Software

Latest Microsoft Patch Tuesday updates stamp out a record 622 security vulnerabilities, as the company’s AI-enhanced bug hunt looks to bear fruit

As much as AI has its drawbacks, it’d be wrong to say it doesn’t have its uses. Case in point, Microsoft’s previous commitment to leverage AI vulnerability detection in Windows security updates looks to be bearing fruit, as the latest Patch Tuesday release fixes an astonishing 622 CVEs across its products. Which is a new […]

Latest Microsoft Patch Tuesday updates stamp out a record 622 security vulnerabilities, as the company’s AI-enhanced bug hunt looks to bear fruit Read More »

CISA warns admins to patch actively exploited SharePoint flaws

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) warned Tuesday that attackers are actively exploiting three vulnerabilities to hack Internet-exposed on-premises SharePoint Server instances. These security flaws (tracked as CVE-2026-32201, CVE-2026-45659, and CVE-2026-56164) affect all supported self-hosted SharePoint Server versions, including SharePoint Server Subscription Edition (the latest on-premises version, which uses a “continuous update” model).

CISA warns admins to patch actively exploited SharePoint flaws Read More »

US charges alleged operators of Russian bulletproof hosting service

U.S. federal prosecutors have unsealed charges against three Russian nationals, accusing them of providing bulletproof hosting (BPH) services to ransomware gangs that caused over $62 million in damages to victims worldwide. BPH providers lease servers that help hinder disruption efforts targeting their malicious activities, including malware delivery, command-and-control operations, phishing attacks, and illicit content hosting.

US charges alleged operators of Russian bulletproof hosting service Read More »

SonicWall warns of SMA1000 flaws exploited in zero-day attacks, patch now

The Spanish Police dismantled a cybercrime and money-laundering organization that made €140 million ($160 million) from investment fraud and business email compromise (BEC) attacks. As part of the law enforcement operation, four people were arrested in Spain, Portugal, and Panama. The police describe the operation as an industrial-level scheme as it involved at least 800

SonicWall warns of SMA1000 flaws exploited in zero-day attacks, patch now Read More »

Microsoft Entra ID gets passkeys default authentication starting September

Microsoft has announced that passkeys will become the default authentication method for the Entra ID enterprise identity service starting September 2026. Passkeys will be enabled automatically for Entra ID users now using phone-based SMS and voice authentication, which will be retired in February 2027 across all tenants. However, users who are already signing into their

Microsoft Entra ID gets passkeys default authentication starting September Read More »

New phishing kits target Microsoft 365 accounts, evade MFA

Two new phishing kits, Jalisco and OmegaLord, have been discovered in attacks targeting Microsoft 365 accounts, using techniques that defeat multi-factor authentication (MFA). While Jalisco uses the device-code phishing method, OmegaLord masquerades as a PDF reader to collect account login credentials and associated phone numbers, which could help the attacker intercept or hijack MFA requests

New phishing kits target Microsoft 365 accounts, evade MFA Read More »

New changes to Windows 11 Start menu and search look genuinely exciting and thank the heavens that we’ll be able to disable web results

Say what you want about Windows—I’ve certainly said my fair share—but recent months have shown at least that Microsoft is willing to make some positive changes. Now, at least some of these are coming to fruition, as the company is releasing an improved Windows start menu search box for Insiders. The changes are ones that

New changes to Windows 11 Start menu and search look genuinely exciting and thank the heavens that we’ll be able to disable web results Read More »

SAP warns of critical flaws in NetWeaver and Commerce Cloud

SAP has addressed 16 vulnerabilities across multiple products as part of its July 2026 security updates, including three critical flaws in NetWeaver, Commerce Cloud, and AppRouter. The first critical issue patched this month is a memory corruption security issue (tracked as CVE-2026-44747) stemming from an out-of-bounds write weakness in the NetWeaver Application Server ABAP (AS

SAP warns of critical flaws in NetWeaver and Commerce Cloud Read More »

Gemini in Chrome is expanding to even more desktop users

Affiliate links on Android Authority may earn us a commission. Learn more. Google has been slowly rolling out Chrome’s advanced AI capabilities. The company first introduced the new Gemini in Chrome feature in the US earlier this year. Now, Google is expanding it to yet another region. The company announced in a blog post that

Gemini in Chrome is expanding to even more desktop users Read More »

Chrome on Android is getting a navigation bar redesign to make room for Gemini

Affiliate links on Android Authority may earn us a commission. Learn more. After months of facing regulatory hurdles, Gemini is finally more easily accessible to Chrome users in the UK. This delayed rollout comes months after Google last expanded Gemini’s footprint in the world’s most-used web browser. While the UK-specific change applies to Chrome for

Chrome on Android is getting a navigation bar redesign to make room for Gemini Read More »