Phishing
The latest Phishing coverage — news, analysis, and updates from the WindowsNews.AI desk.
Edge's SmartScreen Now Uses On-Device AI to Block Scareware Without Phoning Home
Microsoft has armed its Edge browser with a new weapon against online scams: an on-device AI that can detect and disrupt full-screen scareware pages before they trick users into handing over cash or...
Trojanized ScreenConnect Installers Deliver AsyncRAT and PureHVNC in Escalating RMM Abuse Campaigns
Since March 2025, threat actors have dramatically escalated their abuse of ConnectWise ScreenConnect, deploying trojanized installers and stripped-down ClickOnce runners to turn a trusted remote...
Mandatory MFA Hits Azure CLI and IaC Tools This Autumn: Brace for Impact
Microsoft is set to roll out Phase 2 of its mandatory multi-factor authentication (MFA) enforcement for Azure this autumn, and this time the net is cast far wider than the portal. Starting...
Chrome 140 for Android Fixes UI Spoofing Bug That Could Trick Users into Malicious Downloads
Google’s September 2025 stable channel update for Chrome, version 140, patches a UI spoofing vulnerability in the Downloads component that could allow attackers to mislead Android users into...
Android's Chrome Toolbar Trickery Fixed: CVE-2025-9865 Patched in Chrome 140, Edge Secured
Google has released a patch for a UI spoofing vulnerability in Chrome that could allow attackers on Android to trick users into believing they are visiting a trusted website. The fix, tracked as...
Palo Alto's Prisma SASE 4.0 Targets AI-Driven Browser Attacks and Rogue SaaS Agents
Palo Alto Networks has drawn a clear line in the SASE arms race. On September 4, 2025, the company launched Prisma SASE 4.0, a major platform refresh that frames the next phase of enterprise security...
Microsoft enforces Azure MFA by October 2025 as Meta patches zero-click WhatsApp flaw CVE-2025-55177, making identity the new enterprise perimeter.
Meta has patched a zero-click vulnerability in WhatsApp that could let attackers execute code without any user interaction, while Microsoft will begin enforcing multi-factor authentication (MFA) for...
Microsoft Teams Gets Tougher: Automatic Blocks for Weaponized Files and Malicious URLs
Microsoft is raising the shield on its flagship collaboration platform. Starting in September, Microsoft Teams will automatically block messages containing weaponizable file types and warn or block...
Phone Link Finally Gives Windows Users iMessage Access — With Strict Limits and Security Risks
Microsoft has spent nearly two years bridging the gap between iPhones and Windows PCs, and the latest Insider builds of Windows 11 now offer the most complete integration yet. Through the Phone Link...
Proofpoint Link Wrappers Hijacked in Malvertising Campaign Targeting Microsoft 365 Credentials
A sophisticated malvertising campaign is abusing legitimate link-wrapping services from Proofpoint and Intermedia, combined with Microsoft’s own Active Directory Federation Services (ADFS) redirect...
Windows 10's October 2025 Deadline: Why Defender Is Your Best Bet—and Where It Falls Short
Microsoft will pull the plug on Windows 10 security updates on October 14, 2025. That date is non-negotiable. Yet millions of users still wrap themselves in three dangerous myths: that paying for...
Windows Live Mail Spam Setup Guide: Maximize Filters Before You Migrate to New Outlook
Microsoft officially sunset support for Windows Mail, Calendar, and People on December 31, 2024, rendering these once-essential apps unable to send or receive messages. Meanwhile, Windows Live...