Microsoft Disrupts Malware-Signing Service Used by Ransomware Gangs

Microsoft disrupted Fox Tempest, a malware-signing service accused of abusing Azure certificates to disguise ransomware and ...
CSO Online

Microsoft patches two zero-day flaws in Defender

CISA has added the Microsoft Malware Protection Engine and Microsoft Defender Antimalware Platform vulnerabilities to its KEV ...

Laravel Lang packages hijacked to deploy credential-stealing malware

A supply chain attack targeting the Laravel Lang localization packages has exposed developers to a sophisticated ...

New Microsoft Defender exploits discovered. How to protect yourself

It doesn't require a lot of effort.

2 New Microsoft Defender Zero-Days Exploited—Patch Now Rolling Out

Microsoft has confirmed an emergency security update as CISA warns that two new Defender zero-days are being exploited by ...

Microsoft confirms two major Defender security issues — so update now or face possible attack

Microsoft patches two actively exploited zero‑day flaws in Defender, tracked as CVE‑2026‑41091 (privilege escalation) and CVE ...

Microsoft warns of new Defender zero-days exploited in attacks

On Wednesday, Microsoft started rolling out security patches for two Defender vulnerabilities that have been exploited in ...
Tech Times

Microsoft Defender Zero-Days Patched: RedSun, UnDefend Exploits Already Used in Live Intrusions

Microsoft pushed out-of-band patches on May 21, 2026, for two actively exploited Windows Defender zero-days — one that lets a ...

Experts warn a key Microsoft legacy tool is still being abused to launch malware campaigns

MSHTA is being used for both simple and advanced threats, deploying loaders and infostealers.
SecurityWeek

Legacy Windows Tool MSHTA Fuels Surge in Silent Malware Attacks

Attackers are increasingly abusing Microsoft’s legacy MSHTA utility to silently deliver malware, stealers, and persistent ...
The Hacker News

Microsoft Warns of Two Actively Exploited Defender Vulnerabilities

Microsoft has disclosed that a privilege escalation and a denial-of-service flaw in Defender has come under active ...
Forbes

Dangerous Fake Microsoft Windows Update Confirmed—Do Not Download

This voice experience is generated by AI. Learn more. This voice experience is generated by AI. Learn more. Do not download this fake Microsoft Windows update. Update April 16: Following confirmation ...