Microsoft's scheduled Patch Tuesday security update for February includes fixes for two zero-day security vulnerabilities under active attack, plus 71 other flaws across a wide range of its products.

Proof-of-concept exploit created by Microsoft has apparently leaked to the Internet. Possible sources of the leak: Microsoft security partners or an employee An attack exploiting a recently patched ...

Ransomware operators have found a way to exploit a Microsoft Windows-signed driver from Paragon Partition Manager, posing a threat to system security. This allows attackers to deploy the driver with ...

Forbes contributors publish independent expert analyses and insights. Lars Daniel covers digital evidence and forensics in life and law. The Black Basta ransomware group has begun targeting internal ...

U.S. CERT issued a brief warning on its Web site Monday stating that the organization was "aware of active exploitation using malicious Microsoft Access databases." The U.S. CERT is the operational ...

Attackers are exploiting a 6-year-old Microsoft Office remote code execution (RCE) flaw to deliver spyware, in an email campaign weaponized by malicious Excel attachments and characterized by ...

New computer code that exploits a recently disclosed hole in Microsoft Corp.’s Internet Explorer Web browser is circulating on the Internet and could allow remote attackers to take full control of ...

Update, August 10, 2025: This story, originally published on August 7, has been updated with additional information following a demonstration of the shared service principal exploit at the Black Hat ...

In an era where cloud-based solutions and artificial intelligence are the cornerstones of digital transformation, security vulnerabilities in these platforms can have far-reaching impacts. One such ...

Windows Security does more than just basic virus protection. It guards against phishing, blocks ransomware, and prevents malicious apps from running. However, these features aren't easy to ...