A security researcher frustrated with Microsoft has released the BlueHammer Windows zero-day exploit, telling the company, “I'm not explaining how this works.” ...

Microsoft Edge loads all your saved passwords, decrypted and in plaintext, into memory at startup. Google Chrome doesn’t—is ...

A security researcher has discovered that Microsoft Edge will load all your stored passwords into memory in plaintext at ...

Although the team with Microsoft moved swiftly to patch the BlueHammer vulnerability, other exploits still threaten Microsoft Defender and Windows users.

A security researcher published details of three security vulnerabilities in Windows Defender, and the code used to exploit them. Now, hackers are taking advantage of the vulnerabilities in real life ...

Microsoft has released out-of-band (OOB) security updates to patch a critical-severity Windows Server Update Service (WSUS) vulnerability with publicly available proof-of-concept exploit code. WSUS is ...

The U.S. National Security Agency is using Anthropic’s Mythos model to find security flaws in Microsoft software, Bloomberg reported Thursday. One of the cyber intelligence agency’s primary goals is ...

PCWorld reports that Microsoft issued emergency updates for a critical zero-day vulnerability (CVE-2026-21509) in Office that attackers exploited against Ukrainian authorities and EU institutions. The ...

Today is Microsoft's February 2026 Patch Tuesday with security updates for 58 flaws, including 6 actively exploited and three publicly disclosed zero-day vulnerabilities. This Patch Tuesday also ...

Why defaults fall short: Microsoft 365’s default configurations prioritize usability over security, leaving gaps in access controls, logging, and data protection that attackers can exploit. Unified ...