This month’s Microsoft Patch Tuesday looks like a record one, but let’s look at it a bit closer to understand what is happening The update patches a total of 243 vulnerabilities. However, 78 of them are Chromium issues affecting Microsoft Edge. Patches for Edge were released earlier. This leaves 165 vulnerabilities that are not Edge-related.…
Tag: Microsoft
Global Security News
Microsoft April Patch Tuesday Reveals 167 Vulnerabilities
GUEST OPINION: Microsoft is publishing 167 vulnerabilities on April 2026 Patch Tuesday.
AI, Global Security News, Risk Management
Microsoft is developing Copilot features inspired by Openclaw
Microsoft is testing new features for Microsoft 365 Copilot inspired by the open-source platform Openclaw, according to The Information. The goal is to make the AI assistant more autonomous so it can perform tasks automatically on behalf of the user. The technology behind Openclaw gained popularity earlier this year; it allows users to build AI…
AI, Global Security News
Microsoft rolls out fast-track to reinstate Windows hardware dev accounts
Microsoft has rolled out a fast-track process to help developers regain access to accounts recently suspended from its Windows Hardware Program, following widespread complaints that they were locked out without warning. […]
AI, Global Security News
Global RAM shortage prompts Microsoft to hike Surface prices
Microsoft has decided to drastically raise the prices of its Surface series computers, according to Windows Central. As a result, the flagship models of the Surface Laptop and Surface Pro now cost $1,499 — $500 more than they did at launch in 2024. The main reason for the price hikes is tied to the global…
AI, Global Security News
DavMail 6.6.0 patches a regex flaw and advances its Microsoft Graph backend
Organizations that run DavMail to bridge standard mail clients to Microsoft Exchange or Office 365 received an update this week. Version 6.6.0 addresses a code-scanning alert tied to a regex vulnerability, adjusts OAuth redirect handling to match a recent Microsoft change, and ships fixes across IMAP, SMTP, CalDAV, and CardDAV subsystems. A regex replacement closes…
AI, Apps, Cybersecurity, Exploits, Global Security News, malware, Network Security, Risk Management
U.S. CISA adds Adobe, Fortinet, Microsoft Exchange Server, and Microsoft Windows flaws to its Known Exploited Vulnerabilities catalog
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Adobe, Fortinet, Microsoft Exchange Server, and Microsoft Windows flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Apple, Laravel Livewire and Craft CMS flaws to its Known Exploited Vulnerabilities (KEV) catalog. Below are the flaws added to the catalog: CVE-2026-34621 Adobe Acrobat…
AI, Global Security News
Mailbox Rule Abuse Emerges as Stealthy Post-Compromise Threat
Attackers are abusing Microsoft 365 mailbox rules to hide activity, exfiltrate data and retain access after account compromise, researchers warn
AI, Global Security News
Microsoft adds hidden feature flags to Windows Insider builds
Microsoft Windows Insider members will soon have an easy way to select which new features they test. Until now, Windows Insiders have had to wait for Microsoft to randomly assign them news features for testing through its Controlled Feature Rollout program or enable the features themselves through third-party software such as ViVeTool. The new Windows…
AI, Global Security News
Microsoft suspends dev accounts for high-profile open source projects
Microsoft has suspended developer accounts used to maintain multiple high-profile open-source projects without proper notification and no way to quickly reinstate them, effectively blocking them from publishing new software builds and security patches for Windows users. […]
AI, Compliance, Cybersecurity, Europe, Global Security News, Network Security, privacy
Questions raised about how LinkedIn uses the petabytes of data it collects
Through LinkedIn’s more than one billion business users, the Microsoft unit has access to a vast array of personally-identifiable information, including data that could identify religious and political positions. What is less clear is what LinkedIn does with all of that data. A small European company that sells a browser extension to leverage different aspects…
AI, Compliance, Cybersecurity, Europe, Global Security News, Network Security, privacy
Questions raised about how LinkedIn uses the petabytes of data it collects
Through LinkedIn’s more than one billion business users, the Microsoft unit has access to a vast array of personally-identifiable information, including data that could identify religious and political positions. What is less clear is what LinkedIn does with all of that data. A small European company that sells a browser extension to leverage different aspects…
AI, Exploits, Global Security News
Storm-1175 Deploys Medusa Ransomware Within 24 Hours of Flaw Disclosure
Microsoft researchers have uncovered a fast-moving group, Storm-1175, launching high-speed Medusa ransomware attacks against healthcare and education sectors in the UK, US, and Australia by exploiting security flaws in as little as 24 hours.
