Latest news as of 5/21/2026, 5:34:09 PM
Dark Reading
Organizations that have exposed their instances of Web Help Desk to the public Internet have inadvertently made them prime targets for attackers.
The Register
Roses are red, violets are blue ... now get patching What better way to say I love you than with an update? Attackers exploited a whopping six Microsoft bugs as zero-days prior to Redmond releasing software fixes on February's Patch Tuesday.…
Krebs on Security
Microsoft today released updates to fix more than 50 security holes in its Windows operating systems and other software, including patches for a whopping six "zero-day" vulnerabilities that attackers are already exploiting in the wild.
Dark Reading
With access to SIM, location data, and a preview of recent SMSes, attackers have everything they need for account takeover or targeted social engineering.
Dark Reading
Three of those zero-days are security feature bypass flaws, which give attackers a way to slip past built-in protections in multiple Microsoft products.
Bleeping Computer
A fake 7-Zip website is distributing a trojanized installer of the popular archiving tool that turns the user's computer into a residential proxy node. [...]
Bleeping Computer
Microsoft has released the KB5075912 extended security update to fix February 2026 Patch Tuesday vulnerabilities, including six zero-days, and continue rolling out replacements for expiring Secure Boot certificates. [...]
Bleeping Computer
Today is Microsoft's February 2026 Patch Tuesday with security updates for 58 flaws, including 6 actively exploited and three publicly disclosed zero-day vulnerabilities. [...]
Bleeping Computer
Microsoft has released Windows 11 KB5077181 and KB5075941 cumulative updates for versions 25H2/24H2 and 23H2 to fix security vulnerabilities, bugs, and add new features. [...]
The Register
Zero-click prompt injection can leak data when AI agents meet messaging apps, researchers warn AI agents can shop for you, program for you, and, if you're feeling bold, chat for you in a messaging app. But beware: attackers can use malicious prompts in chat to trick an AI agent into generating a data-leaking URL, which link previews may fetch automatically.…