Connect with us
DAPA Banner
DAPA Coin
DAPA
COIN PAYMENT ASSET
PRIVACY · BLOCKDAG · HOMOMORPHIC ENCRYPTION · RUST
ElGamal Encrypted MINE DAPA
🚫 GENESIS SOLD OUT
DAPAPAY COMING

Tech

Beyond the Galaxy Z Fold: Samsung’s Future Phone Concepts That Roll, Slide and Expand

Published

on

Over the years, phone-makers have shown off handsets that stretch, bend and fold. But inside a secret room at Samsung Display’s headquarters in South Korea — one that had never before been opened up to the press — I got a firsthand look at the company’s vision for the future of smartphones.

Along one wall sat a lineup of concept displays that could eventually make their way into future mobile devices. I wasn’t allowed to touch the prototypes, but they were mounted on machines that repeatedly bent, folded and rolled the displays, showing off their range of motion.

Advertisement

Watch this: I Went Inside Samsung’s Secret Display Lab and Saw Its Wildest Phone Concepts

Consumer tech shows such as CES and Mobile World Congress have become stages for companies to exhibit their most ambitious innovations — many of which never see the light of day. Still, they show how manufacturers are exploring ways to make our devices more intuitive and compelling. Samsung is one of the biggest players in the foldable phones market, having released the clamshell-style Flip, book-style Fold and even the phone-tablet hybrid Galaxy Z TriFold. The company’s expected to unveil the Galaxy Z 8 series next week at its Galaxy Unpacked event

During my visit to Samsung’s global headquarters in June, I got a rare behind-the-scenes look at how the company tests its latest mobile displays, along with an exclusive preview of what may be coming next. Samsung didn’t share specs for its concept displays, but here’s what I saw during my tour — and what it could mean for your future phone.

Advertisement
Samsung Display Flex S concept

The Flex S folds into a Z shape.

Samsung

One concept, called the Flex S, opens and closes in a Z shape (not to be confused with the Galaxy Z TriFold, which forms a C shape and folds shut like a pamphlet). The Flex S opens up to a tablet-sized display, which could be ideal for watching movies. That’s what I appreciated about the TriFold, which I happened to review while recovering from strep throat. Lying in bed, I enjoyed having a larger screen for streaming that I could simply fold shut when I was finished.

See also: From Extreme Heat to Half a Million Folds: A Rare Look Inside Samsung’s Display Lab

Advertisement
Samsung Display Out Foldable concept

The Out Foldable has screens on the outside of both panels.

Samsung

Another prototype, called the Out Foldable, is like a reverse book-style foldable. Instead of placing the larger display on the inside, as Samsung does with the Galaxy Z Fold 7, the design puts both screens on the exterior and unfolds into a wider, mini-tablet-like layout, similar to some early foldables such as the 2019 Huawei Mate X

This is a configuration I’m a little more wary of for a couple of reasons. One, it might be hard to avoid scratching or cracking the wrap-around external display. And two, I’m not sure I really need a touchscreen display on the back of my phone. But I have to admit, it looks pretty cool nonetheless. 

Advertisement
Samsung Display Flex Slidable concept

The Flex Slidable (right) can expand horizontally.

Samsung

The Flex Slidable does as the name suggests. It can roll out to a wider display, which could be helpful for gaming or watching videos. 

My first thought when I saw this concept was, “LG is rolling in its grave right now.” (Pun intended.) The company teased a rollable smartphone at CES 2021, but the product was canceled after the company shuttered its mobile division just a few months later. In 2023, Motorola also unveiled a rollable smartphone concept with a screen that extends upwards, and its parent company, Lenovo, showcased laptop concepts at this year’s CES that extend both horizontally and vertically. We’ll have to see if Samsung’s ideas make it out of the lab.

Advertisement
Samsung Display Flex Hybrid concept

The Flex Hybrid can fold and roll open to a wider screen.

Samsung

Lastly, Samsung combined elements from its other concepts to create what it’s dubbed the Flex Hybrid. This model can fold open and also expand with a rollable display. This makes for a more compact design while ensuring you don’t damage the screen. 

A foldable device with a rollable component provides extra screen real estate without adding as much bulk. One of the biggest drawbacks of the Galaxy Z TriFold is that it feels thick when its three display panels are folded shut. This approach could eliminate the need for an additional foldable panel, instead using a display that rolls out when you need more space and tucks away when you don’t.