Global Security News, Russia
Russian Forest Blizzard Hackers Hijack Home Routers for Global Spying
Microsoft Threat Intelligence reveals how Russian hacking group Forest Blizzard uses home routers for DNS hijacking and spying.
AI, Apps, Compliance, Exploits, Global Security News, Risk Management
Microsoft’s new Agent Governance Toolkit targets top OWASP risks for AI agents
Microsoft has quietly introduced the Agent Governance Toolkit, an open-source project designed to monitor and control AI agents during execution as enterprises try to move them into production workflows. The toolkit, which is a response to the Open Worldwide Application Security Project’s (OWASP) emerging focus on AI and LLM security risks, adds a runtime security…
AI, Apps, Compliance, Exploits, Global Security News, Risk Management
Microsoft’s new Agent Governance Toolkit targets top OWASP risks for AI agents
Microsoft has quietly introduced the Agent Governance Toolkit, an open-source project designed to monitor and control AI agents during execution as enterprises try to move them into production workflows. The toolkit, which is a response to the Open Worldwide Application Security Project’s (OWASP) emerging focus on AI and LLM security risks, adds a runtime security…
Global Security News
Microsoft rolls out fix for broken Windows Start Menu search
Microsoft has pushed a server-side fix for a known issue that broke the Windows Start Menu search feature on some Windows 11 23H2 devices. […]
AI, Exploits, Global Security News
Storm-1175 Deploys Medusa Ransomware at ‘High Velocity’
Microsoft says the financially motivated cybercrime group has exploited N-day and zero-day vulnerabilities in campaigns predicated on speed.
AI, Cybersecurity, Data Breaches, Exploits, Global Security News, Network Security, Risk Management
Microsoft says Medusa-linked Storm-1175 is speeding ransomware attacks
Microsoft has warned that Storm-1175, a cybercrime group linked to Medusa ransomware, is exploiting vulnerable web-facing systems in fast-moving attacks, at times moving from initial access to data theft and ransomware deployment within 24 hours. The company said the group has heavily targeted organizations in healthcare, education, professional services, and finance across Australia, the UK,…
Global Security News
Storm-1175 Exploits Flaws in High-Velocity Medusa Attacks
Microsoft has released a new report about the Storm-1175 group and its connection to Medusa ransomware
AI, Global Security News
Microsoft fixes Classic Outlook bug causing email delivery issues
Microsoft has resolved a known issue that was preventing some Classic Outlook users from sending emails via Outlook.com. […]
AI, Global Security News
Iran-Linked Password-Spraying Campaign Targets 300+ Israeli Microsoft 365 Organizations
An Iran-nexus threat actor is suspected to be behind a password-spraying campaign targeting Microsoft 365 environments in Israel and the U.A.E. amid ongoing conflict in the Middle East. The activity, assessed to be ongoing, was carried out in three distinct attack waves that took place on March 3, March 13, and March 23, 2026, per Check Point. “The campaign is…
Global Security News
Microsoft removes Support and Recovery Assistant from Windows
Microsoft has deprecated and removed the Support and Recovery Assistant (SaRA) command-line utility from all in-support versions of Windows updates starting March 10. […]
china, Exploits, Global Security News
Microsoft links Medusa ransomware affiliate to zero-day attacks
Microsoft says that Storm-1175, a China-based financially motivated cybercriminal group known for deploying Medusa ransomware payloads, has been deploying n-day and zero-day exploits in high-velocity attacks. […]
Global Security News
CrowdStrike Next-Gen SIEM Can Now Ingest Microsoft Defender Telemetry
Once CrowdStrike’s nemesis, Microsoft is now a collaborator. A shared interest in Formula 1 helped thaw the years-long fierce rivalry.
