Skip to main content
FreeIntelHub
Feed Threat Feed Search Trending
Intelligence CVE Priority Vulnerability IOC Lookup IOC Feed YARA Rules Phishing Lookup Exploit Lookup Pastes Dark Web
Adversaries Threat Groups Software Campaigns
Explore Dashboard Geo Map Heatmap MITRE ATT&CK
Browse Sources Vendors Categories Sectors
RSS API
FreeIntelHub
/
Sign In

Microsoft

20 articles

Check Point Research Ransomware Microsoft Linux Apr 20

DFIR Report – The Gentlemen & SystemBC: A Sneak Peek Behind the Proxy

Key Points The Gentlemen RaaS The Gentlemen ransomware‑as‑a‑service (RaaS) operation is a relatively new group that emerged around mid‑2025. The operators ad...

T1588

Check Point Research →

Rapid7 Blog Vulnerability Disclosure Microsoft Rapid7 Apr 17

Metasploit Wrap-Up 04/17/2026

Happy Friday - Seven New Metasploit Modules We’re happy to announce that Metasploit Framework had a big week, landing seven new modules alongside various bug...

T1053

Rapid7 Blog →

Graham Cluley General Microsoft Apr 16

Sometimes changing the password on your email mailbox isn’t enough

Have you ever taken a look at your Microsoft 365 mailbox rules? If not, it might be worth a few minutes of your time.

T1598

Graham Cluley →

Infosecurity Magazine Zero-Day Microsoft Amazon Apr 15

Microsoft Fixes Two Zero-Days in April Patch Tuesday

Microsoft has patched two zero-day flaws and over 160 others

Infosecurity Magazine →

Zero Day Initiative CVE Microsoft Apr 15

ZDI-26-281: Microsoft vcpkg OpenSSL Uncontrolled Search Path Element Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on applications built using the Microsoft vcpkg port of OpenSSL. An attacker must first obta...

T1548 T1068 1 IOC

Zero Day Initiative →

Zero Day Initiative CVE Microsoft Apr 15

ZDI-26-279: Microsoft Windows Snipping Tool Improper Input Validation Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Windows. User interaction is required to exploit ...

T1190 1 IOC

Zero Day Initiative →

Zero Day Initiative CVE Microsoft Apr 15

ZDI-26-278: Microsoft Windows win32kfull Improper Locking Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to...

T1548 T1068 1 IOC

Zero Day Initiative →

Zero Day Initiative CVE Microsoft Apr 15

ZDI-26-277: Microsoft Windows afd.sys Race Condition Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to...

T1548 T1068 1 IOC

Zero Day Initiative →

Zero Day Initiative CVE Microsoft Linux Apr 15

ZDI-26-276: Microsoft Windows Secure Kernel Double Free Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to...

T1548 T1068 1 IOC

Zero Day Initiative →

Zero Day Initiative Vulnerability Disclosure Microsoft Apr 15

ZDI-26-275: Microsoft Qlib _mount_nfs_uri Command Injection Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Microsoft Qlib. Authentication is not required to...

T1190 T1059

Zero Day Initiative →

Zero Day Initiative Vulnerability Disclosure Microsoft Apr 15

ZDI-26-274: Microsoft Qlib fit Deserialization of Untrusted Data Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Qlib. User interaction is required to exploit thi...

T1190

Zero Day Initiative →

Zero Day Initiative Vulnerability Disclosure Microsoft Apr 15

ZDI-26-273: Microsoft Olive Deserialization of Untrusted Data Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Olive. User interaction is required to exploit th...

T1190

Zero Day Initiative →

Zero Day Initiative Vulnerability Disclosure Microsoft Docker Apr 15

ZDI-26-259: (0Day) Docker Desktop cli-plugins Incorrect Permission Assignment Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Docker Desktop for Windows. An attacker must first obtain the a...

T1548 T1068

Zero Day Initiative →

Zero Day Initiative Vulnerability Disclosure Microsoft Docker Apr 15

ZDI-26-258: (0Day) Docker Desktop extension-manager Exposed Dangerous Function Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Docker Desktop for Windows. An attacker must first obtain the a...

T1548 T1068

Zero Day Initiative →

Rapid7 Blog Advisory Microsoft Apr 14

Patch Tuesday - April 2026

Microsoft is publishing 167 vulnerabilities on April 2026 Patch Tuesday. Microsoft is aware of exploitation in the wild for one of today’s vulnerabilities, a...

Rapid7 Blog →

Krebs on Security Zero-Day Microsoft Google Adobe Apr 14

Patch Tuesday, April 2026 Edition

Microsoft today pushed software updates to fix a staggering 167 security vulnerabilities in its Windows operating systems and related software, including a S...

T1190

Krebs on Security →

Qualys Blog Zero-Day Microsoft Adobe Apr 14

Microsoft and Adobe Patch Tuesday, April 2026 Security Update Review

April 2026’s Patch Tuesday arrives with Microsoft addressing a fresh set of vulnerabilities across its ecosystem, reinforcing the ongoing need for timely pat...

Qualys Blog →

Qualys Blog General Microsoft Qualys Apr 13

Anatomy of an Autonomous AI Agent Risk: How Qualys ETM Connects the Dots on OpenClaw

Executive Summary An unauthorized OpenClaw AI agent was detected disguised as a routine package on a Windows Server host. The situation escalated into a prio...

Qualys Blog →

Infosecurity Magazine General Microsoft Apr 13

Mailbox Rule Abuse Emerges as Stealthy Post-Compromise Threat

Attackers are abusing Microsoft 365 mailbox rules to hide activity, exfiltrate data and retain access after account compromise, researchers warn

T1041

Infosecurity Magazine →

Google Security Blog General Microsoft Google Apple Apr 9

Protecting Cookies with Device Bound Session Credentials

Posted by Ben Ackerman, Chrome team, Daniel Rubery, Chrome team and Guillaume Ehinger, Google Account Security team Following our April 2024 announcement, De...

Google Security Blog →

«Previous page 1 ... 40 41 42 43 44 Next page»
FreeIntelHub · Open-source CTI platform

All articles belong to their respective owners. FreeIntelHub aggregates publicly available RSS feeds for informational purposes only. DMCA