Hackers Use PyInstaller and AMSI Patching to Deliver XWorm RAT v7.4
Hackers are hiding XWorm malware in PyInstaller files to bypass Windows security, steal data and remotely control devices through ads.
Microsoft
20 articles
Microsoft caves in: Edge to stop loading passwords in memory on startup
Microsoft is updating the Edge web browser to ensure it no longer loads saved passwords into process memory in clear text at startup. [.
Microsoft Edge to stop loading cleartext passwords in memory on startup
Microsoft is updating the Edge web browser to ensure it no longer loads saved passwords into process memory in clear text at startup. [.
CVE-2026-42897: Microsoft confirms active exploitation of Exchange Server zero-day
Microsoft warned that attackers are exploiting a new Exchange Server zero-day vulnerability, tracked as CVE-2026-42897, in the wild. Microsoft warned that th...
Microsoft Reports Severe Zero-Day Flaw in On-Prem Exchange Servers
The zero-day vulnerability affects on-premises installations for all versions of Exchange Server 2016, 2019 and Subscription Edition
Microsoft to automatically roll back faulty Windows drivers
Microsoft is introducing a new Windows Update capability that will allow it to remotely roll back problematic Windows drivers delivered through Windows Updat...
Hackers Exploit OAuth Device Flow to Steal Microsoft 365 Tokens
Hackers are rapidly weaponizing a little-known Microsoft authentication feature to hijack enterprise accounts, as device code phishing surges across the thre...
Microsoft Warns of Exchange Server Zero-Day Exploited in the Wild
Microsoft has shared mitigations for CVE-2026-42897 until a permanent patch can be released for affected Exchange Server versions. The post Microsoft Warns o...
CalPhishing Scam Uses EvilTokens Kit, Outlook Invites to Steal M365 Sessions
Hackers are exploiting Outlook calendar invites and device code phishing to steal M365 session tokens, bypass MFA and breach enterprise accounts.
Microsoft Warns HPE Operations Agent Abused in Malware-Free Attacks
Microsoft has revealed a stealthy intrusion campaign where attackers bypassed traditional malware and exploits, instead abusing trusted enterprise tools to s...
Unpatched Microsoft Exchange Server vulnerability exploited (CVE-2026-42897)
A critical cross-site scripting (XSS) vulnerability (CVE-2026-42897) in Microsoft Exchange Server is being exploited by attackers, Microsoft warned on Thursd...
Microsoft warns of Exchange zero-day flaw exploited in attacks
On Thursday, Microsoft shared mitigations for a high-severity Exchange Server vulnerability exploited in attacks that allow threat actors to execute arbitrar...
Microsoft Edge, Windows 11, and LiteLLM Fall to Exploits at Pwn2Own Berlin 2026
The world’s top ethical hackers wasted no time breaking into modern software and AI systems on the opening day of Pwn2Own Berlin 2026, exposing critical zero...
Tycoon 2FA Operators Use OAuth Device Code Phishing to Bypass MFA
A new phishing campaign uncovered in late April 2026 shows how threat actors behind the Tycoon 2FA Phishing-as-a-Service (PhaaS) kit are evolving beyond trad...
Google Patches 79 Chrome Security Vulnerabilities, 14 Rated Critical
Google has rolled out a major Chrome security update, fixing 79 vulnerabilities in the Stable channel, including 14 critical flaws that could allow attackers...
Researchers uncover YellowKey and GreenPlasma Windows Zero-Days
Researchers disclosed two new Windows zero-days named YellowKey and GreenPlasma affecting BitLocker and the CTFMON framework. A security researcher known as ...
On-Prem Microsoft Exchange Server CVE-2026-42897 Exploited via Crafted Email
Microsoft has disclosed a new security vulnerability impacting on-premise versions of Exchange Server that it said has come under active exploitation in the ...
Microsoft Exposes Kazuar Malware’s Modular P2P Botnet Architecture
Microsoft has revealed new technical insights into Kazuar, a long-running malware linked to the Russian state-backed group Secret Blizzard, highlighting its ...
Dell SupportAssist Update Forces Windows Systems Into BSOD Loop
A faulty update to Dell’s SupportAssist Remediation service is triggering widespread system crashes, forcing thousands of Dell and Alienware devices into con...
[local] Remote Sunrise Helper for Windows 2026.14 - Unauthenticated File/Directory Listing
Remote Sunrise Helper for Windows 2026.