Similar Posts
Improving security posture across the Microsoft partner ecosystem
The Deputy CISO blog series is where Microsoft Deputy Chief Information Security Officers (CISOs) share their thoughts on what is most important in their respective domains. In this series, you will get practical advice, tactics to start (and stop) deploying, forward-looking commentary on where the industry is going, and more. In this article, Raji Dani, Vice President and…
The open source library holding up your stack might have one maintainer
Every serious software product runs on code that someone else wrote and released for free. A web service leans on a cryptography library, a data pipeline pulls in a parser, and a mobile app ships a handful of small utilities that one person maintains in spare time. All of it carries the same label. A…
Dutch police bust investment fraud ring stealing over €100 million
The Dutch Police announced the arrest of multiple individuals suspected of being part of an international investment fraud scheme estimated to have tens of thousands of victims. The group is believed to have operated 20 call centers, with more than 700 people posing as financial advisers. Authorities estimate that the criminal organization at one point…
Microsoft fixes ‘RoguePlanet’ Defender zero-day as researcher finds new holes
Microsoft said it has closed off RoguePlanet, a privilege escalation flaw in the Windows Defender scanning engine that could let a local attacker spawn a SYSTEM-level shell, but the researcher who found the zero-day bug has poked new holes in the anti-malware tool. A race condition bug, the vulnerability works on Windows 10 and 11…
Reken launches on-device AI platform to detect phishing and impersonation scams
After two years of development, Reken has come out of stealth with an AI security platform that can analyze communications directly on users’ devices. The Reken Private Core platform provides the underlying technology for Northstar, its application that can detect phishing, impersonation, business email compromise, and other social engineering attacks. The Private Core is built…
July 2026 Patch Tuesday: Updates and Analysis
Exploited Zero-Day Vulnerability in Active Directory Federation Services CVE-2026-56155 is an Important elevation of privilege vulnerability affecting Active Directory Federation Services (AD FS) and has a CVSS score of 7.8. An insufficient granularity of access control flaw (CWE-1220) allows a low-privileged local attacker to elevate privileges with no user interaction and low attack complexity….