Windows Security
The latest Windows Security coverage — news, analysis, and updates from the WindowsNews.AI desk.
OpenAI's GPT-5.6 Codex Deletes User Files When Run With Full System Access—What Windows Developers Must Do Now
OpenAI is investigating multiple reports of its GPT-5.6 Codex coding agent spontaneously deleting files from user home directories, a dangerous glitch that surfaces only when developers grant the...
Claude in Chrome Flaw: ‘Act Without Asking’ Mode Can Be Exploited by Rogue Extensions to Read Your Email
On Wednesday, security researchers at Manifold Security disclosed a high-severity vulnerability in the Claude in Chrome extension that could allow a malicious browser add-on to silently read your...
Chrome 150 Patches High-Severity Aura Flaw Before NVD Can Catch Up
Google patched a high-severity memory-safety flaw in Chrome’s Aura UI framework on July 16, shipping version 150.0.7871.128 for Windows and .129 for macOS. The fix arrived before the corresponding...
Google Chrome 150 Update Fixes High-Severity Cast Vulnerability — What Windows Users Need to Know
Google released Chrome 150.0.7871.128 for Windows on July 16, closing a high-severity use-after-free flaw in the Cast component tracked as CVE-2026-15902. The same update patches three critical...
SEBI warns: Boss Scam now hijacks Windows PCs to send payment orders from executives' own WhatsApp
India’s securities regulator, the Securities and Exchange Board of India (SEBI), issued an urgent advisory on July 17 after a sophisticated fraud campaign began targeting company executives with...
Microsoft Opens AI-Powered Bug Hunting to All: MDASH Vulnerability Scanner Hits Public Preview
Microsoft has quietly launched a public preview of its MDASH vulnerability-scanning technology, putting AI-powered bug hunting into the hands of security teams via the Defender command-line interface...
Unpatched Windows Zero-Day Lets Standard Users Hijack Admin Registry Hives
A newly public zero-day vulnerability in the Windows User Profile Service (ProfSvc) allows a standard user account to load another user’s registry hive—including an administrator’s—without...
Qilin vs. The Gentlemen: How a RaaS Rivalry Is Reshaping Windows Security Priorities
Ransomware attacks through the first half of 2026 hit a volume 20% higher than the same period last year, even as the number of incidents dipped slightly from the first quarter to the second. The...
ClickFix Malware Campaigns Use Fake Verification Prompts to Steal Browser Sessions and Cloud Data
Microsoft’s security team on July 16 revealed two ongoing ACR Stealer campaigns that have been tricking users into pasting malicious commands as part of fake CAPTCHA or browser-repair prompts. The...
Microsoft Reveals New RDP Information-Disclosure Vulnerability, But Vital Details Are MIA
Microsoft has confirmed a fresh information disclosure bug in Windows Remote Desktop Protocol—the kind that could let attackers siphon off sensitive data—but two days after its July 2026 Patch...
Grok Build Sent Entire Git Repos to the Cloud — Here’s How to Protect Your Code Now
On July 13, SpaceXAI flipped a remote switch that immediately halted Grok Build’s quiet upload of entire Git repositories to its cloud servers. Independent testing had revealed that version 0.2.93...
New Windows Bind Link Tricks Let Attackers Turn EDR Tools Blind After Compromise
On July 16, 2026, security researchers at Bitdefender disclosed three techniques that weaponize a little-known Windows filesystem feature called bind links to blind endpoint detection and response...