsible applications, develop intelligent agents, and improve information discovery. …
Microsoft fixes “BadSuccessor” Kerberos vulnerability (CVE-2025-53779)
For August 2025 Patch Tuesday, Microsoft has released security updates resolving 100+ security vulnerabilities in its various solutions, including a relative path traversal …
Featured news
Resources
Don't miss
- Turning expertise into opportunity for women in cybersecurity
- Open-source tool Sage puts a security layer between AI agents and the OS
- Iran-linked APT targets US critical sectors with new backdoors
- March 2026 Patch Tuesday forecast: Is AI security an oxymoron?
- Backup strategies are working, and ransomware gangs are responding with data theft