A hot potato: A newly uncovered security flaw in Microsoft's SharePoint software has sparked a widespread series of cyberattacks targeting government organizations, educational institutions, energy ...

A new report out today from Aim Security Ltd. reveals the first known zero-click artificial intelligence vulnerability that could have allowed attackers to exfiltrate sensitive internal data without ...

Microsoft issues emergency patch for a critical WSUS flaw enabling remote code execution CVE-2025-59287 allows unauthenticated attackers to gain SYSTEM privileges without user interaction An ...

Cybersecurity incidents response teams report that a new security flaw in Microsoft SharePoint is being actively exploited in ...

Microsoft Corp (NASDAQ:MSFT) has issued a critical warning regarding ongoing attacks on on-premises SharePoint servers, urging organizations to apply newly released security updates immediately. The ...

Update, August 10, 2025: This story, originally published on August 7, has been updated with additional information following a demonstration of the shared service principal exploit at the Black Hat ...

Microsoft is once again in the cybersecurity spotlight, acknowledging Tuesday morning that hackers linked to China are among those exploiting vulnerabilities in on-premises SharePoint software, the ...

In a break from recent months, Microsoft's security update for July contains no zero-day bugs. But with 137 newly disclosed vulnerabilities, including one that has been publicly disclosed already, it ...

Windows Security does more than just basic virus protection. It guards against phishing, blocks ransomware, and prevents malicious apps from running. However, these features aren't easy to ...

Microsoft has released emergency out-of-band security updates to patch a high-severity Microsoft Office zero-day vulnerability exploited in attacks. The security feature bypass vulnerability, tracked ...

PCWorld reports that Microsoft issued emergency updates for a critical zero-day vulnerability (CVE-2026-21509) in Office that attackers exploited against Ukrainian authorities and EU institutions. The ...

Attackers could use a recently patched macOS vulnerability to bypass Transparency, Consent, and Control (TCC) security checks and steal sensitive user information, including Apple Intelligence cached ...