Threat actors are now abusing DNS queries as part of ClickFix social engineering attacks to deliver malware, making this the first known use of DNS as a channel in these campaigns.

Microsoft details a new ClickFix variant abusing DNS nslookup commands to stage malware, enabling stealthy payload delivery ...

Microsoft has blocked credential autofill on Windows 11 to address CVE-2026-20804, a Windows Hello vulnerability allowing biometric injection attacks.

Microsoft will remove the -Credential parameter from Exchange Online PowerShell by June 2026, forcing admins to adopt MFA.

Microsoft patches 58 vulnerabilities, including six actively exploited zero-days across Windows, Office, and RDP, as CISA sets a March 3 deadline.

The campaign exploits an Office vulnerability to deliver the modular XWorm RAT, chaining HTA, PowerShell, and in-memory .NET execution to sidestep detection and expand post-compromise control.

What is PowerShell? Microsoft PowerShell is a powerful administrative tool that can help you automate tasks for your computer ...

Another crucial Windows expiration date is right around the corner for more than a billion PCs. Here's what you need to do now.

When Microsoft patched a vulnerability last summer that allowed threat actors to use Windows’ shortcut (.lnk) files in ...

At the same time, SolarWinds patched CVE-2025-40536, a high-severity (8.1 CVSS) security control bypass vulnerability that can allow an unauthenticated attacker to gain access to certain restricted ...

A complex phishing campaign uses decentralized fake PDFs that mount virtual drives to silently install the AsyncRAT malware.

CrashFix crashes browsers to coerce users into executing commands that deploy a Python RAT, abusing finger.exe and portable Python to evade detection and persist on high‑value systems.