Collecting Cyber-News from over 60 sources

Tag: microsoft

Critical Flaw in Windows Admin Center Exposes Systems to Privilege Escalation Attacks

Feb 18, 2026 7:58 AM

Tags: attack, cve, cyber, flaw, microsoft, risk, update, vulnerability, windows

Microsoft has officially released a security update addressing a severe vulnerability found within the Windows Admin Center. Tracking under the identifier CVE-2026-26119, this critical flaw presents a significant risk to enterprise environments relying on the platform for server management. The vulnerability, described as an Elevation of Privilege issue, allows authorised attackers to escalate their permissions…
Critical Flaw in Windows Admin Center Exposes Systems to Privilege Escalation Attacks

Feb 18, 2026 7:58 AM

Tags: attack, cve, cyber, flaw, microsoft, risk, update, vulnerability, windows

Microsoft has officially released a security update addressing a severe vulnerability found within the Windows Admin Center. Tracking under the identifier CVE-2026-26119, this critical flaw presents a significant risk to enterprise environments relying on the platform for server management. The vulnerability, described as an Elevation of Privilege issue, allows authorised attackers to escalate their permissions…
Researchers Show Copilot and Grok Can Be Abused as Malware C2 Proxies

Feb 17, 2026 7:58 PM

Tags: ai, attack, communications, control, cybersecurity, intelligence, malware, microsoft

Cybersecurity researchers have disclosed that artificial intelligence (AI) assistants that support web browsing or URL fetching capabilities can be turned into stealthy command-and-control (C2) relays, a technique that could allow attackers to blend into legitimate enterprise communications and evade detection.The attack method, which has been demonstrated against Microsoft Copilot and xAI Grok First seen on…
The 20 Coolest Endpoint And Managed Security Companies Of 2026: The Security 100

Feb 17, 2026 4:58 PM

Tags: ai, crowdstrike, edr, endpoint, microsoft

CRN’s Security 100 list of the coolest endpoint and managed security companies includes vendors with AI-powered EDR and MDR offerings such as CrowdStrike, Microsoft, SentinelOne and Sophos. First seen on crn.com Jump to article: www.crn.com/news/security/2026/the-20-coolest-endpoint-and-managed-security-companies-of-2026-the-security-100
Microsoft Teams outage affects users in United States, Europe

Feb 17, 2026 4:58 PM

Tags: microsoft

Microsoft is working to resolve an ongoing outage affecting Microsoft Teams users, causing delays and preventing some from accessing the service. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/microsoft-teams-outage-affects-users-in-united-states-europe/
Why 2025’s agentic AI boom is a CISO’s worst nightmare

Feb 17, 2026 11:58 AM

Tags: access, ai, api, attack, breach, ciso, control, data, defense, email, exploit, finance, framework, governance, infrastructure, injection, jobs, LLM, malicious, microsoft, monitoring, nist, nvidia, openai, RedTeam, risk, risk-management, service, strategy, threat, tool, training, unauthorized, update, vulnerability

defined the early generative AI boom are structurally obsolete. In their place, dynamic and goal-oriented agentic AI systems are taking over the enterprise.This shift was not born of ambition, but of necessity. The industry’s previous darling, standard retrieval-augmented generation (RAG), has hit a wall. To understand the security crisis of 2026, we must first understand…
Microsoft Finds “Summarize with AI” Prompts Manipulating Chatbot Recommendations

Feb 17, 2026 11:58 AM

Tags: ai, intelligence, microsoft

New research from Microsoft has revealed that legitimate businesses are gaming artificial intelligence (AI) chatbots via the “Summarize with AI” button that’s being increasingly placed on websites in ways that mirror classic search engine poisoning (AI).The new AI hijacking technique has been codenamed AI Recommendation Poisoning by the Microsoft Defender Security Research Team. The tech…
Microsoft Teams Leverages AI Workflows with Microsoft 365 Copilot for Task Automation

Feb 17, 2026 9:58 AM

Tags: ai, automation, cyber, microsoft

Microsoft is rolling out AI Workflows in the Teams Workflows app, bringing intelligent automation capabilities powered by Microsoft 365 Copilot to help users streamline daily operations and automate complex tasks. The feature uses scheduled Copilot prompts through predefined templates, making setup easier for users looking to enhance productivity through automation. Availability and Rollout Timeline AI…
Notepad: Wie Microsoft mit neuen KI-Funktionen eine Sicherheitslücke schuf

Feb 17, 2026 8:58 AM

Tags: ai, bug, microsoft

First seen on t3n.de Jump to article: t3n.de/news/notepad-wie-microsoft-mit-neuen-ki-funktionen-eine-sicherheitsluecke-schuf-1729667/
Ohne Google oder Microsoft arbeiten: Wie gut ist europäische Software im Alltag?

