Microsoft patches Defender zero-days exploited in live attacks
… Endpoint security firm Huntress confirmed active exploitation before the patches existed. …
Search
Google identifies first AI-developed zero-day exploit
… GTIG described this as an increasing capability that traditional security tooling is structurally ill-equipped to counter. …
Microsoft's MDASH AI found 16 critical Windows flaws before hackers could exploit them
… Microsoft's Autonomous Code Security team built it, with several members coming from Team Atlanta, the group that won the $29.5 million DARPA AI Cyber Challenge. …
Microsoft faces security community backlash over Nightmare Eclipse
… The community pushback The security industry is not siding with Microsoft. …
Nightmare Eclipse banned from GitHub and GitLab, vows July 14 attack
… All six targeted components are located at or below the endpoint security layer. …
MiniPlasma zero-day gives SYSTEM access on fully patched Windows 11
… Security researcher Will Dormann of Tharros independently verified the results. …
Microsoft mitigates YellowKey BitLocker bypass, no patch yet
… No full security update is available yet. …
Microsoft Exchange Server zero-day exploited via crafted email
… Exchange Server 2016 and 2019 will only get the permanent patch through Microsoft's Period 2 Extended Security Update program. …
CISA gives Windows admins until June 3 to patch Nightmare Eclipse Defender flaws
… Verify those version numbers in Windows Security settings before June 3. …
Apple security update shuts door on notification database data leaks
… As with most security flaws, the concern isn’t just who found it first, it’s who else might have found it later. …