Microsoft is restructuring the Windows print system by shifting core components from a driver-centric model to a protocol-based architecture, with native support for Mopria-compatible devices through the Microsoft IPP Class Driver since Windows 10 21H2.
The current IoT landscape is about survival of the fittest; IT teams must navigate LTE migration to 5G and harness AI as both opportunity and threat to remain competitive.
Microsoft releases mitigation measures against an exploited Exchange security vulnerability (CVE-2022-22) that enables XSS attacks on Outlook users; the Exchange Emergency Mitigation Service provides automatic remediation until permanent patches are available.
Microsoft launches Cloud-Initiated Driver Recovery: a new feature enabling automatic rollback of faulty Windows drivers via Windows Update, becoming active from September 2026 and requiring no intervention from hardware partners or users.
Microsoft will update its Edge browser to stop loading stored passwords in memory at startup, following pressure from security researchers and customers, despite initially defending the practice.
The REMUS infostealer is operated like a professional software company, with continuous updates, customer-focused service, and scaling objectives; research shows that underground MaaS operations are adopting modern business practices to ensure persistence and revenue generation.
Two security vulnerabilities (CVE-2023-3153 and CVE-2026-4798) in the Avada Builder WordPress plugin enable attackers to read configuration files with database access credentials or extract password hashes via SQL injection.
Security researchers earn $385,750 at the Pwn2Own Berlin 2026 competition by disclosing 15 zero-day vulnerabilities in Windows 11 and Microsoft Exchange, with the prestigious hacking contest offering over one million dollars for successful exploits of fully patched systems.
The npm package node-ipc was compromised with credential-stealing malware; the tampered versions 9.1.6, 9.2.3, and 12.0.1 steal cloud credentials, SSH keys, and sensitive files via DNS exfiltration, likely due to a compromised maintainer account.
An unprotected security vulnerability in the Funnel Builder plugin for WordPress is being actively exploited to inject a payment card skimmer into WooCommerce checkout pages and steal credit card data and CVV codes.
Microsoft is blocking CVE assignment for a CERT-confirmed Azure Backup vulnerability with privilege escalation potential, despite documentation suggesting a retroactive fix was applied.