Latest news

Microsoft Secure Boot Certificates Expire — Over a Billion PCs and Linux Systems at Risk
Vulnerability

Microsoft Secure Boot Certificates Expire — Over a Billion PCs and Linux Systems at Risk

26 June 2026 dark6

Microsoft's original Secure Boot certificates have begun expiring as of June 24, 2026, affecting over a billion UEFI-capable PCs worldwide....
AutoJack: A Single Malicious Web Page Can Hijack Your AI Agent and Execute Arbitrary Code
AI

AutoJack: A Single Malicious Web Page Can Hijack Your AI Agent and Execute Arbitrary Code

22 June 2026 dark6

A critical three-vulnerability exploit chain called AutoJack allows a single malicious web page to hijack Microsoft AutoGen Studio's browsing agent...
Microsoft Lets connectivity.office.com TLS Certificate Expire, Breaking Enterprise Microsoft 365 Diagnostics
Vulnerability

Microsoft Lets connectivity.office.com TLS Certificate Expire, Breaking Enterprise Microsoft 365 Diagnostics

16 June 2026 dark6

Microsoft allowed the TLS certificate for connectivity.office.com — a critical enterprise Microsoft 365 diagnostic endpoint — to expire on June...
Microsoft Releases Emergency KB5089573 for Windows 11 to Permanently Fix Patch Tuesday Install Failures
Vulnerability

Microsoft Releases Emergency KB5089573 for Windows 11 to Permanently Fix Patch Tuesday Install Failures

31 May 2026 dark6

Microsoft has released KB5089573, a critical out-of-band update for Windows 11, permanently fixing the EFI System Partition space issue that...
Pwn2Own Berlin 2026 Day 2: Exchange, Windows 11, and AI Coding Tools Fall to Zero-Days — $908,750 in Total Prizes
Vulnerability

Pwn2Own Berlin 2026 Day 2: Exchange, Windows 11, and AI Coding Tools Fall to Zero-Days — $908,750 in Total Prizes

18 May 2026 dark6

Day Two of Pwn2Own Berlin 2026 saw 15 new zero-day exploits demonstrated against Microsoft Exchange (full RCE chain worth $200,000),...
Microsoft Patch Tuesday May 2026: 120 Vulnerabilities Fixed, Including 29 Critical RCE Flaws
Vulnerability

Microsoft Patch Tuesday May 2026: 120 Vulnerabilities Fixed, Including 29 Critical RCE Flaws

13 May 2026 dark6

Microsoft's May 2026 Patch Tuesday delivers fixes for 120 vulnerabilities including 29 Critical-rated remote code execution flaws across Windows, SharePoint,...
Microsoft Confirms Windows Server 2025 Domain Controllers Enter Reboot Loops After April 2026 Patch
Vulnerability

Microsoft Confirms Windows Server 2025 Domain Controllers Enter Reboot Loops After April 2026 Patch

25 April 2026 dark6

Microsoft has confirmed that the April 2026 cumulative update KB5082063 causes Windows Server 2025 domain controllers to enter reboot loops,...
Microsoft’s April 2026 Update Adds New RDP Security Warnings to Protect Against Phishing via .rdp Files
Phishing

Microsoft’s April 2026 Update Adds New RDP Security Warnings to Protect Against Phishing via .rdp Files

25 April 2026 dark6

Microsoft's April 2026 Patch Tuesday introduces new multi-layer warning dialogs in Windows Remote Desktop Connection, designed to protect users from...
Microsoft Patch Tuesday April 2026: 168 Vulnerabilities Fixed Including Actively Exploited SharePoint Zero-Day
Vulnerability

Microsoft Patch Tuesday April 2026: 168 Vulnerabilities Fixed Including Actively Exploited SharePoint Zero-Day

25 April 2026 dark6

Microsoft's April 2026 Patch Tuesday fixes a record 168 vulnerabilities, including an actively exploited SharePoint zero-day (CVE-2026-32201) and a publicly...
Three Windows Defender Zero-Days Exploited in the Wild: BlueHammer Patched, RedSun and UnDefend Still Unpatched
Vulnerability

Three Windows Defender Zero-Days Exploited in the Wild: BlueHammer Patched, RedSun and UnDefend Still Unpatched

19 April 2026 dark6

A security researcher dropped three Windows Defender zero-day exploits in 13 days — BlueHammer (CVE-2026-33825), RedSun, and UnDefend. All three...
Microsoft April 2026 Patch Tuesday: Actively Exploited SharePoint Zero-Day Among 167 Fixes
Vulnerability

Microsoft April 2026 Patch Tuesday: Actively Exploited SharePoint Zero-Day Among 167 Fixes

18 April 2026 dark6

Microsoft's April 2026 Patch Tuesday patches 167 vulnerabilities including an actively exploited SharePoint Server zero-day (CVE-2026-32201) and a publicly disclosed...
Microsoft April 2026 Patch Tuesday: 163 CVEs Including Two Zero-Days and a Public “BlueHammer” Exploit
Vulnerability

Microsoft April 2026 Patch Tuesday: 163 CVEs Including Two Zero-Days and a Public “BlueHammer” Exploit

15 April 2026 dark6

Microsoft's April 2026 Patch Tuesday addresses 163 CVEs, including an actively exploited SharePoint spoofing zero-day (CVE-2026-32201) and a publicly leaked...