AI, Global Security News
Microsoft still working to fix Exchange Online mailbox access issues
Microsoft is investigating and working to resolve Exchange Online mailbox access issues that have intermittently affected Outlook mobile and macOS users for weeks. […]
Global Security News
Microsoft now force upgrades unmanaged Windows 11 24H2 PCs
Starting this week, Microsoft has begun force-upgrading unmanaged devices running Windows 11 24H2 Home and Pro editions to Windows 11 25H2. […]
AI, APAC, Apps, Compliance, Endpoint, Global Security News, Government & Policy, Network Security, privacy, Risk Management
Microsoft 365 explained: Office 365, rebranded and expanded
Microsoft 365 arrived to much fanfare at its launch in July 2017, with Microsoft CEO Satya Nadella promising a “fundamental departure” in how the company thinks about product creation. Nearly nine years later, Microsoft 365 has become Microsoft’s core brand for workplace productivity software, having largely replaced the Office 365 branding long associated with the…
AI, Compliance, Global Security News, Network Security, Risk Management
Microsoft builds its own AI stack to help wean it from its reliance on OpenAI
Microsoft seems to be meeting OpenAI on its own turf, even as it continues its strategic partnership with the AI darling, with the release of three in-house, commercially-available AI models. MAI-Transcribe-1 (for speech transcription), MAI-Voice-1 (for voice generation), and MAI-Image-2 (for image creation) are now available on Microsoft Foundry and the MAI Playground. These new…
Global Security News, malware
Microsoft Warns of WhatsApp Attachments Spreading Backdoor on Windows PCs
Microsoft warns of a WhatsApp attachments spreading VBS malware that installs backdoors on Windows PCs, giving hackers remote access and control systems.
AI, Global Security News
Microsoft links Classic Outlook issue to email delivery problems
Microsoft is investigating a known issue that prevents some Classic Outlook users from sending emails via Outlook.com. […]
AI, Global Security News
Microsoft Warns of WhatsApp-Delivered VBS Malware Hijacking Windows via UAC Bypass
Microsoft is calling attention to a new campaign that has leveraged WhatsApp messages to distribute malicious Visual Basic Script (VBS) files. The activity, beginning in late February 2026, leverages these scripts to initiate a multi-stage infection chain for establishing persistence and enabling remote access. It’s currently not known what lures the threat actors use to…
AI, Exploits, Global Security News, malware
WhatsApp malware campaign uses malicious VBS files to gain persistent access
Microsoft is warning WhatsApp users of a new malware campaign that tricks them into executing malicious Visual Basic Script (VBS) files, ultimately enabling persistence and remote access. In a March 31 report, Microsoft Defender Experts said attackers have been distributing malicious Visual Basic Script (VBS) files through WhatsApp since at least late February, relying on…
Global Security News
New Windows 11 emergency update fixes preview update install issues
Microsoft released an emergency update to fix the March 2026 KB5079391 non-security preview update, which was pulled over the weekend due to installation issues. […]
AI, Global Security News
Mimecast makes enterprise email security deployable in minutes
Most organizations running Microsoft 365 rely on native email controls as their primary line of defense. According to Mimecast research, 38% of organizations depend exclusively on those native controls for collaboration security, and 64% say those controls are insufficient against the threat landscape. Ranjan Singh, Chief Product and Technology Officer at Mimecast, outlines how the…
AI, Europe, Global Security News, Government & Policy, Network Security, Risk Management
Microsoft facing CMA probe of its business software portfolio
The regulatory body which last year accused Microsoft of inflating its office software’s license prices when it was run on rival cloud platforms to make those platforms less appealing, said Tuesday it will conduct a further investigation into the company’s entire business software ecosystem. The probe by the UK’s Competition and Markets Authority (CMA), scheduled…
AI, Apps, Cybersecurity, Data Breaches, Endpoint, Exploits, Global Security News, Government & Policy, malware, Network Security
The Invisible Breach: How AI Agents Became the Most Dangerous Attack Surface of 2025–2026
The Attack That Requires No Click In June 2025, Microsoft patched a critical vulnerability in Microsoft 365 Copilot — one that its discoverers at Aim Security described as something that had never been seen before. A threat actor needed only to send a carefully crafted email to any employee within a target organization. No link.…
Global Security News
