Microsoft has confirmed that a hacker who successfully exploits a zero-day SQL vulnerability could gain system administrator privileges. Here’s how to fix it.

Read the new Microsoft Cyberattack Series report to learn more about on how deception and trusted tools can enable ...

A new report out today from Aim Security Ltd. reveals the first known zero-click artificial intelligence vulnerability that could have allowed attackers to exfiltrate sensitive internal data without ...

An N-day vulnerability in Microsoft Word exposes nearly 14 million assets. Attackers can exploit this flaw to bypass security prompts, enabling deployment of malware and establishing persistent access ...

A hot potato: A newly uncovered security flaw in Microsoft's SharePoint software has sparked a widespread series of cyberattacks targeting government organizations, educational institutions, energy ...

Microsoft issues emergency patch for a critical WSUS flaw enabling remote code execution CVE-2025-59287 allows unauthenticated attackers to gain SYSTEM privileges without user interaction An ...

Scammers are impersonating security researchers to sell fake proof-of-concept ProxyNotShell exploits for newly discovered Microsoft Exchange zero-day vulnerabilities. Last week, Vietnamese ...

Microsoft Corp (NASDAQ:MSFT) has issued a critical warning regarding ongoing attacks on on-premises SharePoint servers, urging organizations to apply newly released security updates immediately. The ...

Update, August 10, 2025: This story, originally published on August 7, has been updated with additional information following a demonstration of the shared service principal exploit at the Black Hat ...

The demonstration marks the first public, reproducible breach of the Xbox One's hardware-level defenses, a milestone in console hacking that recalls the famous Reset Glitch Hack ...

A Windows Remote Desktop exploit is reportedly being sold on the dark web for $220,000, but Microsoft already patched the flaw.