Microsoft appears to blame a security researcher for publicly revealing a legitimate Windows 11 Recovery vulnerability affecting BitLocker protection.
Security vulnerability RSS
Windows 11 KB5089549 can still allow a dangerous Registry-based privilege escalation attack, potentially enabling attackers to fully compromise systems.
Edge may expose stored passwords more easily, with Microsoft reportedly stating that this behavior is intentional and "by design."
CISA and Microsoft have warned about a security vulnerability on Linux which can potentially impact millions of devices.
Microsoft has confirmed that its latest Windows 11 updates, KB5083769 and KB5083631, are blocking certain third-party backup apps like Macrium. The company has explained why.
Microsoft has rolled out a major Remote Desktop change on Windows 11 with the latest KB5083769 update.
Unity has disclosed a particularly severe vulnerability affecting all games going back to 2017. Malicious actors can utilize this security issue to gain access to data on your machine.
Microsoft has released details regarding a security flaw that can lead to the exploitation of an essential Windows feature that can be used to steal your encrypted data.
Microsoft rolled out the NLWeb framework at Build 2025. Now, a new report shows it can be exploited to gain unauthorized file access.
Microsoft has released detailed guidance regarding the SharePoint Server security vulnerabilities that have been exploited in the wild, including the critical "CVE‑2025‑53770".
GNU/Linux is often praised as a privacy-respecting operating system. Now, one of its most popular email clients has been found to contain a security flaw that the developers seem unwilling to address.
New AMD Ryzen firmware is out which patches a security flaw related to the TPM and Pluton. The vulnerability impacts 9000, 8000, and 7000 series Ryzen CPUs.
Microsoft recently recommended not deleting the strange inetpub folder that users were wondering about. However, it can let hackers permanently block WIndows security updates.
Meta reports a security flaw in WhatsApp for Windows that lets attackers trick users into downloading and installing harmful malicious code.
All of Microsoft's server and client Windows versions are susceptible to yet another new NTLM security flaw. An unofficial patch has been released.
All of Microsoft's server and client Windows versions are susceptible to a new NTLM security flaw. An unofficial patch has been released by 0patch.
A critical zero-click vulnerability in Synology's Photos app could expose millions of devices to cyberattacks. Urgent updates are required to protect your data.
Cisco Talos discovered eight vulnerabilities in Microsoft 365 apps on macOS. These vulnerabilities allow hackers to bypass macOS permissions and perform actions like sending emails or recording audio.
Google Play Security Reward Program incentivized developers and security researchers to check Android apps for vulnerabilities. However, Google has notified participants that the program ends soon.
Microsoft has published a detailed guidance post on how to deal with a recently uncovered security vulnerability that can downgrade almost all modern Windows 11/10/Server PCs with VBS.
Tenable discovered two security vulnerabilities in Microsoft's Azure Health Bot service. The first vulnerability, found in the "Data Connections" feature, allowed unauthorized access to resources.
Security researchers have discovered a vulnerability in a Windows system driver that can be abused to trigger a blue screen of death (BSOD), even on fully updated Windows 11 and 10 systems.
A new Windows security vulnerability has been found which can alter Windows Update to downgrade your PC, even if you are fully updated with all the latest patches. It's also irreversible.
A community of Rabbit R1 developers has found a serious flaw in the company's code that allows third parties to access text prompts sent through R1, which could contain sensitive data.
Millions of users could get free laundry service due to a bug that affects internet-connected laundry machines operated by CSC ServiceWorks. The bug has existed for months now and is yet to be fixed.
Microsoft is rolling out another Edge update in the Stable and Extended Stable channels to fix one more Chromium security vulnerability, CVE-2024-4761, which is exploited in the wild.
Microsoft has issued a security update for its browser in the Stable Stable and Extended Stable channels. Version 124.0.2478.97 fixes two security vulnerabilities exploited in the wild.
Microsoft has blocked Secure Boot mitigations for the BlackLotus (CVE-2023-24932) vulnerability on some PCs. The block affects Windows Server 2012 and 2012 R2 systems due to incompatibilities with TPM
Microsoft released patches for a couple of Kerberos authentication vulnerabilities tracked under CVE-2024-26248 and CVE-2024-29056. Details about its enforcement timeline have been shared.
Remember the Spectre CPU vulnerability that reared its head for the first time in 2017? Variant 2 of Spectre is back, and as such, Microsoft has published guidance about the mitigation.
The Indian government has resolved one of the most significant breaches of its citizens' sensitive information which included Aadhar information, COVID-19 vaccination records, and even addresses.
A curious Microsoft employee has saved the world from a potential global meltdown as several Linux distros were found vulnerable to an XZ backdoor tracked under CVE-2024-3094 (CVSS score of 10.0).
Microsoft has released a detailed set of FAQs and recommendations for users who are affected by the XZ Utils vulnerability which allows a threat actor to exploit SSH operations and get remote access.
TPM sniffing attacks, which we have covered before, are possible even on modern Intel-powered hardware running the latest Windows 11. Such attacks may however be preventable by Microsoft's Pluton.
Microsoft released a security fix for a Group Policy-related vulnerability for the oldest Windows 10 version recently. The patch should be will be deployed via the RSAT Server tool.
Apple has released a security update to address a Bluetooth-related vulnerability affecting various Magic Keyboard models. The vulnerability allowed an attacker to monitor Bluetooth traffic.
Microsoft has addressed a security vulnerability that can lead to BitLocker Secure Boot bypass on both Windows 10 and 11. Alongside that, the company has also detailed how to resize the WinRE space.
Some of Asus' popular mid-range and high-end routers have been found to be vulnerable to remote code execution and code injection attacks. Check the full list of routers and the firmware patches here.
Microsoft and Intel have cautioned about a recent security vulnerability affecting 7th Gen, 8th Gen, 9th Gen, 10th Gen, and 11th Gen chips. This security vulnerability is called Downfall or GDS.
A security threat research team had notified Microsoft about several major security vulnerabilities in its PowerShell Gallery. The flaws remain even after the tech giant claimed they were fixed.
LibreOffice developer takes a dig at Euro-Office in new open letter
Dell, HP PCs ran into endless reboot, BitLocker recovery loops but Windows 11 isn't to blame
Microsoft making much needed change to Windows 11, 10 Patch Tuesday security updates