Windows 11 gets a rebuilt console engine with regex search, Sixel images and a 10x speed boost
Microsoft released Windows 11 Insider Preview Build 29558.1000 to the Canary Channel, part of the optional 29500 build series. The build carries a set of changes focused on the Windows Console, a handful of bug fixes, and small improvements to Settings and disk utilities. A rebuilt console The bulk of this build centers on the…
AI, Global Security News
Microsoft fixes Outlook Classic crashes caused by Teams Meeting add-in
Microsoft has resolved a known issue that rendered the classic Outlook email client unusable for users who enabled the Microsoft Teams Meeting Add-in. […]
AI, Compliance, Global Security News, Risk Management
Microsoft adds multi-model AI to Copilot Researcher, raising accuracy stakes
Microsoft is expanding its Microsoft 365 Copilot “Researcher” agent with new multi-model capabilities designed to improve the accuracy and depth of AI-generated research outputs. The update introduces a “Critique” system that assigns separate roles for generation and evaluation, alongside a “Council” feature that compares outputs from multiple models and highlights agreement, divergence, and unique insights.…
Global Security News
Microsoft pulls KB5079391 Windows update over install issues
Microsoft has pulled a buggy Windows 11 non-security preview update to investigate a known issue that triggers 0x80073712 errors during installation. […]
AI, Apps, Compliance, Data Breaches, Endpoint, Exploits, Global Security News, malware, Risk Management
A critical Windows security fix puts legacy hardware on borrowed time
Microsoft is finally blocking a long-since retired program that it said led to “abuse and credential theft,” yet remained widely trusted for years. Beginning in April, Redmond will remove trust for kernel drivers that haven’t been vetted through its Windows Hardware Compatibility Program (WHCP). The company is specifically targeting kernel drivers signed by the now…
Global Security News
Windows 11 KB5079391 update rolls out Smart App Control improvements
Microsoft has released the KB5079391 preview cumulative update for Windows 11 24H2 and 25H2, which includes 29 changes, such as Smart App Control and Display improvements. […]
AI, Apps, Endpoint, Global Security News, Risk Management
Active Directory Risks Reshaping M365 Migrations for MSPs
As Microsoft 365 migrations accelerate, many IT teams and MSPs are discovering that identity, not productivity workloads, is the biggest source of risk. While email and collaboration tools are often straightforward to move, Active Directory environments introduce hidden complexity that can disrupt users, security, and access if handled incorrectly. In this Q&A, BitTitan’s Aaron Wadsworth…
AI, Global Security News
Bubble AI app builder abused to steal Microsoft account credentials
Threat actors are evading phishing detection in campaigns targeting Microsoft accounts by abusing the no-code app-building platform Bubble to generate and host malicious web apps. […]
AI, APAC, Global Security News
Microsoft backtracks on Copilot Chat access in M365 apps
Microsoft is set to remove Copilot Chat access within Microsoft 365 apps such as Word, Excel, and PowerPoint for large M365 commercial customers starting April 15 — a “mystifying backtrack,” according to one technology industry analyst. Copilot Chat is essentially a freemium version of the paid Microsoft 365 Copilot, which costs $30 per user per…
AI, Global Security News
Microsoft fixes bug causing Classic Outlook sync issues with Gmail
Microsoft has fixed a known issue causing Gmail and Yahoo email synchronization and connection problems for classic Outlook users. […]
AI, APAC, Apps, Global Security News
Microsoft maps Windows 11 quality overhaul after acknowledging gaps
Microsoft is planning a broad push to improve Windows 11. The development comes just months after the company publicly admitted that the operating system fell short on performance, following user criticism. Users have been experiencing inconsistencies, recurring bugs, and performance issues. The company has now outlined a clear roadmap to enhance performance and reliability. The…
Global Security News
New Microsoft and Rubrik Integration Delivers Complete Identity Attack Response
Microsoft Defender and Rubrik Identity Resilience create a unified detection-to-recovery offering; customers achieve trusted recovery in hours instead of days
AI, Cybersecurity, Exploits, Global Security News, Government & Policy
An AI-powered phishing campaign has compromised hundreds of organizations
A phishing campaign tied to AI cloud-hosting service Railway has given hackers access to the Microsoft cloud accounts for hundreds of businesses, according to researchers at Huntress. Rich Mozeleski, product manager for Huntress’ identity team, told CyberScoop the campaign is currently tied to a smaller actor and approximately a dozen IP addresses, but has managed…
