Threat actors are now abusing DNS queries as part of ClickFix social engineering attacks to deliver malware, making this the first known use of DNS as a channel in these campaigns.

Microsoft details a new ClickFix variant abusing DNS nslookup commands to stage malware, enabling stealthy payload delivery ...

Microsoft has blocked credential autofill on Windows 11 to address CVE-2026-20804, a Windows Hello vulnerability allowing biometric injection attacks.

Microsoft will remove the -Credential parameter from Exchange Online PowerShell by June 2026, forcing admins to adopt MFA.

Microsoft patches 58 vulnerabilities, including six actively exploited zero-days across Windows, Office, and RDP, as CISA sets a March 3 deadline.

The campaign exploits an Office vulnerability to deliver the modular XWorm RAT, chaining HTA, PowerShell, and in-memory .NET execution to sidestep detection and expand post-compromise control.

What is PowerShell? Microsoft PowerShell is a powerful administrative tool that can help you automate tasks for your computer ...

Another crucial Windows expiration date is right around the corner for more than a billion PCs. Here's what you need to do now.

When Microsoft patched a vulnerability last summer that allowed threat actors to use Windows’ shortcut (.lnk) files in ...

At the same time, SolarWinds patched CVE-2025-40536, a high-severity (8.1 CVSS) security control bypass vulnerability that can allow an unauthenticated attacker to gain access to certain restricted ...

A new open-source and cross-platform tool called Tirith can detect homoglyph attacks over command-line environments by ...

The plugin itself can be used to authenticate to anything, as are you that handle the logic that verify user input credentials in the callback, and just need to return user data that will be used to ...