A trio of zero-days headline Microsoft's May Patch Tuesday update, which offers a modest spring bouquet of 59 CVEs in total (just a third of last month's downpour of patches for admins to deal with).

A new wave of attacks by the DarkGate malware operation exploits a now-fixed Windows Defender SmartScreen vulnerability to bypass security checks and automatically install fake software installers.

ESET researchers discovered a previously unknown vulnerability in Mozilla products, exploited in the wild by Russia-aligned group RomCom. This is at least the second time that RomCom has been caught ...

A proof-of-concept exploit (PoC) has become available for a critical zero-day vulnerability in the Windows SmartScreen technology. Microsoft issued a patch for the issue in its November Patch Tuesday ...

The no-click exploit launched in October infected computers in Europe and North America with the RomCom backdoor when victims were redirected through attacker-controlled websites. A Russia-aligned ...

Friday’s release of suspected NSA spying tools is bad news for companies running Windows Server. The cyberweapons, which are now publicly available, can easily hack older versions of the OS. The ...

ZDNET's key takeaways Millions of computers globally are still running Windows 10.Attackers are ready, willing, and able to exploit unpatched PCs.Signing up for extended security updates is a crucial ...

Less than 24 hours after Microsoft said it couldn't patch Windows to fix a systemic problem, attack code appeared Tuesday to exploit the company's software. Also on Tuesday, a security firm that's ...

Windows doesn’t offer a single switch to disable Exploit Protection completely. You can only disable individual mitigations system-wide or per app. We strongly recommend turning it off only for ...