Spiceworks on MSN

Goodbye shared server: Safer multitenant design for SMEs

There’s a particular kind of dread when someone says, “Everything important is on that server.” They then point to a single aging Windows box humming in a closet, which contains Active Directory, file ...
SecurityWeek

No Patch for New PhantomRPC Privilege Escalation Technique in Windows

The PhantomRPC Windows vulnerability allows attackers to elevate their privileges to System by using a fake RPC server.
The Hacker News

Microsoft Confirms Active Exploitation of Windows Shell CVE-2026-32202

CVE-2026-32202 actively exploited after April 27 advisory fix, exposing NTLMv2 hashes via zero-click SMB authentication.

Microsoft: New Remote Desktop warnings may display incorrectly

Microsoft has confirmed a new issue causing newly introduced Windows security warnings to display incorrectly when opening ...
The Hacker News

Microsoft Patches Entra ID Role Flaw That Enabled Service Principal Takeover

Agent ID Administrator enabled service principal takeover before April 9, 2026 patch, exposing privilege escalation risk in ...