Eleven Vulnerable UEFI Shims Enable Secure Boot Bypass
Eleven forgotten Microsoft-signed UEFI shims can bypass Secure Boot on almost any machine
Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.
Search across headline titles and summaries.
Weekly headline count for the current query.
Eleven forgotten Microsoft-signed UEFI shims can bypass Secure Boot on almost any machine
Microsoft released fixes for a record 570 CVEs in its July Patch Tuesday update, as experts warn AI is dramatically accelerating vulnerability discovery and increasing patch volumes
Microsoft has patched 200 vulnerabilities including three zero-days
Microsoft warned the disclosure of several unpatched vulnerabilities without notice has put “customers at unnecessary risk”
The zero-day vulnerability affects on-premises installations for all versions of Exchange Server 2016, 2019 and Subscription Edition
Microsoft has patched 120 vulnerabilities in this month’s security update round
Four serious new vulnerabilities affect Microsoft Visual Studio Code, Cursor and Windsurf extensions, three of which remain unpatched
Six actively exploited zero-day bug have been patched by Microsoft
Researchers at Check Point link ‘Amarath-Dragon’ attacks to prolific Chinese cyber-espionage operation
Russia-linked hacking group Fancy Bear is exploiting a brand-new vulnerability in Microsoft Office, CERT-UA says
Microsoft has patched three zero-day vulnerabilities in the first patch Tuesday of 2026, including one under active exploitation
Microsoft has patched a zero-day vulnerability in the Windows Kernel under active exploitation by threat actors
Microsoft has fixed over 170 CVEs in October’s Patch Tuesday, including six zero-day vulnerabilities
A critical GoAnywhere vulnerability is being exploited by the Medusa ransomware group, says Microsoft
Microsoft has fixed over 80 vulnerabilities including two publicly disclosed zero-days in its latest Patch Tuesday release
Microsoft announced updates for 107 vulnerabilities on Patch Tuesday, including one zero-day
Over 29,000 Microsoft Exchange servers remain unpatched against a vulnerability that could allow attackers to seize control of entire domains in hybrid cloud environments
Microsoft Exchange customers have been urged to apply fixes set out in a hybrid deployment security update published in April
A total of 396 compromised Microsoft SharePoint systems have been identified globally, affecting 145 organizations across 41 countries in the wake of the ToolShell zero-day vulnerability
Microsoft said Chinese actor Storm-2603 is deploying Warlock ransomware following the exploitation of vulnerabilities in on-prem SharePoint systems