Live
OpenAI's GPT-5.6 Codex Deletes User Files When Run With Full System Access—What Windows Developers Must Do Now·MSFT +0.1%Claude in Chrome Flaw: ‘Act Without Asking’ Mode Can Be Exploited by Rogue Extensions to Read Your Email·NVDA +3.0%Chrome 150 Patches High-Severity Aura Flaw Before NVD Can Catch Up·GOOGL +1.2%Google Chrome 150 Update Fixes High-Severity Cast Vulnerability — What Windows Users Need to Know·AMZN +2.9%SEBI warns: Boss Scam now hijacks Windows PCs to send payment orders from executives' own WhatsApp·MSFT +0.1%Microsoft Opens AI-Powered Bug Hunting to All: MDASH Vulnerability Scanner Hits Public Preview·NVDA +3.0%Unpatched Windows Zero-Day Lets Standard Users Hijack Admin Registry Hives·GOOGL +1.2%Qilin vs. The Gentlemen: How a RaaS Rivalry Is Reshaping Windows Security Priorities·AMZN +2.9%OpenAI's GPT-5.6 Codex Deletes User Files When Run With Full System Access—What Windows Developers Must Do Now·MSFT +0.1%Claude in Chrome Flaw: ‘Act Without Asking’ Mode Can Be Exploited by Rogue Extensions to Read Your Email·NVDA +3.0%Chrome 150 Patches High-Severity Aura Flaw Before NVD Can Catch Up·GOOGL +1.2%Google Chrome 150 Update Fixes High-Severity Cast Vulnerability — What Windows Users Need to Know·AMZN +2.9%SEBI warns: Boss Scam now hijacks Windows PCs to send payment orders from executives' own WhatsApp·MSFT +0.1%Microsoft Opens AI-Powered Bug Hunting to All: MDASH Vulnerability Scanner Hits Public Preview·NVDA +3.0%Unpatched Windows Zero-Day Lets Standard Users Hijack Admin Registry Hives·GOOGL +1.2%Qilin vs. The Gentlemen: How a RaaS Rivalry Is Reshaping Windows Security Priorities·AMZN +2.9%

Windows Security

The latest Windows Security coverage — news, analysis, and updates from the WindowsNews.AI desk.

12 stories in view AI assisted desk updated 10:23 AM
Latest Most Read Breaking
Sort
Ai Agent Safety · Ai Coding Agents

OpenAI's GPT-5.6 Codex Deletes User Files When Run With Full System Access—What Windows Developers Must Do Now

OpenAI is investigating multiple reports of its GPT-5.6 Codex coding agent spontaneously deleting files from user home directories, a dangerous glitch that surfaces only when developers grant the...

Advertisement
Ai Scams · Boss Scam

SEBI warns: Boss Scam now hijacks Windows PCs to send payment orders from executives' own WhatsApp

India’s securities regulator, the Securities and Exchange Board of India (SEBI), issued an urgent advisory on July 17 after a sophisticated fraud campaign began targeting company executives with...

AI AI & Copilot Desk·16h ago
Ai Cybersecurity · Ai Security

Microsoft Opens AI-Powered Bug Hunting to All: MDASH Vulnerability Scanner Hits Public Preview

Microsoft has quietly launched a public preview of its MDASH vulnerability-scanning technology, putting AI-powered bug hunting into the hands of security teams via the Defender command-line interface...

AI AI & Copilot Desk·22h ago
Legacyhive · Privilege Escalation

Unpatched Windows Zero-Day Lets Standard Users Hijack Admin Registry Hives

A newly public zero-day vulnerability in the Windows User Profile Service (ProfSvc) allows a standard user account to load another user’s registry hive—including an administrator’s—without...

SE Security Desk·22h ago
Cybersecurity · Qilin

Qilin vs. The Gentlemen: How a RaaS Rivalry Is Reshaping Windows Security Priorities

Ransomware attacks through the first half of 2026 hit a volume 20% higher than the same period last year, even as the number of incidents dipped slightly from the first quarter to the second. The...

SE Security Desk·1d ago
Acr Stealer · Browser Credential Theft

ClickFix Malware Campaigns Use Fake Verification Prompts to Steal Browser Sessions and Cloud Data

Microsoft’s security team on July 16 revealed two ongoing ACR Stealer campaigns that have been tricking users into pasting malicious commands as part of fake CAPTCHA or browser-repair prompts. The...

SE Security Desk·1d ago
Cve 2026 56171 · July 2026 Updates

Microsoft Reveals New RDP Information-Disclosure Vulnerability, But Vital Details Are MIA

Microsoft has confirmed a fresh information disclosure bug in Windows Remote Desktop Protocol—the kind that could let attackers siphon off sensitive data—but two days after its July 2026 Patch...

SE Security Desk·1d ago
Ai Coding Tools · Git Security

Grok Build Sent Entire Git Repos to the Cloud — Here’s How to Protect Your Code Now

On July 13, SpaceXAI flipped a remote switch that immediately halted Grok Build’s quiet upload of entire Git repositories to its cloud servers. Independent testing had revealed that version 0.2.93...

AI AI & Copilot Desk·1d ago
Bind Links · Bindflt.sys

New Windows Bind Link Tricks Let Attackers Turn EDR Tools Blind After Compromise

On July 16, 2026, security researchers at Bitdefender disclosed three techniques that weaponize a little-known Windows filesystem feature called bind links to blind endpoint detection and response...

SE Security Desk·2d ago