Microsoft appears to blame a security researcher for publicly revealing a legitimate Windows 11 Recovery vulnerability affecting BitLocker protection.
Security flaw RSS
Windows 11 KB5089549 can still allow a dangerous Registry-based privilege escalation attack, potentially enabling attackers to fully compromise systems.
Microsoft products and AI apps fell to multiple 0-days at Pwn2Own 2026 as researchers claimed huge cash prizes.
Edge may expose stored passwords more easily, with Microsoft reportedly stating that this behavior is intentional and "by design."
CISA and Microsoft have warned about a security vulnerability on Linux which can potentially impact millions of devices.
Microsoft has confirmed that its latest Windows 11 updates, KB5083769 and KB5083631, are blocking certain third-party backup apps like Macrium. The company has explained why.
Google Chrome lacks maybe the most important protection feature that Mozilla Firefox, Microsoft Edge, and Brave already have.
Microsoft has rolled out a major Remote Desktop change on Windows 11 with the latest KB5083769 update.
Apple just released a bunch of security updates for older iPhones and iPads to address a serious vulnerability.
Microsoft just patched a serious vulnerability in Notepad for Windows that could allow hackers to take control of victims' computers.
Unity has disclosed a particularly severe vulnerability affecting all games going back to 2017. Malicious actors can utilize this security issue to gain access to data on your machine.
Microsoft has released details regarding a security flaw that can lead to the exploitation of an essential Windows feature that can be used to steal your encrypted data.
Microsoft has released detailed guidance regarding the SharePoint Server security vulnerabilities that have been exploited in the wild, including the critical "CVE‑2025‑53770".
GNU/Linux is often praised as a privacy-respecting operating system. Now, one of its most popular email clients has been found to contain a security flaw that the developers seem unwilling to address.
New AMD Ryzen firmware is out which patches a security flaw related to the TPM and Pluton. The vulnerability impacts 9000, 8000, and 7000 series Ryzen CPUs.
Microsoft recently recommended not deleting the strange inetpub folder that users were wondering about. However, it can let hackers permanently block WIndows security updates.
Meta reports a security flaw in WhatsApp for Windows that lets attackers trick users into downloading and installing harmful malicious code.
All of Microsoft's server and client Windows versions are susceptible to yet another new NTLM security flaw. An unofficial patch has been released.
All of Microsoft's server and client Windows versions are susceptible to a new NTLM security flaw. An unofficial patch has been released by 0patch.
A critical zero-click vulnerability in Synology's Photos app could expose millions of devices to cyberattacks. Urgent updates are required to protect your data.
Cisco Talos discovered eight vulnerabilities in Microsoft 365 apps on macOS. These vulnerabilities allow hackers to bypass macOS permissions and perform actions like sending emails or recording audio.
Microsoft has published a detailed guidance post on how to deal with a recently uncovered security vulnerability that can downgrade almost all modern Windows 11/10/Server PCs with VBS.
Tenable discovered two security vulnerabilities in Microsoft's Azure Health Bot service. The first vulnerability, found in the "Data Connections" feature, allowed unauthorized access to resources.
Security researchers have discovered a vulnerability in a Windows system driver that can be abused to trigger a blue screen of death (BSOD), even on fully updated Windows 11 and 10 systems.
A new Windows security vulnerability has been found which can alter Windows Update to downgrade your PC, even if you are fully updated with all the latest patches. It's also irreversible.
Dropbox has revealed a data breach at its Dropbox Sign e-signature service that may have exposed customers' personal information, including emails, usernames, phone numbers, and hashed passwords.
Microsoft has blocked Secure Boot mitigations for the BlackLotus (CVE-2023-24932) vulnerability on some PCs. The block affects Windows Server 2012 and 2012 R2 systems due to incompatibilities with TPM
Microsoft released patches for a couple of Kerberos authentication vulnerabilities tracked under CVE-2024-26248 and CVE-2024-29056. Details about its enforcement timeline have been shared.
Remember the Spectre CPU vulnerability that reared its head for the first time in 2017? Variant 2 of Spectre is back, and as such, Microsoft has published guidance about the mitigation.
The Indian government has resolved one of the most significant breaches of its citizens' sensitive information which included Aadhar information, COVID-19 vaccination records, and even addresses.
A curious Microsoft employee has saved the world from a potential global meltdown as several Linux distros were found vulnerable to an XZ backdoor tracked under CVE-2024-3094 (CVSS score of 10.0).
Microsoft has released a detailed set of FAQs and recommendations for users who are affected by the XZ Utils vulnerability which allows a threat actor to exploit SSH operations and get remote access.
Home security camera maker Wyze confirmed earlier today that an online security issue that happened late last week caused 13,000 camera owners to briefly see images of other people's homes
TPM sniffing attacks, which we have covered before, are possible even on modern Intel-powered hardware running the latest Windows 11. Such attacks may however be preventable by Microsoft's Pluton.
Microsoft released a security fix for a Group Policy-related vulnerability for the oldest Windows 10 version recently. The patch should be will be deployed via the RSAT Server tool.
Microsoft has addressed a security vulnerability that can lead to BitLocker Secure Boot bypass on both Windows 10 and 11. Alongside that, the company has also detailed how to resize the WinRE space.
Some of Asus' popular mid-range and high-end routers have been found to be vulnerable to remote code execution and code injection attacks. Check the full list of routers and the firmware patches here.
Microsoft and Intel have cautioned about a recent security vulnerability affecting 7th Gen, 8th Gen, 9th Gen, 10th Gen, and 11th Gen chips. This security vulnerability is called Downfall or GDS.
A security threat research team had notified Microsoft about several major security vulnerabilities in its PowerShell Gallery. The flaws remain even after the tech giant claimed they were fixed.
_medium.jpg)
Microsoft had warned about a kernel patch that could break something on the system. However, two months since, it has pushed that update enabling it by default via the latest Patch Tuesday.
