Microsoft’s Patch Tuesday release for April is a whopper

Nearly every major product family needs immediate patching, from Windows to Office to Microsoft Edge, SQL Server, and even ...

Rejected By Microsoft, 3 Defender Zero-Days Are Now Actively Exploited

The Huntress SOC is observing the use of Nightmare-Eclipse's BlueHammer, RedSun, and UnDefend exploitation techniques. Investigation by: @wbmmfq, @Curity4201, + @_JohnHammond 🧵👇 ...

Hackers are abusing unpatched Windows security flaws to hack into organizations

A security researcher published details of three security vulnerabilities in Windows Defender, and the code used to exploit ...
MUO on MSN

This Windows process comes back after every update and quietly chews through your files

What this hidden Windows process actually does — and how to stop it for good ...
Hackaday

This Week In Security: Docker Auth, Windows Tools, And A Very Full Patch Tuesday

CVE-2026-34040 lets attackers bypass some Docker authentication plugins by allowing an empty request body. Present since 2024, this bug was caused by a previous fix to the auth workflow. In the ...

Unpatched Microsoft Defender flaw lets hackers gain admin access

A security researcher has published a working exploit for a Microsoft Defender security flaw that affects Windows 10, 11, and ...

Dangerous Fake Microsoft Windows Update Confirmed—Do Not Download

As security researchers warn about a dangerous Microsoft Windows update that isn’t legitimate, users must pay close attention ...

Microsoft: April Windows Server 2025 update may fail to install

Microsoft is investigating an issue causing this month's KB5082063 security update to fail to install on some Windows Server ...

Microsoft adds new safety rails to save you from remote desktop attacks

Microsoft has shipped one of the most practically useful security updates in recent memory, and if you work in an environment ...

AppControl Introduces AI-Powered Analysis of Windows PC Performance, Privacy Events, and Background Activity

AppControl's new Model Context Protocol (MCP) server enables natural-language analysis of 72-hour Windows PC history to diagnose performance and privacy issues AUSTIN, Texas, April 14, 2026 ...

This New Tool Can Steal Your Passwords And Info – Even With 2FA Enabled

Storm is a Windows infostealer that steals encrypted browser data, decrypts it off-device, and uses session cookies to bypass ...
Computer Weekly

April Patch Tuesday brings zero-days in Defender, SharePoint Server

The latest monthly Patch Tuesday update from Microsoft landed earlier on 14 April, including two notable zero-day flaws amid ...