Dark Reading

2 Zero-Day Bugs in Microsoft's Nov. Update Under Active Exploit

Attackers are already actively exploiting two vulnerabilities for which Microsoft issued patches on Nov. 12 as part of its monthly security update. And they could soon begin targeting two other ...
SiliconANGLE

Aim Security details first known AI zero-click exploit targeting Microsoft 365 Copilot

A new report out today from Aim Security Ltd. reveals the first known zero-click artificial intelligence vulnerability that could have allowed attackers to exfiltrate sensitive internal data without ...
Bleeping Computer

Fake Microsoft Exchange ProxyNotShell exploits for sale on GitHub

Scammers are impersonating security researchers to sell fake proof-of-concept ProxyNotShell exploits for newly discovered Microsoft Exchange zero-day vulnerabilities. Last week, Vietnamese ...
Benzinga.com

Microsoft Adds Paragon Partition Manager Driver To Blocklist As Ransomware Hackers Exploit Windows-Signed Driver For Attacks

Ransomware operators have found a way to exploit a Microsoft Windows-signed driver from Paragon Partition Manager, posing a threat to system security. This allows attackers to deploy the driver with ...
Forbes

Emergency Microsoft Security Warning Confirmed — Act Now, CISA Says

Update, August 10, 2025: This story, originally published on August 7, has been updated with additional information following a demonstration of the shared service principal exploit at the Black Hat ...
Hosted on MSN

Microsoft Copilot Vulnerability Exposes Users to Zero-Click Cyber Threats

In an era where cloud-based solutions and artificial intelligence are the cornerstones of digital transformation, security vulnerabilities in these platforms can have far-reaching impacts. One such ...
Microsoft

Help on the line: How a Microsoft Teams support call led to compromise

Read the new Microsoft Cyberattack Series report to learn more about on how deception and trusted tools can enable ...

Hacker unveils exploit that cracks the "unbreakable" Xbox One at the silicon level

The demonstration marks the first public, reproducible breach of the Xbox One's hardware-level defenses, a milestone in ...
PC World

High-risk Office security flaw: Microsoft issues emergency updates

PCWorld reports that Microsoft issued emergency updates for a critical zero-day vulnerability (CVE-2026-21509) in Office that attackers exploited against Ukrainian authorities and EU institutions. The ...