CYBERSEC

Windows Narrator Braille: LPE Hidden in the Accessibility Path

CVE-2026-48565: Local escalation to SYSTEM via brlapi, the Windows Braille service frequently overlooked by enterprise patching cycles.

Jun 10, 2026views - 714

CYBERSECZERO-DAY

Microsoft June 2026 Patch Tuesday: 200 Flaws Fixed, 3 Public Zero-Days Addressed

Microsoft’s June 2026 security update addresses approximately 200 vulnerabilities, including three publicly disclosed zero-days: the '…

Jun 09, 2026views - 1.1k

microsoftZERO-DAY

Microsoft Backtracks on Legal Threats Against Zero-Day Researcher Following Industry Backlash

Microsoft threatened criminal action against researcher Nightmare-Eclipse over six Defender zero-days, partially retracting its stance…

Jun 08, 2026views - 1.5k

CYBERSECZERO-DAY

Edge Tab-Splitting and Invisible Phishing: The Pwn2Own Flaw

CVE-2026-45494: A Universal XSS in Microsoft Edge discovered by Orange Tsai leverages tab-splitting to mask malicious URLs. Update to…

Jun 08, 2026views - 1.8k

CYBERSECZERO-DAY

Microsoft Retracts Legal Threats Against Researchers Following Zero-Day Disclosure Backlash

Microsoft threatened criminal prosecution against researcher Nightmare-Eclipse for publishing six Windows zero-days before walking bac…

Jun 04, 2026views - 1.3k

VULNCRITICAL

Microsoft Patched This Pwn2Own Edge RCE Weeks Ago—But the Disclosure Gap Leaves Enterprises Exposed

CVE-2026-45495: A directory traversal vulnerability in Microsoft Edge feedback logs enables remote code execution. While Microsoft rel…

Jun 04, 2026views - 1.2k

CYBERSECCVE

Edge Vulnerability CVE-2026-45492: Origin Validation Error Bypasses Windows VBS

A flaw in Microsoft Edge’s cross-device sign-in mechanism, tracked as CVE-2026-45492, allows attackers to bypass Windows Virtualizatio…

Jun 04, 2026views - 965

CYBERSEC

Google Gemini Hijacked via Messaging Notifications: The 'Dual Illusion' Attack

SafeBreach researchers have demonstrated how the Google Gemini voice assistant on Android can be hijacked through indirect prompt inje…

Jun 04, 2026views - 802

VULN

Microsoft Refuses to Patch Windows Search URI Flaw Enabling NTLM Hash Theft

Huntress has disclosed an unpatched vulnerability in the Windows search: URI handler that allows attackers to steal NTLMv2 hashes via…

Jun 03, 2026views - 208

CYBERSEC

Cybanetix Launches Managed AI Service: AI-Native MDR Powered by Four-Vendor Stack

Cybanetix has unveiled its Managed AI Service, integrating NOMA, SentinelOne, Microsoft, and Exabeam under a unified 24/7 SOC with a s…

Jun 02, 2026views - 158

CYBERSECCRITICAL

Microsoft Patched a Critical SharePoint RCE but Omitted the CVE from Official Documentation

CVE-2026-45659, a CVSS 8.8 SharePoint Server RCE, was missing from Microsoft’s May 2026 security update list. While the patch was dist…

Jun 01, 2026views - 192

CYBERSEC

Poisoned AI Chatbots: A New Vector for High-Performance GPU Cryptojacking

Microsoft has identified an active campaign that manipulates AI chatbot recommendations to distribute GPU-based cryptojacking malware…

May 31, 2026views - 158