ALL POSTS

Key Findings Microsoft released 165-167 critical and important security updates in April 2026, marking one of the largest Patch Tuesday releases on record Eight vulnerabilities marked critical, including remote code execution flaws in Windows TCP/IP, IKE, Active Directory, and multiple Office applications CVE-2026-32201 SharePoint spoofing vulnerability already exploited in the wild, enabling phishing and social engineering attacks CVE-2026-33825 BlueHammer Windows Defender p

Key Findings CISA added two new vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog Vulnerabilities affect Microsoft SharePoint and Zimbra Collaboration Suite Federal agencies required to patch these vulnerabilities by specific deadlines One vulnerability allows remote code execution, the other enables cross-site scripting Background The U.S. Cybersecurity and Infrastructure Security Agency (CISA) continues its proactive approach to identifying and addressing