Microsoft has confirmed that a hacker who successfully exploits a zero-day SQL vulnerability could gain system administrator privileges. Here’s how to fix it.

A new report out today from Aim Security Ltd. reveals the first known zero-click artificial intelligence vulnerability that could have allowed attackers to exfiltrate sensitive internal data without ...

A hot potato: A newly uncovered security flaw in Microsoft's SharePoint software has sparked a widespread series of cyberattacks targeting government organizations, educational institutions, energy ...

Read the new Microsoft Cyberattack Series report to learn more about on how deception and trusted tools can enable ...

The demonstration marks the first public, reproducible breach of the Xbox One's hardware-level defenses, a milestone in ...

Microsoft issues emergency patch for a critical WSUS flaw enabling remote code execution CVE-2025-59287 allows unauthenticated attackers to gain SYSTEM privileges without user interaction An ...

Microsoft is once again in the cybersecurity spotlight, acknowledging Tuesday morning that hackers linked to China are among those exploiting vulnerabilities in on-premises SharePoint software, the ...

Update, August 10, 2025: This story, originally published on August 7, has been updated with additional information following a demonstration of the shared service principal exploit at the Black Hat ...

Microsoft Corp (NASDAQ:MSFT) has issued a critical warning regarding ongoing attacks on on-premises SharePoint servers, urging organizations to apply newly released security updates immediately. The ...

A Windows Remote Desktop exploit is reportedly being sold on the dark web for $220,000, but Microsoft already patched the flaw.

PCWorld reports that Microsoft issued emergency updates for a critical zero-day vulnerability (CVE-2026-21509) in Office that attackers exploited against Ukrainian authorities and EU institutions. The ...