Microsoft to roll out Entra passkeys on Windows in late April

Microsoft will roll out passkey support for phishing-resistant passwordless authentication to Microsoft Entra‑protected ...
The Hacker News

UNC6692 Impersonates IT Help Desk via Microsoft Teams to Deploy SNOW Malware

UNC6692 has been attributed to a large email campaign that's designed to overwhelm a target's inbox with a flood of spam ...
CSO Online

Microsoft issues out-of-band patch for critical security flaw in update to ASP.NET Core

Patching is not enough: applications embedding the insecure library will need to be rebuilt, and affected tokens and cookies ...

Microsoft issues emergency update for macOS and Linux ASP.NET threat

Microsoft released an emergency patch for its ASP.NET Core to fix a high-severity vulnerability that allows unauthenticated ...
TMCnet

Following Stryker Cyberattack, Avatier Launches Identity Challenge Card to Protect Organizations When Standard Security Fails

The cyberattack that disrupted Stryker Corporation earlier this year exposed a vulnerability that security professionals have long warned about when attackers target an organization's identity systems ...
Cloud Security Alliance

Using Zero Trust to Counter Identity Spoofing & Abuse

Explore modern identity-based attacks and how to defend against them using Zero Trust. Define and differentiate between ...
CSO Online

Top techniques attackers use to infiltrate your systems today

Popular tool abuse, ClickFix, and identity-based attacks are among the most prevalent techniques bad actors are deploying ...
Microsoft

Cross‑tenant helpdesk impersonation to data exfiltration: A human-operated intrusion playbook

Threat actors are abusing external Microsoft Teams collaboration to impersonate IT helpdesk staff and convince users to grant ...
Hackaday

This Week In Security: Docker Auth, Windows Tools, And A Very Full Patch Tuesday

CVE-2026-34040 lets attackers bypass some Docker authentication plugins by allowing an empty request body. Present since 2024, this bug was caused by a previous fix to the auth workflow. In the ...
Windows Report

Microsoft Warns KB5082063 Triggers Boot Loops on Some Windows Server DCs

Microsoft confirms KB5082063 bug causing restart loops on Windows Server domain controllers, impacting authentication and enterprise environments.

Microsoft: Some Windows servers enter reboot loops after April patches

Microsoft warns that some Windows domain controllers are entering restart loops after installing the April 2026 security ...

Open-source tool decrypts all private data collected by Windows Recall on Copilot PCs

Alexander Hagenah previously exposed issues affecting Windows Recall with his TotalRecall tool, prompting Microsoft to ...