Security Boulevard

Microsoft’s April 2026 Patch Tuesday Addresses 163 CVEs (CVE-2026-32201)

Critical154Important1Moderate0LowMicrosoft addresses 163 CVEs in the April 2026 Patch Tuesday release, including two zero-day ...

Angry Hacker Drops Microsoft Zero-Day Exploit, 1 Billion Users Warned

A security researcher frustrated with Microsoft has released the BlueHammer Windows zero-day exploit, telling the company, “I ...
Dark Reading

2 Zero-Day Bugs in Microsoft's Nov. Update Under Active Exploit

Attackers are already actively exploiting two vulnerabilities for which Microsoft issued patches on Nov. 12 as part of its monthly security update. And they could soon begin targeting two other ...
Dark Reading

Ransomware Attackers Bypass Microsoft's ProxyNotShell Mitigations With Fresh Exploit

The operators of a ransomware strain called Play have developed a new exploit chain for a critical remote code execution (RCE) vulnerability in Exchange Server that Microsoft patched in November. The ...
Bleeping Computer

Microsoft apologizes for removing VSCode extensions used by millions

Microsoft has reinstated the 'Material Theme – Free' and 'Material Theme Icons – Free' extensions on the Visual Studio Marketplace after finding that the obfuscated code they contained wasn't actually ...
Infosecurity-magazine.com

Malicious VS Code Extensions Exploit Name Reuse Loophole

A new campaign involving malicious Visual Studio Code (VS Code) extensions has exposed a loophole in the VS Code Marketplace that allows threat actors to reuse names of previously removed packages.
Geeky Gadgets

This Browser Hack Can Steal Everything : Polymorphic Extensions

A recent security demonstration has revealed a sophisticated cyberattack targeting browser extensions known as “polymorphic extensions.” These malicious tools exploit the permissions granted to ...