When configuration becomes a vulnerability: Exploitable misconfigurations in AI apps
Exposed UIs, weak authentication, and risky defaults could turn cloud-native AI apps on Kubernetes into potential targets by threat actors. Learn how exploit...
Microsoft
20 articles
Windows DNS Client Security Flaw Exposes Systems to Remote Code Execution
Windows systems worldwide are at risk from a new critical flaw in the Windows DNS Client that could allow remote code execution without any user interaction....
FamousSparrow Targeted Oil and Gas Industry via MS Exchange Server Exploit
Bitdefender Labs reveals how the China-linked FamousSparrow hacking group targeted an Azerbaijani energy firm using ProxyNotShell, Deed RAT,…
Chinese APT Exploits Microsoft Exchange to Breach Energy Sector Network
Chinese state-aligned hackers compromised a Microsoft Exchange server at a major energy firm. They repeatedly reused that same entry point to run a months‑lo...
KongTuke hackers now use Microsoft Teams for corporate breaches
Initial access broker KongTuke has moved to Microsoft Teams for social engineering attacks, taking as little as five minutes to gain persistent access to cor...
What to do when your AI’s guardrails fail
I want to talk about the Microsoft 365 Copilot bug. Not because it was exceptional, but because what it exposed should change how every organization architec...
Microsoft’s WinUI agent plugin trims token use by over 70% during development
Microsoft published a plugin on May 13 that lets GitHub Copilot CLI and Claude Code drive the full WinUI 3 development cycle, from project scaffolding throug...
Microsoft Research: AI Can Generate Realistic Command-Line and Process Telemetry
A new approach showing how artificial intelligence can generate highly realistic command-line data and process telemetry potentially transforming how securit...
Microsoft patches 138 vulnerabilities as AI-driven discovery accelerates
Microsoft is poised to set a new record for yearly patching by having released patches for over 130 vulnerabilities as part of its May Patch Tuesday release,...
Microsoft turns Copilot Studio into an AI agent control center
The Microsoft Copilot Studio April 2026 updates improve visibility and governance for admins and expand workflow capabilities for managing agents. Copilot su...
Dell confirms its SupportAssist software causes Windows BSOD crashes
Dell confirmed that its SupportAssist software is causing blue-screen crashes on some Windows systems following a wave of user reports about random reboots a...
Windows Zero-Days Expose BitLocker Bypasses And CTFMON Privilege Escalation
An anonymous cybersecurity researcher who disclosed three Microsoft Defender vulnerabilities has returned with two more zero-days involving a BitLocker bypas...
Researcher Drops YellowKey, GreenPlasma Windows Zero-Days
YellowKey is a BitLocker bypass that requires physical access. GreenPlasma enables elevation of privileges to System.
Simple bypass of the link preview function in Outlook Junk folder, (Thu, May 14th)
Besides serving as a place where Microsoft Outlook places suspected spam, the Outlook Junk folder has one additional function that can be quite helpful when ...
Windows BitLocker 0-Day Vulnerability Exposes Encrypted Drives to Unauthorized Access
A newly disclosed Windows zero-day, YellowKey, is attracting significant attention because it can bypass BitLocker protection and expose data on encrypted dr...
Microsoft Patch Tuesday for May 2026 fix 138 bugs, some of them are alarming
Microsoft’s May 2026 Patch Tuesday fixed 138 flaws, including 30 critical bugs, across Windows, Office, Azure, Edge, SQL Server, and more. Microsoft’s May 20...
Windows 10 KB5087544 update fixes Remote Desktop warnings and Secure Boot reporting
The KB5087544 update for Windows 10, available for Enterprise LTSC and ESU program participants, primarily delivers security fixes and bug resolutions, addre...
Microsoft Teams Vulnerability Allows Hackers to Perform Spoofing Attacks
A newly discovered security flaw in Microsoft Teams for Android could allow attackers to carry out dangerous spoofing attacks. By exploiting improperly secur...
Windows BitLocker zero-day gives access to protected drives, PoC released
A cybersecurity researcher has published proof-of-concept (PoC) exploits for two unpatched Microsoft Windows vulnerabilities named YellowKey and GreenPlasma,...
Microsoft Releases Cumulative Update for Windows 11, Version 25H2 and 24H2
Microsoft has officially released its May 2026 Patch Tuesday updates, delivering critical security fixes and system improvements for multiple Windows 11 vers...