Microsoft: Critical Windows Admin Center Flaw Allows Privilege Escalation

A high-severity Windows Admin Center vulnerability (CVE-2026-26119) could allow privilege escalation in enterprise ...
The Hacker News

Microsoft Patches CVE-2026-26119 Privilege Escalation in Windows Admin Center

Microsoft fixes CVE-2026-26119, an 8.8 CVSS privilege escalation bug in Windows Admin Center that could allow network-based user rights takeover.

Hackers target Microsoft Entra accounts in device code vishing attacks

Threat actors are targeting technology, manufacturing, and financial organizations in campaigns that combine device code phishing and voice phishing (vishing) to abuse the OAuth 2.0 Device ...

New phishing campaign tricks employees into bypassing Microsoft 365 MFA

Unwitting employees register a hacker’s device to their account; the crook then uses the resulting OAuth tokens to maintain persistent access.