ARTIKEL SUCHE
Threat Feed QueryDurchsuche alle aggregierten Security-Artikel nach Schlagworten, CVE-IDs und Quellen.
Defense in depth for autonomous AI agents
As AI agents gain autonomy, defense in depth must evolve, with application-layer design, identity, and human oversight at the center. The post Defense in depth for autonomous AI agents appeared first on Microsoft Securit
Windows Zero-Days Expose BitLocker Bypasses And CTFMON Privilege Escalation
An anonymous cybersecurity researcher who disclosed three Microsoft Defender vulnerabilities has returned with two more zero-days involving a BitLocker bypass and a privilege escalation impacting Windows Collaborative Tr
Microsoft's MDASH AI System Finds 16 Windows Flaws Fixed in Patch Tuesday
Microsoft has unveiled a new multi-model artificial intelligence (AI)-driven system called MDASH to facilitate vulnerability discovery and remediation at scale, adding that it's being tested by some customers as part of
Azerbaijani Energy Firm Hit by Repeated Microsoft Exchange Exploitation
A threat actor with affiliations to China has been linked to a "multi-wave intrusion" targeting an unnamed Azerbaijani oil and gas company between late December 2025 and late February 2026, marking an expansion of its ta
Microsoft Patches 138 Vulnerabilities, Including DNS and Netlogon RCE Flaws
Microsoft on Tuesday released patches for 138 security vulnerabilities spanning its product portfolio, although none of them have been listed as publicly known or under active attack. Of the 138 flaws, 30 are rated Criti
Microsoft Patchday Mai 2026
Microsoft hat im Mai zahlreiche Schwachstellen in verschiedenen Produkten behoben.
137 Schwachstellen und vier wurmfähige Netzwerk-Anfälligkeiten
Microsoft liefert im Mai 2026 ein umfangreiches Patch-Paket mit 137 neuen CVEs aus. Davon erscheinen 30 Einträge als kritisch und 104 als wichtig. Keine Sicherheitslücke steht zum Zeitpunkt der Freigabe unter aktivem Ang
Microsoft releases rare zero-day free Patch Tuesday update
<p>Microsoft has addressed around 140 newly discovered common vulnerabilities and exposures (CVEs) <a href="https://msrc.microsoft.com/update-guide/releaseNote/2026-may" target="_blank" rel="noopener">in its May Patch Tu
Defending consumer web properties against modern DDoS attacks
Read how to protect consumer websites and defend against modern DDoS attacks with layered security, resilient architecture, and graceful service degradation. The post Defending consumer web properties against modern DDoS
Undermining the trust boundary: Investigating a stealthy intrusion through third-party compromise
Microsoft Incident Response investigated an attack operated through legitimate and trusted administrative mechanisms to blend seamlessly into routine operations and remain undetected demonstrating that intrusions have in
Microsoft Edge: Mehrere Schwachstellen
Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Microsoft Edge für Android und bezüglich Copilot Chat ausnutzen, um Spoofing-Angriffe durchzuführen, Daten zu manipulieren und vertrauliche Informationen
Omada löst ein Cloud-Dilemma: Identity Security für regulierte Unternehmen ohne Kontrollverlust
Mit Omada Identity Cloud Private wird die vollständige Omada Identity Cloud-Plattform innerhalb des kundeneigenen Microsoft Azure-Tenants bereitgestellt.
Microsoft says Edge’s plaintext password behavior is “by design”
A researcher found Edge loads saved passwords into computer memory when it starts, making them easier to steal if a device is already compromised.
Microsoft Edge: Mehrere Schwachstellen ermöglichen nicht spezifizierten Angriff
Es existieren mehrere Schwachstellen in Microsoft Edge, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und veröffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht näher spezifizierte A
CVE-2026-34327 - Microsoft Partner Center Spoofing Vulnerability
CVE ID :CVE-2026-34327 Published : May 7, 2026, 8:58 p.m. | 1 hour, 22 minutes ago Description :None Severity: 8.2 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline,
CVE-2026-33823 - Microsoft Team Events Portal Information Disclosure Vulnerability
CVE ID :CVE-2026-33823 Published : May 7, 2026, 8:58 p.m. | 1 hour, 22 minutes ago Description :None Severity: 9.6 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeli
When prompts become shells: RCE vulnerabilities in AI agent frameworks
New research exposes how prompt injection in AI agent frameworks can lead to remote code execution. Learn how these vulnerabilities work, what’s impacted, and how to secure your agents. The post When prompts become shell
World Passkey Day: Advancing passwordless authentication
This World Passkey Day, read how Microsoft is advancing passkey adoption to replace passwords, cut phishing risk, and deliver simpler, more secure sign-ins. The post World Passkey Day: Advancing passwordless authenticati
Microsoft named an overall leader in KuppingerCole Analyst’s 2026 Emerging AI Security Operations Center (SOC) report
Microsoft is excited to be named an Overall Leader, and the Market Leader in the Kuppinger Cole Analyst’s 2026 Emerging AI Security Operations Center (SOC) report, as we see automation and AI as core components of the fu
MuddyWater Uses Microsoft Teams to Steal Credentials in False Flag Ransomware Attack
The Iranian state-sponsored hacking group known as MuddyWater (aka Mango Sandstorm, Seedworm, and Static Kitten) has been attributed to a ransomware attack in what has been described as a "false flag" operation. The atta