Threat Detection
The latest Threat Detection coverage — news, analysis, and updates from the WindowsNews.AI desk.
Microsoft’s 1.3 Billion Agent Projection Sparks Urgent Security Overhaul with Entra Agent ID and MCP Governance
Microsoft expects more than 1.3 billion AI agents to be operating across enterprises by 2028—a staggering scale that demands a fundamental rethink of identity, access, and runtime security. The...
CISA Flags Urgent Patches for Exploited Citrix Session Recording and Git Flaws
The Cybersecurity and Infrastructure Security Agency (CISA) added three vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog on August 25, 2025, signaling active exploitation of flaws...
Proofpoint Link Wrappers Hijacked in Malvertising Campaign Targeting Microsoft 365 Credentials
A sophisticated malvertising campaign is abusing legitimate link-wrapping services from Proofpoint and Intermedia, combined with Microsoft’s own Active Directory Federation Services (ADFS) redirect...
Microsoft Flags Critical Race Condition RCE in Windows Storage—Patch Immediately
Microsoft has issued a critical security advisory for CVE-2025-55231, a race‑condition vulnerability in the Windows storage management stack that could allow remote code execution. The flaw,...
CVE-2025-53763: Microsoft Flags Azure Databricks Privilege Escalation Flaw, Urges Immediate Defensive Actions
Microsoft has disclosed a new privilege escalation vulnerability in Azure Databricks, tracked as CVE-2025-53763, which could allow an attacker with network access to elevate their privileges within...
Rockwell Automation Patches FactoryTalk Action Manager Vulnerability That Broadcasts API Tokens
Rockwell Automation has confirmed a high-severity information disclosure vulnerability in its FactoryTalk Action Manager software that broadcasts reusable API tokens over local WebSocket channels,...
Microsoft’s August Patches Fix Kerberos dMSA Vulnerability That Lets Attackers Escalate to Domain Admin
A newly disclosed vulnerability in Windows Server 2025’s delegated Managed Service Accounts (dMSA) feature allows an attacker with initial access to specific Kerberos secrets to escalate to full...
CVE-2025-53779: New Kerberos Path Traversal Bug Opens Door to Privilege Escalation—Patch Now
Microsoft’s security team has published guidance for CVE-2025-53779, a newly disclosed vulnerability in Windows Kerberos that could let authenticated attackers on the network elevate their...
Critical RRAS Vulnerability Leaks Windows Server Memory—Patch CVE-2025-50157 Immediately
Microsoft has issued an urgent security update for a memory disclosure flaw in Windows Routing and Remote Access Service (RRAS) that could let attackers remotely extract sensitive data from unpatched...
CVE-2025-53734: Patch Visio Use-After-Free RCE Before Attackers Exploit Document Flaw
Microsoft has released a security update for a use-after-free vulnerability in Microsoft Visio that allows attackers to execute arbitrary code simply by having a victim open a maliciously crafted...
Microsoft Office Buffer Over-Read Bugs Strike Word and Excel: What Enterprises Must Patch Now
Microsoft has rolled out crucial patches for two high-severity buffer over-read vulnerabilities in Microsoft Word and Excel, both enabling local attackers to extract sensitive memory contents. The...
Microsoft Warns of CVE-2025-53726: Windows Push Notification Flaw Grants SYSTEM Access to Local Attackers
Microsoft has published a high-priority security advisory for CVE-2025-53726, a type-confusion vulnerability in the Windows Push Notifications component that allows an authenticated local attacker to...