New GitHub Zero-Day Exposed Developer Tokens to Attackers
A single click on the wrong repository could have put a developer’s GitHub access at risk. Security researcher Ammar Askar...
Microsoft
Microsoft 365 Android Apps Had a Token Flaw IT Teams Should Check Now
A debug flag left active in production code allowed another installed app on the same Android device to request Microsoft...
Google DoubleClick Abused in New Malspam Campaign to Deliver DesckVB RAT
Ravie LakshmananJun 03, 2026Malware / Microsoft Defender Cybersecurity researchers have flagged a new malspam campaign that makes use of Google's...
Microsoft Tests Wearable AI Badge for Office Workers
Microsoft is experimenting with AI hardware that office workers could wear like an access badge. At Microsoft Build 2026, the...
FBI Warns: ‘Kali365’ Phishing Service Targets Microsoft 365 Accounts
A new phishing service is turning a legitimate Microsoft login process into a shortcut for account takeovers. The FBI warned...
‘Tiny11’ Gives Windows 10 Users a Risky Upgrade Path
The end of Windows 10 support is creating a hardware dilemma for older PCs. As Microsoft pushes users away from...
Microsoft SharePoint Has a New RCE Flaw. If You Haven’t Patched Yet, Go Do That.
Microsoft SharePoint Has a New RCE Flaw. If You Haven’t Patched Yet, Go Do That. Pierluigi Paganini May 27, 2026...
AI Chatbot Recommendations Redirect Users to Cryptojacking Malware Sites
Microsoft has warned of an active cryptojacking campaign that makes use of artificial intelligence (AI) chatbot interactions as a mechanism...
May’s Patch Tuesday hauls out 132 CVEs
In another banner month for the AI-finder era, Microsoft on Tuesday released 132 patches affecting 20 product families. Twenty-nine of...
FBI warns of Kali365 phishing kit that breaks into Microsoft 365 accounts – no password required
So, you've enabled multi-factor authentication. You've taught your staff never to type their passwords into dodgy-looking login pages. Surely your...
Microsoft Warns: Windows Zero-Day ‘YellowKey’ Can Bypass BitLocker
Microsoft has moved to contain the newly disclosed Windows zero-day vulnerability, dubbed “YellowKey,” but the company still lacks a permanent...
Microsoft Disrupts Malware-Signing Service Used by Ransomware Gangs
Microsoft says it disrupted a malware-signing service that abused Azure Artifact Signing to create fraudulent certificates used in ransomware and...
Microsoft Takes Down Malware-Signing Service Behind Ransomware Attacks
Microsoft on Tuesday said it disrupted a malware-signing-as-a-service (MSaaS) operation that weaponized the company's Artifact Signing system to deliver malicious...
Microsoft Launches New Surface AI PCs for Business Buyers
Microsoft’s latest Surface pitch is aimed squarely at businesses preparing their PC fleets for the AI era. The tech giant...
Mac Users Face New Malware Threat Spoofing Apple, Google, and Microsoft
The latest malware targeting Mac users isn’t built to crack security protections, but to exploit users’ trust in familiar brands....
