Microsoft released patches for CVE-2026-21509, a new Office zero-day vulnerability that can be exploited to bypass security features.

Microsoft has released emergency security updates to patch a high-severity Office zero-day vulnerability exploited in attacks ...

Microsoft released out-of-band patches for an actively exploited Microsoft Office zero-day, CVE-2026-21509, a security ...

Microsoft rushed an emergency Patch Tuesday fix after a new Office zero-day began spreading in active attacks. CISA warns ...

Microsoft releases an urgent out-of-band update for a critical Office zero-day flaw already exploited in real-world attacks.

Varonis Threat Labs has published a report detailing a now patched security exploit discovered in Copilot that let attackers ...

Microsoft has patched 112 vulnerabilities in January 2026, including CVE-2026-20805, a Desktop Window Manager zero-day that ...

Microsoft has patched a vulnerabilitz in Copilot Personal that allowed hackers to steal sensitive user data through a single ...

Forbes contributors publish independent expert analyses and insights. Davey Winder is a veteran cybersecurity writer, hacker and analyst. Update, August 10, 2025: This story, originally published on ...

Ransomware operators have found a way to exploit a Microsoft Windows-signed driver from Paragon Partition Manager, posing a threat to system security. This allows attackers to deploy the driver with ...

Discover four key identity and access priorities for the new year to strengthen your organization's identity security ...

See how three organizations strengthen security and accelerate AI innovation with Microsoft’s family of security products.