New ClickFix attack abuses nslookup to retrieve PowerShell payload via DNS

Threat actors are now abusing DNS queries as part of ClickFix social engineering attacks to deliver malware, making this the first known use of DNS as a channel in these campaigns.

February’s Patch Tuesday release fixes 59 flaws, including 6 being exploited

IT admins will be busy this month patching Microsoft software and apps, but not nearly as busy as they were in January.
The Hacker News

Microsoft Patches CVE-2026-26119 Privilege Escalation in Windows Admin Center

Microsoft fixes CVE-2026-26119, an 8.8 CVSS privilege escalation bug in Windows Admin Center that could allow network-based user rights takeover.

Here is how Microsoft is improving PowerShell and Windows OpenSSH in 2026Here is how Microsoft is improving PowerShell and Windows OpenSSH in 2026Here is how Microsoft is ...

Microsoft is gearing up for big PowerShell and Windows OpenSSH changes in 2026, but security will come before flashy new features.

CISA gives feds 3 days to patch actively exploited BeyondTrust flaw

CISA ordered U.S. government agencies on Friday to secure their BeyondTrust Remote Support instances against an actively ...
InfoWorld

Flaws in four popular VS Code extensions left 128 million installs open to attack

Three of the four vulnerabilities remained unpatched months after OX Security reported them to the maintainers.
PC Magazine

The Best Web Hosting Services for 2026

Selecting the right web host is essential for online success. The best web hosting services we've tested cater to a wide range of users, from small bloggers to big businesses, and everything in ...
WinBuzzer

Edge 145 Rolls Out with Password Upgrades and Security Patches

Microsoft has released Edge 145 with password manager improvements, Read Aloud enhancements for PDFs, and patches for two important security vulnerabilities.