News Security CVE-2026-50656 “RoguePlanet” in Microsoft Defender: what’s known and how to prepare June 22, 2026 / June 22, 2026 by Alex Mira | Leave a Comment Microsoft is preparing a fix for CVE-2026-50656 (“RoguePlanet”), an elevation-of-privilege issue in Microsoft Defender’s engine. Here’s what’s confirmed, what’s still unclear, and how to prepare while waiting for the patch. Read more » CVE-2026-50656 Elevation of Privilege Microsoft Defender RoguePlanet Windows security Zero-day
News Microsoft patches actively exploited Exchange Server zero-day (CVE-2026-42897) June 10, 2026 / June 10, 2026 by Alex Mira | Leave a Comment Microsoft patched an actively exploited Exchange Server zero-day (CVE-2026-42897) that enables XSS against Outlook Web Access users. Admins should install June 2026 updates promptly and keep EEMS mitigations enabled. Read more » CISA KEV CVE-2026-42897 Microsoft Exchange Server Outlook Web Access XSS Zero-day
News Pwn2Own Berlin 2026 day two: Exchange, Windows 11, and AI tooling fall to fresh zero-days May 17, 2026 / May 17, 2026 by Alex Mira | Leave a Comment Pwn2Own Berlin 2026 day two delivered 15 new zero-days—spanning Microsoft Exchange, Windows 11, RHEL Workstations, NVIDIA Container Toolkit, and AI coding agents—triggering $385,750 in awards and setting up a busy patch cycle. Read more » AI security Microsoft Exchange NVIDIA Container Toolkit Pwn2Own Red Hat Enterprise Linux Windows 11 Zero-day