Microsoft has released emergency security updates to patch a high-severity Office zero-day vulnerability exploited in attacks ...

Microsoft released patches for CVE-2026-21509, a new Office zero-day vulnerability that can be exploited to bypass security features.

Microsoft releases an urgent out-of-band update for a critical Office zero-day flaw already exploited in real-world attacks.

Varonis Threat Labs has published a report detailing a now patched security exploit discovered in Copilot that let attackers ...

Microsoft has patched 112 vulnerabilities in January 2026, including CVE-2026-20805, a Desktop Window Manager zero-day that ...

Microsoft has patched a vulnerabilitz in Copilot Personal that allowed hackers to steal sensitive user data through a single ...

Microsoft issues emergency patch for a critical WSUS flaw enabling remote code execution CVE-2025-59287 allows unauthenticated attackers to gain SYSTEM privileges without user interaction An ...

Ransomware operators have found a way to exploit a Microsoft Windows-signed driver from Paragon Partition Manager, posing a threat to system security. This allows attackers to deploy the driver with ...

Update, August 10, 2025: This story, originally published on August 7, has been updated with additional information following a demonstration of the shared service principal exploit at the Black Hat ...

See how three organizations strengthen security and accelerate AI innovation with Microsoft’s family of security products.

CISA has mandated immediate mitigation for federal agencies, while analysts urge enterprises to accelerate cloud migration and implement live threat detection. Attackers are exploiting a previously ...

Discover four key identity and access priorities for the new year to strengthen your organization's identity security ...