SecurityWeek

No Patch for New PhantomRPC Privilege Escalation Technique in Windows

The PhantomRPC Windows vulnerability allows attackers to elevate their privileges to System by using a fake RPC server.
Neowin

Microsoft emphasizes the greatness of Windows App as it retires Remote Desktop client

Last year, Microsoft announced that it is getting rid of the Remote Desktop app in favor of the Windows App (which isn't a confusing branding decision at all... sigh). For those unaware, the latter is ...
heise online

Malware on npm: HTTP client axios loads backdoor for Windows, macOS, and Linux

The maintainer account for the axios package on npm was compromised to inject a remote access trojan for Windows, macOS, and Linux. Version 1.14.1, released by the attackers on March 30, is affected.
Hosted on MSN

Remote Desktop client support has ended; Microsoft urges move to Windows app

This is the utility that has shipped with Windows for decades, allowing users to connect directly to another PC or server using the Remote Desktop Protocol. For anyone who simply types “Remote Desktop ...
Hackaday

This Week In Security: Docker Auth, Windows Tools, And A Very Full Patch Tuesday

CVE-2026-34040 lets attackers bypass some Docker authentication plugins by allowing an empty request body. Present since 2024, this bug was caused by a previous fix to the auth workflow. In the ...