Feb 17, 2026 8:58 AM

Tags: google, microsoft, software

First seen on t3n.de Jump to article: t3n.de/news/wie-gut-ist-europaeische-software-im-alltag-1728129/
ClickFix added nslookup commands to its arsenal for downloading RATs

Feb 16, 2026 4:58 PM

Tags: access, microsoft, rat, tool

Microsoft researchers found a ClickFix campaign that uses the nslookup tool to have users infect their own system with a Remote Access Trojan. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/02/clickfix-added-nslookup-commands-to-its-arsenal-for-downloading-rats/
Microsoft equips CISOs and AI risk leaders with a new security tool

Feb 16, 2026 3:58 PM

Tags: ai, ciso, microsoft, risk, tool

Microsoft released Security Dashboard for AI in public preview for enterprise environments. The dashboard aggregates posture and real-time risk signals from Microsoft … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/02/16/microsoft-security-dashboard-for-ai-tool/
If Microsoft made a car… what would it be?

Feb 16, 2026 2:58 PM

Tags: microsoft

What is the automotive equivalent of Word, and where does Copilot fit? First seen on theregister.com Jump to article: www.theregister.com/2026/02/15/if_microsoft_made_a_car/
Microsoft alerts on DNS-based ClickFix variant delivering malware via nslookup

Feb 16, 2026 2:58 PM

Tags: captcha, dns, malicious, malware, microsoft, windows

Microsoft warns of a new ClickFix variant that tricks users into running DNS commands to fetch malware via nslookup. Microsoft has revealed a new ClickFix variant that deceives users into running a malicious nslookup command through the Windows Run dialog to retrieve a second-stage payload via DNS. ClickFix typically uses fake CAPTCHA or error messages…
Windows 11 KB5077181 Update Triggers Infinite Restart Loop on Some Devices

Feb 16, 2026 2:58 PM

Tags: cyber, microsoft, update, windows

Microsoft’s February 10, 2026, Patch Tuesday cumulative updateKB5077181for Windows 11 is being linked to severe boot failures on some devices, with users reporting systems that restart repeatedly and never reach the desktop. The issue is primarily discussed across community threads, including a Reddit post describing more than 15 reboot cycles after installation, effectively locking users…
Hackers Exploit ‘Summarize with AI’ Feature to Inject Malicious Prompts into AI Recommendations

Feb 16, 2026 11:58 AM

Tags: ai, attack, cyber, exploit, finance, hacker, malicious, microsoft

Hackers and marketers are increasingly abusing “Summarize with AI” buttons and AI-share links to quietly plant persistent instructions in AI assistants’ memory, a growing attack trend Microsoft calls AI Recommendation Poisoning. By silently biasing what assistants “remember” as trusted or preferred sources, these attacks can warp recommendations on high”‘impact topics like health, finance, and security without…
Windows-Sicherheit: Secure Boot: Zertifikate laufen ab Juni 2026 aus

Feb 16, 2026 10:58 AM

Tags: microsoft, windows

Microsoft stellt klar: Windows-PCs booten auch nach Juni 2026 weiter. Dennoch droht das Aus für wichtige Sicherheits-Patches im Boot-Prozess. First seen on golem.de Jump to article: www.golem.de/news/windows-sicherheit-secure-boot-zertifikate-laufen-ab-juni-2026-aus-2602-205436.html
Windows-Sicherheit: Secure Boot: Zertifikate laufen ab Juni 2026 aus

Feb 16, 2026 10:58 AM

Tags: microsoft, windows

Microsoft stellt klar: Windows-PCs booten auch nach Juni 2026 weiter. Dennoch droht das Aus für wichtige Sicherheits-Patches im Boot-Prozess. First seen on golem.de Jump to article: www.golem.de/news/windows-sicherheit-secure-boot-zertifikate-laufen-ab-juni-2026-aus-2602-205436.html
Configuration Manager: Hacker attackieren verbreitetes Microsoft-Admin-Tool

Feb 16, 2026 10:58 AM

Tags: exploit, hacker, microsoft, tool

Der von vielen IT-Admins genutzte Microsoft Configuration Manager steht unter Beschuss. Auf ungepatchten Systemen lässt sich Schadcode einschleusen. First seen on golem.de Jump to article: www.golem.de/news/configuration-manager-hacker-attackieren-verbreitetes-microsoft-admin-tool-2602-205431.html
Aktiv ausgenutzt – So gefährlich ist die Sicherheitslücke im Microsoft Configuration Manager

Feb 16, 2026 9:58 AM

Tags: bug, microsoft, update

First seen on security-insider.de Jump to article: www.security-insider.de/microsoft-sicherheitsluecke-cve-2024-43468-patch-risiken-a-6556bdb198f5fe0ab07879dfae38c981/
Aktiv ausgenutzt – So gefährlich ist die Sicherheitslücke im Microsoft Configuration Manager