Global Security News
Yubico Expands Enrolment Services to Accelerate Enterprises to Phishing Resistance and Passwordless
New enrollment options simplify user enrollment for YubiKeys, fast-tracking Microsoft and Ping Identity customers to passwordless authentication
AI, Global Security News
Microsoft Exchange Online service change causes email access issues
Microsoft is working to address an ongoing service issue that has intermittently prevented some users from accessing their cloud-based Exchange Online mailboxes via Outlook mobile and Mac desktop clients since Thursday. […]
AI, Global Security News, malware
Microsoft Warns IRS Phishing Hits 29,000 Users, Deploys RMM Malware
Microsoft has warned of fresh campaigns that are capitalizing on the upcoming tax season in the U.S. to harvest credentials and deliver malware. The email campaigns take advantage of the urgency and time-sensitive nature of emails to send phishing messages masquerading as refund notices, payroll forms, filing reminders, and requests from tax professionals to deceive…
Global Security News
New KB5085516 emergency update fixes Microsoft account sign-in
Microsoft has released an emergency update to address a major issue that breaks sign-ins with Microsoft accounts across multiple Microsoft apps, including Teams and OneDrive. […]
AI, Global Security News
Microsoft Azure Monitor alerts abused in callback phishing campaigns
Microsoft Azure Monitor alerts are being abused to send callback phishing emails that impersonate warnings from the Microsoft Security Team about unauthorized charges on your account. […]
AI, Europe, Global Security News
Microsoft won’t force Copilot in everywhere after all
Microsoft has temporarily halted automatic installation of the Microsoft 365 Copilot app on Windows devices with Microsoft 365 desktop apps. The company announced the change via an update in Microsoft 365 Message Centre, but offered no indication when the measure would be reactivated. However, existing installations of the app will not be affected. “Automatic installation…
Global Security News
Microsoft: March Windows updates break Teams, OneDrive sign-ins
Microsoft says the March Windows 11 update breaks sign-ins with Microsoft accounts across multiple Microsoft apps, including Teams and OneDrive. […]
Cybersecurity, Exploits, Global Security News
CISA warns of active exploitation of Microsoft SharePoint vulnerability (CVE-2026-20963)
CVE-2026-20963, a remote code execution (RCE) SharePoint vulnerability Microsoft fixed in January 2026, is being exploited by attackers. The confirmation comes from the US Cybersecurity and Infrastructure Security Agency (CISA), which added the flaw to its Known Exploited Vulnerabilities (KEV) catalog on Wednesday. About CVE-2026-20963 CVE-2026-20963 affects Microsoft SharePoint Server Subscription Edition, Microsoft SharePoint Server…
Endpoint, Exploits, Global Security News
CISA urges US orgs to secure Microsoft Intune systems after Stryker breach
CISA warned U.S. organizations to follow Microsoft guidance to strengthen the Intune endpoint management tool after a cyberattack exploited it to wipe medical technology giant Stryker’s systems. […]
Cybersecurity, Exploits, Global Security News
Critical Microsoft SharePoint flaw now exploited in attacks
A critical Microsoft SharePoint vulnerability patched in January is now being exploited in attacks, the Cybersecurity and Infrastructure Security Agency (CISA) warned. […]
Global Security News
Druva connects identity data and behavior to restore access after attacks
Druva has revealed Druva Identity Resilience, adding support for Okta and Microsoft Active Directory alongside Microsoft Entra ID. Druva Identity Resilience delivers unified protection, cyber recovery, and threat detection and response in a single SaaS platform, bringing disparate identity providers together so security and IT teams can restore trusted access through one coordinated process. Identity-driven…
AI, Global Security News
Microsoft shuffles more of its senior leadership
The senior leadership shuffle at Microsoft continued on Tuesday when company CEO Satya Nadella announced that the company is unifying the commercial and consumer Copilot systems in a new division overseen by Jacob Andreou. Andreou, former CVP of product and growth at Microsoft AI, will oversee a division that Nadella, in an internal advisory, said…
Global Security News
Storm-2561 Uses Fake Fortinet, Ivanti VPN Sites to Drop Hyrax Infostealer
In mid-January 2026, Microsoft Defender Experts identified a devious way that cybercriminals are tricking people into giving away…
AI, Apps, Global Security News
Microsoft’s Copilot is Becoming an AI Coworker
