Microsoft Corp. today unveiled a major expansion of its artificial intelligence security and governance offerings with the introduction of new capabilities designed to secure the emerging “agentic ...

Akira ransomware is abusing a legitimate Intel CPU tuning driver to turn off Microsoft Defender in attacks from security tools and EDRs running on target machines. The abused driver is 'rwdrv.sys' ...

A new tool called 'Defendnot' can disable Microsoft Defender on Windows devices by registering a fake antivirus product, even when no real AV is installed. The trick utilizes an undocumented Windows ...

All Windows PCs come with a built-in security feature called Windows Defender Application Control (WDAC), which helps prevent unauthorized software from running by allowing only trusted applications.

Update, August 10, 2025: This story, originally published on August 7, has been updated with additional information following a demonstration of the shared service principal exploit at the Black Hat ...

ClickFix attack employs fake Windows security udpates. Updated November 27 with another Windows update warning, along with threat intelligence from the Acronis Threat Research Unit regarding the use ...