Last week I encountered a supply-chain incident that felt eerily familiar but much larger in scale. A client’s dashboard had started showing a warning from the WordPress.org Plugins Team about a plugin serving code that could permit unauthorized access. A deeper dive revealed an attacker had quietly weaponized an entire portfolio of plugins—planting a backdoor that lay dormant for months
Category: Microsoft
Windows, Windows Server, Microsoft 365, Word, Excel, PowerPoint, Outlook, OneNote, Teams, SharePoint, OneDrive, Edge, Bing, SQL Server, Visual Studio, Active Directory, Dynamics 365, Power BI, Power Apps, Xbox, Game Pass, Surface, Intune, Defender, Exchange, Hyper-V, .NET, Dataverse, Microsoft Copilot, Copilot Studio, Microsoft Fabric, Power Platform, Windows 11, Windows 10, WSL, Windows Subsystem for Linux
Microsoft 365 Network Disruption Hits Exchange Online, Teams, and Core Services
A sudden network-level disruption on April 8, 2026 knocked several core Microsoft 365 services offline or degraded their performance for many users. What began as a spike in telemetry and rapid customer reports at 8:37 PM IST (3:07 PM UTC) quickly became an enterprise-wide concern as Exchange Online, Microsoft Teams, and broader Microsoft 365 functionality showed interruption. Microsoft classified the
Microsoft fixes Classic Outlook bug that blocked some email sends
Microsoft has rolled out a server-side fix for a recent Classic Outlook problem that prevented some users from sending messages through Outlook.com. The issue caused non-delivery warnings and error codes for affected accounts, and the company says the change has been in production as of April 3, 2026. What happened Some Classic Outlook users received non-delivery reports (NDRs) with error
Researcher Publishes Windows Defender 0-Day ‘BlueHammer’ LPE Proof‑of‑Concept
A security researcher using the handle Chaotic Eclipse has publicly released a working proof‑of‑concept for a Windows zero‑day local privilege escalation (LPE) exploit called “BlueHammer.” The disclosure, accompanied by full source code on GitHub, was confirmed as functional by vulnerability researcher Will Dormann and demonstrates that a low‑privileged local user can escalate to NT AUTHORITYSYSTEM on affected machines. The release
Microsoft removes Support and Recovery Assistant from Windows — what it means
Microsoft has removed the Support and Recovery Assistant (SaRA) from Windows, according to recent reports. Once a handy troubleshooting companion for Office and other Microsoft products, SaRA helped users diagnose and fix a variety of common issues. Its absence changes the options available to end users and IT teams when problems arise, but there are practical alternatives and steps you
Announcing General Availability of Server Logic in Power Pages
Power Pages has taken a significant step forward: Server Logic is now generally available for production use. What began as a preview capability to bring server-side processing closer to makers and developers has matured into a production-ready feature designed for enterprise scenarios. With this GA release, organizations gain a native, governed, and extensible way to run server-side operations directly within