Microsoft is pushing its workplace AI strategy further into execution mode, unveiling a new capability called Copilot Cowork alongside broader updates to its enterprise AI stack, signaling the company’s next phase in the race to turn AI assistants into active digital workers. The announcements are part of Wave 3 of Microsoft 365 Copilot, a major…
Europe, Global Security News
Microsoft stops force-installing the Microsoft 365 Copilot app
Microsoft has stopped automatically installing the Microsoft 365 Copilot app on Windows devices outside the European Economic Area (EEA) that have the Microsoft 365 desktop client apps. […]
AI, Global Security News
Microsoft shares fix for Windows C: drive access issues on Samsung PCs
Microsoft has shared guidance to fix C: drive access issues and app failures on some Samsung laptops running Windows 11, versions 25H2 and 24H2. […]
Global Security News
New Windows 11 hotpatch fixes Bluetooth device visibility issue
Microsoft has released an emergency update to fix a Bluetooth device visibility issue on hotpatch-enabled Windows 11 Enterprise devices. […]
AI, Global Security News
Microsoft: Enabling Teams Meeting add-in breaks Outlook Classic
Microsoft is working to address a known issue that renders the classic Outlook email client unusable for users who have enabled the Microsoft Teams Meeting Add-in. […]
AI, Data Security, Global Security News, Risk Management
Microsoft zeroes in on AI-driven data risks in Fabric
New Microsoft Purview innovations for Microsoft Fabric help organizations secure data and accelerate AI adoption. The updates focus on identifying risks, preventing data oversharing, and strengthening governance and data quality across the data estate. Integration between Microsoft Purview and Microsoft Fabric delivers unified data security and governance, enabling protection of sensitive data, maintaining visibility across…
Global Security News
Stryker attack wiped tens of thousands of devices, no malware needed
Last week’s cyberattack on medical technology giant Stryker was limited to its internal Microsoft environment and remotely wiped tens of thousands of employee devices. […]
AI, Data Breaches, Exploits, Global Security News, malware, Network Security, Risk Management
Microsoft Issues Hotpatch for Windows 11 RRAS RCE Bugs
Microsoft has issued an out-of-band security update to address several critical vulnerabilities in Windows 11 that could allow attackers to execute malicious code through the system’s remote access management tools. The patch targets flaws in the Windows Routing and Remote Access Service (RRAS) and is being delivered as a hotpatch, allowing systems to receive the…
AI, Global Security News
Microsoft Exchange Online outage blocks access to mailboxes
Microsoft is working to address an ongoing Exchange Online outage that is preventing customers from accessing their mailboxes and calendars. […]
Global Security News
Microsoft pulls Samsung app blocking Windows C: drive from Store
Microsoft has removed the Samsung Galaxy Connect app from the Microsoft Store because it was causing issues on specific Samsung Galaxy Book 4 and desktop models running Windows 11. […]
AI, Global Security News, Network Security, privacy
Microsoft Edge 146 adds IP privacy and local network access controls
Microsoft Edge version 146 (Stable) became available on March 13, 2026, bringing updates to tracking protection, IP privacy, and enterprise network security policies. One change affects tracking prevention in InPrivate browsing. InPrivate windows use the same tracking prevention level configured for standard browsing sessions. The separate option that previously allowed a different tracking setting for…
Global Security News
Microsoft re-releases Windows 11 OOB hotpatch to fix RRAS RCE flaw
Microsoft has released an out-of-band (OOB) update to fix a security vulnerabilities affecting Windows 11 Enterprise devices that receive hotpatch updates instead of the regular Patch Tuesday cumulative updates. […]
Global Security News
Microsoft releases Windows 11 OOB hotpatch to fix RRAS RCE flaw
Microsoft has released an out-of-band (OOB) update to fix a security vulnerabilities affecting Windows 11 Enterprise devices that receive hotpatch updates instead of the regular Patch Tuesday cumulative updates. […]
AI, Apps, Compliance, Global Security News, Government & Policy, Network Security, Risk Management
MY TAKE: The AI magic is back — whether it endured depends on Amazon’s next moves
I ran an experiment this week that I did not expect to be instructive, and it was. Related: How ChatGPT is becoming Microsoft Office The setup was simple. I had been working through a spontaneous personal essay — about cognitive overload, AI, and the specific anxiety of not knowing whether a memory lapse is a…
AI, APAC, Global Security News
Microsoft shuffles leadership as Copilot and AI agents reshape its core products
