Secure Boot certificates from 2011 expired on June 24, 2026; more will expire in October – updates to 2023 certificates fail on some devices, and Microsoft now provides error documentation.
New phishing campaigns exploit genuine Microsoft authentication dialogs to manipulate users into granting access authorization, bypassing password theft and multi-factor authentication.
The number of vulnerabilities patched monthly has become the new norm — AI-driven vulnerability scanning tools are dramatically accelerating discovery and forcing faster remediation processes.
Of 206 patched vulnerabilities, 39 are classified as critical, including 56 remote code execution and 63 privilege escalation flaws, with three publicly disclosed zero-days.
A self-replicating worm compromises 73 Microsoft repositories through stolen administrative credentials, exploiting the trust model of GitHub and npm without leveraging software vulnerabilities.
AI systems require fundamentally new red-teaming approaches due to their probabilistic nature, which differ fundamentally from classical penetration testing.