Bleeping Computer

Microsoft Trusted Signing service abused to code-sign malware

Cybercriminals are abusing Microsoft's Trusted Signing platform to code-sign malware executables with short-lived three-day certificates. Threat actors have long sought after code-signing certificates ...
TechRepublic

Microsoft Authenticator Flaw on Android, iOS Could Leak Login Codes for Millions

A vulnerability in Microsoft Authenticator for Android and iOS could expose login codes to malicious apps on the same device. Microsoft has released a patch. A newly discovered vulnerability in ...
Bleeping Computer

Microsoft: Security keys may prompt for PIN after recent updates

Microsoft warned users on Tuesday that FIDO2 security keys may prompt them to enter a PIN when signing in after installing Windows updates released since the September 2025 preview update. This ...