Feb 16, 2026 9:58 AM

Tags: bug, microsoft, update

First seen on security-insider.de Jump to article: www.security-insider.de/microsoft-sicherheitsluecke-cve-2024-43468-patch-risiken-a-6556bdb198f5fe0ab07879dfae38c981/
Windows 11 KB5077181 fixes boot failures linked to failed updates

Feb 15, 2026 11:58 PM

Tags: microsoft, update, windows

Microsoft says it has resolved a Windows 11 bug that caused some commercial systems to fail to boot with an “UNMOUNTABLE_BOOT_VOLUME” error after installing recent security updates, with the fix delivered in the February 2026 Patch Tuesday update. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/windows-11-kb5077181-fixes-boot-failures-linked-to-failed-updates/
Microsoft Discloses DNS-Based ClickFix Attack Using Nslookup for Malware Staging

Feb 15, 2026 4:58 PM

Tags: attack, dns, malware, microsoft, social-engineering, windows

Microsoft has disclosed details of a new version of the ClickFix social engineering tactic in which the attackers trick unsuspecting users into running commands that carry out a Domain Name System (DNS) lookup to retrieve the next-stage payload.Specifically, the attack relies on using the “nslookup” (short for nameserver lookup) command to execute a custom DNS…
NDSS 2025 Automated Mass Malware Factory

Feb 13, 2026 10:58 PM

Tags: android, attack, conference, defense, detection, Internet, malicious, malware, microsoft, network, software

Session 12B: Malware Authors, Creators & Presenters: Heng Li (Huazhong University of Science and Technology), Zhiyuan Yao (Huazhong University of Science and Technology), Bang Wu (Huazhong University of Science and Technology), Cuiying Gao (Huazhong University of Science and Technology), Teng Xu (Huazhong University of Science and Technology), Wei Yuan (Huazhong University of Science and Technology),…
Attackers finally get around to exploiting critical Microsoft bug from 2024

Feb 13, 2026 8:58 PM

Tags: exploit, microsoft

As if admins haven’t had enough to do this week First seen on theregister.com Jump to article: www.theregister.com/2026/02/13/critical_microsoft_bug_from_2024/
Microsoft Under Pressure to Bolster Defenses for BYOVD Attacks

Feb 13, 2026 6:58 PM

Tags: attack, defense, exploit, microsoft, network, threat, windows

Threat actors are exploiting security gaps to weaponize Windows drivers and terminate security processes in targeted networks, and there may be no easy fixes in sight. First seen on darkreading.com Jump to article: www.darkreading.com/application-security/microsoft-under-pressure-defenses-byovd-attacks
Microsoft Under Pressure to Bolster Defenses for BYOVD Attacks

Feb 13, 2026 6:58 PM

Tags: attack, defense, exploit, microsoft, network, threat, windows

Threat actors are exploiting security gaps to weaponize Windows drivers and terminate security processes in targeted networks, and there may be no easy fixes in sight. First seen on darkreading.com Jump to article: www.darkreading.com/application-security/microsoft-under-pressure-defenses-byovd-attacks
CISA orders federal agencies to patch exploited SolarWinds, Apple, Microsoft bugs within weeks

Feb 13, 2026 4:58 PM

Tags: apple, cisa, cybersecurity, exploit, infrastructure, microsoft, update, vulnerability

The Cybersecurity and Infrastructure Security Agency (CISA) added ten new vulnerabilities to its catalog of exploited bugs this week, forcing all federal civilian agencies to resolve the issues by the first week of March. First seen on therecord.media Jump to article: therecord.media/cisa-orders-federal-agencies-to-patch-solarwinds-microsoft-apple-bugs
CISA orders federal agencies to patch exploited SolarWinds, Apple, Microsoft bugs within weeks

Feb 13, 2026 4:58 PM

Tags: apple, cisa, cybersecurity, exploit, infrastructure, microsoft, update, vulnerability

The Cybersecurity and Infrastructure Security Agency (CISA) added ten new vulnerabilities to its catalog of exploited bugs this week, forcing all federal civilian agencies to resolve the issues by the first week of March. First seen on therecord.media Jump to article: therecord.media/cisa-orders-federal-agencies-to-patch-solarwinds-microsoft-apple-bugs
Phishing Campaigns Target Users with Fake Meeting Invites and Update Alerts via Zoom, Teams, and Google Meet

Feb 13, 2026 2:58 PM

Tags: access, attack, corporate, cyber, exploit, google, malicious, microsoft, monitoring, phishing, social-engineering, tool, update

An ongoing wave of phishing campaigns exploiting fake meeting invites from popular video conferencing platforms, including Zoom, Microsoft Teams, and Google Meet. The attacks use social engineering to lure corporate users into downloading malicious “software updates,” which are, in reality, digitally signed remote monitoring and management (RMM) tools that grant attackers full remote access to…