Ravie LakshmananMay 15, 2026Microsoft / Vulnerability Microsoft has disclosed a new security vulnerability impacting on-premise versions of Exchange Server that…
For the first time in nearly two years, Microsoft's monthly security update featured no actively exploited zero-day vulnerabilities or previously…
The Iranian state-sponsored hacking group known as MuddyWater (aka Mango Sandstorm, Seedworm, and Static Kitten) has been attributed to a…
An attacker with administrative privileges can gain access to Microsoft Edge user passwords even when they're not in use, because…
Ravie LakshmananApr 28, 2026Vulnerability / Identity Management An administrative role meant for artificial intelligence (AI) agents within Microsoft Entra ID…
A previously undocumented threat activity cluster known as UNC6692 has been observed leveraging social engineering tactics via Microsoft Teams to…
Ravie LakshmananApr 22, 2026Cyber Espionage / Malware The threat actor known as Harvester has been attributed to a new Linux…
Ravie LakshmananApr 17, 2026Vulnerability / Endpoint Security Huntress is warning that threat actors are exploiting three recently disclosed security flaws…
One aspect of the "AI revolution" keeping security professionals up at night is the continued prevalence of prompt injection attacks…