Hackers Used AI to Build First Known Zero-Day 2FA Bypass, Google Warns

Hackers Used AI to Build First Known Zero-Day 2FA Bypass, Google Warns

Google’s threat hunters have flagged a troubling milestone: the first known instance of a zero-day exploit likely discovered and weaponized using an artificial intelligence model. What began as an obscure Python script has been linked to a coordinated effort by cybercriminals to develop a two-factor authentication (2FA) bypass that could be scaled for mass exploitation. The disclosure underscores how AI

Breaking the code: how a multi-stage “code of conduct” phishing campaign led to AiTM token compromise

Breaking the code: how a multi-stage “code of conduct” phishing campaign led to AiTM token compromise

Phishing has evolved from crude scams to carefully engineered deceptions that mimic trusted internal processes. In mid‑April 2026, Microsoft Defender Research observed a large, multi‑stage campaign that did exactly that: it masqueraded as internal “code of conduct” notifications, used polished templates and legitimate delivery services, and funneled victims through a sequence of CAPTCHA and staging pages that ultimately proxied real

Let’s Encrypt Temporarily Halts Certificate Issuance Following Root Incident

Let’s Encrypt Temporarily Halts Certificate Issuance Following Root Incident

On May 8, 2026, Let’s Encrypt, the widely used non-profit certificate authority, took the drastic step of temporarily suspending all certificate issuance. The move came after engineers discovered a critical issue involving a cross-signed certificate that linked the organization’s current Generation X root to its upcoming Generation Y root infrastructure. This preventive measure resulted in a complete shutdown of services

Critical Microsoft 365 Copilot Flaws: What Organizations Need to Know

Critical Microsoft 365 Copilot Flaws: What Organizations Need to Know

Microsoft has disclosed and silently remediated three critical information-disclosure vulnerabilities in Microsoft 365 Copilot and Copilot Chat in Microsoft Edge. The flaws—CVE-2026-26129, CVE-2026-26164, and CVE-2026-33111—were published on May 7, 2026, and Microsoft reports that mitigations were deployed on the cloud side so that no customer action or patch installation is required. While that immediate remediation reduces near-term risk, the underlying

Scaling Cloud and AI: How Microsoft Azure Is Powering Europe’s Digital Future

Scaling Cloud and AI: How Microsoft Azure Is Powering Europe’s Digital Future

Cloud and AI demand in Europe is surging, and Microsoft Azure is expanding its regional footprint and services to meet that need. From public-sector productivity tools to industrial AI deployments, organizations across the continent are moving critical workloads to cloud platforms that can deliver performance, compliance, and the operational control required by local regulators. This piece synthesizes Microsoft’s recent commitments