Microsoft is undergoing a regime change that could have a direct impact on its core business. Rajesh Jha, EVP for experiences and devices, which covers Microsoft 365 and Windows, has announced his retirement, and a succession plan. Jha will “transition out” on July 1 but remain in an advisory capacity. Interestingly, the company is appointing…
Apps, Global Security News
Microsoft: Windows 11 users can’t access C: drive on some Samsung PCs
Microsoft is investigating a new issue affecting some Samsung laptops running Windows 11 after installing the February 2026 security updates, in which users lose access to their C: drive and are unable to launch applications. […]
AI, Global Security News
Microsoft investigates classic Outlook sync and connection issues
Microsoft is investigating several issues causing email synchronization and connection problems when using the classic Outlook desktop client. […]
AI, Global Security News, Network Security
Storm-2561 Spreads Trojan VPN Clients via SEO Poisoning to Steal Credentials
Microsoft has disclosed details of a credential theft campaign that employs fake virtual private network (VPN) clients distributed through search engine optimization (SEO) poisoning techniques. “The campaign redirects users searching for legitimate enterprise software to malicious ZIP files on attacker-controlled websites to deploy digitally signed trojans that masquerade as trusted VPN clients
AI, Apps, Endpoint, Exploits, Global Security News, malware, Network Security
Storm-2561 targets enterprise VPN users with SEO poisoning, fake clients
Microsoft has warned enterprises that cybercriminal group Storm-2561 is hijacking search engine results to serve trojanized VPN clients, stealing corporate credentials, and then covering its tracks before victims suspect anything is wrong. The group pushes spoofed websites to the top of results for queries such as “Pulse VPN download” or “Pulse Secure client,” redirecting users…
AI, Global Security News
Hackers Use Cloudflare Human Check to Hide Microsoft 365 Phishing Pages
Scammers are hijacking popular security tools like Cloudflare to hide fake Microsoft 365 login pages. Learn how this new invisible phishing campaign bypasses antivirus software and how you can stay safe.
GeekGuyBlog
Microsoft’s March Update: A Closer Look at 83 Patched CVEs
Discover how Microsoft’s March update addresses 83 critical vulnerabilities, enhancing security across its software and protecting against cyber threats.
AI, Apps, Cybersecurity, Exploits, Global Security News, Network Security, Risk Management
CVE-2026-21262: SQL Server Zero-Day Fixed in Microsoft’s March Patch Tuesday Release
The beginning of 2026 has brought a wave of zero-day vulnerabilities affecting Microsoft products, including the actively exploited Windows Desktop Window Manager flaw (CVE-2026-20805), the Microsoft Office zero-day (CVE-2026-21509) that prompted an out-of-band fix, and the Windows Notepad RCE bug (CVE-2026-20841). Microsoft’s March Patch Tuesday release keeps defenders busy again, this time shifting attention to…
AI, Apps, Data Breaches, Exploits, Global Security News, Network Security, Risk Management
Microsoft .NET Vulnerability Enables Remote DoS Attacks
Microsoft has released a security update to address a vulnerability in the .NET platform that could allow attackers to remotely crash affected applications. The flaw enables unauthenticated attackers to trigger a Denial-of-Service (DoS) condition, potentially causing applications or services running on vulnerable .NET environments to become unavailable. Exploitation of the vulnerability “… allows an unauthorized…
AI, Apps, Compliance, Global Security News
Microsoft Introduces AI-Focused Microsoft 365 E7
Microsoft is taking another swing at what AI inside workplace software should actually look like. This time, the company is packaging it into a new enterprise tier for Microsoft 365, along with a feature that turns Copilot from a helpful assistant into more of a digital coworker. M365 E7 tier bundles Copilot, Entra identity, and…
AI, Exploits, Global Security News
Microsoft patches 80+ vulnerabilities, six flagged as “more likely” to be exploited
On March 2026 Patch Tuesday, Microsoft addressed 80+ vulnerabilities affecting its software and cloud services. Of these, two were publicly disclosed, but not actively exploited. Privilege escalation vulnerabilities abound The two publicly disclosed flaws are CVE-2026-21262, a vulnerability in SQL Server that may allow attackers to gain SQLAdmin privileges, and CVE-2026-26127, a .NET flaw that…
Global Security News
Microsoft Fixes 79 Flaws in March Patch Tuesday, Including Two 0-Days
Microsoft fixes 79 vulnerabilities in March 2026 Patch Tuesday, including two publicly disclosed 0-days affecting SQL Server, .NET and Windows systems.
AI, APAC, Apps, Compliance, Global Security News, Government & Policy, privacy, Risk Management
Microsoft seeks a stay on DoD’s effective ban on Anthropic offerings
Microsoft is urging a federal court in California to temporarily pause the US Department of Defense’s (DoD) effective ban on Anthropic’s AI offerings, arguing that the government’s “supply chain risk” label could have significant knock-on effects for its own defense technology business. In a filing backing Anthropic’s request for emergency relief, the company said the…
Global Security News
Microsoft Fixes Two Publicly Disclosed Zero-Days
March Patch Tuesday sees Microsoft release updates for 79 flaws
Global Security News
Microsoft Patches 84 Flaws in March Patch Tuesday, Including Two Public Zero-Days
Microsoft on Tuesday released patches for a set of 84 new security vulnerabilities affecting various software components, including two that have been listed as publicly known. Of these, eight are rated Critical, and 76 are rated Important in severity. Forty-six of the patched vulnerabilities relate to privilege escalation, followed by 18 remote code execution, 10…
AI, Apps, Exploits, Global Security News, Network Security
Microsoft Patch Tuesday, March 2026 Edition
Microsoft Corp. today pushed security updates to fix at least 77 vulnerabilities in its Windows operating systems and other software. There are no pressing “zero-day” flaws this month (compared to February’s five zero-day treat), but as usual some patches may deserve more rapid attention from organizations using Windows. Here are a few highlights from this…
AI, Exploits, Global Security News, Network Security
Microsoft Patch Tuesday security updates for March 2026 fixed 84 bugs
Microsoft Patch Tuesday security updates for March 2026 addressed 84 vulnerabilities in its products. None of the flaws are known to be exploited so far. Microsoft Patch Tuesday security updates for March 2026 addressed 84 vulnerabilities across its products. The IT giant addressed flaws across Windows, Office, Edge, Azure, SQL Server, Hyper-V, and ReFS. Including…
AI, Apps, Endpoint, Exploits, Global Security News, Network Security, Risk Management
Microsoft’s monthly Patch Tuesday is first in 6 months with no actively exploited zero-days
Microsoft addressed 83 vulnerabilities that cut across its broad portfolio of enterprise software and underlying services in its latest security update. The company’s Patch Tuesday release contained no actively exploited zero-day vulnerabilities and six defects it described as more likely to be exploited. The vendor’s batch of patches marks the first monthly update without an…
AI, Apps, Cybersecurity, Data Breaches, Endpoint, Global Security News, malware, Network Security, Risk Management
Teams Social Engineering Campaign Drops A0Backdoor Malware
Microsoft Teams impersonation and social engineering tactics are being used in an ongoing campaign to deliver a stealthy malware payload known as A0Backdoor. Researchers at BlueVoyant report that the operation combines social engineering techniques, malicious installers, and covert command-and-control (C2) communications to gain persistent access within targeted networks. “The malware’s loader exhibits anti-sandbox evasion, and…
Global Security News
Microsoft releases Windows 10 KB5078885 extended security update
Microsoft has released the Windows 10 KB5078885 extended security update to fix the March 2026 Patch Tuesday vulnerabilities, including 2 zero-days and an issue that prevent some devices from shutting down. […]
Global Security News
Windows 11 KB5079473 & KB5078883 cumulative updates released
Microsoft has released Windows 11 KB5079473 and KB5078883 cumulative updates for versions 25H2/24H2 and 23H2 to fix security vulnerabilities, bugs, and add new features. […]
AI, Exploits, Global Security News, Network Security
Microsoft Patch Tuesday March 2026, (Tue, Mar 10th)
Microsoft today released patches for 93 vulnerabilities, including 9 vulnerabilities in Chromium affecting Microsoft Edge. 8 of the vulnerabilities are rated critical. 2 were disclosed prior to today but have not yet been exploited. This update addresses no already-exploited vulnerabilities. Disclose vulnerabilities: CVE-2026-26127: A denial of service vulnerability in .Net. Microsoft considers exploitation unlikely. The…
Global Security News
Microsoft brings phishing-resistant Windows sign-ins via Entra passkeys
Microsoft is rolling out passkey support for Microsoft Entra on Windows devices, adding phishing-resistant passwordless authentication via Windows Hello. […]