Next to these concepts were a couple more that caught my eye — quite literally, in the case of one device that had a dazzling 5,000-nit peak brightness. For reference, the Galaxy S26 Ultra can hit a peak brightness of 2,600 nits. It was a lot to look at indoors, but that level of luminance could make it easier to peer at your screen in bright sunlight. 

Advertisement
Two phones with bright displays and colorful umbrella wallpapers

Looking at a 5,000-nit display indoors might not be very comfortable, but it can come in handy in the bright outdoors.

Samsung

And finally, I saw a prototype mobile display with bezels so thin they were almost invisible. To highlight just how narrow the 0.6mm borders around the screen were, Samsung placed the phone-sized concept device on top of a tablet display. The two screens combined to form a single image of colorful cathedral windows. From a distance, it was hard to tell there was even a phone in the middle of the tablet; the image appeared seamless, uninterrupted by a phone’s thick borders.

Advertisement
A mobile display with thin bezels sits nestled on top of a tablet, creating one nearly seamless image of colorful cathedral windows

With bezels this thin, it’s hard to tell there’s a mobile display nestled in the center of this tablet.

Samsung

An expansive display stretching from one end of the phone to another can feel more immersive, but I also wonder how tricky it might be to hold the device without accidentally tapping something on the screen. 

As with all concepts, it’s not clear if or when Samsung will work these display technologies into its future mobile devices. But seeing these concepts offered a rare and fascinating glimpse into where smartphones could be headed.

Advertisement

Source link

Continue Reading
Click to comment

You must be logged in to post a comment Login

Leave a Reply

Tech

Volkswagen unveils its innovative eBike with the world’s first integrated rear-view camera and smart glasses

Published

on


  • Volkswagen and n+ have unveiled a premium new eBike range
  • It features a rear-view camera and radar-based blind-spot warnings
  • Smart glasses and a connected helmet complete the safety ecosystem

Volkswagen has taken some of the most advanced safety features from its passenger cars and squeezed them onto an electric bicycle, unveiling what is claimed to be the world’s first eBike with an integrated rear-view camera and dashboard display.

Developed in partnership with premium eBike manufacturer n+, the new Volkswagen-licensed electric bicycles are designed around the same “safety-first” philosophy that has informed the German automaker’s road cars for decades.

Source link

Continue Reading

Tech

Microsoft July 2026 Patch Tuesday fixes massive 570 flaws, 3 zero-days

Published

on

Tag

CVE ID

CVE Title

Severity


.NET

Advertisement
CVE-2026-50649

.NET Remote Code Execution Vulnerability

Important


.NET

CVE-2026-50525

Advertisement
.NET Denial of Service Vulnerability

Important


.NET

CVE-2026-50528

.NET Security Feature Bypass Vulnerability

Advertisement
Important


.NET

CVE-2026-47302

.NET Denial of Service Vulnerability

Important


.NET

Advertisement
CVE-2026-50659

.NET Spoofing Vulnerability

Important


.NET

CVE-2026-50526

Advertisement
.NET Tampering Vulnerability

Important


.NET

CVE-2026-47304

.NET Security Feature Bypass Vulnerability

Advertisement
Important


.NET

CVE-2026-50651

.NET Denial of Service Vulnerability

Important


.NET Core

Advertisement
CVE-2026-57108

.NET Denial of Service Vulnerability

Important


.NET Framework

CVE-2026-50524

Advertisement
.NET Framework Denial of Service Vulnerability

Important


.NET Framework

CVE-2026-50650

.NET Framework Elevation of Privilege Vulnerability

Advertisement
Important


.NET Framework

CVE-2026-50527

.NET Framework Denial of Service Vulnerability

Important


.NET Framework

Advertisement
CVE-2026-50646

.NET Framework Remote Code Execution Vulnerability

Important


.NET Framework

CVE-2026-50648

Advertisement
.NET Framework Denial of Service Vulnerability

Important


Active Directory Certificate Services (AD CS)

CVE-2026-54121

Active Directory Certificate Services Elevation of Privilege Vulnerability

Advertisement
Critical


Active Directory Domain Services

CVE-2026-50366

Windows Active Directory Domain Services Denial of Service Vulnerability

Important


Active Directory Domain Services

Advertisement
CVE-2026-49164

Windows Active Directory Domain Services Remote Code Execution Vulnerability

Critical


Active Directory Domain Services

CVE-2026-49178

Advertisement
Windows Active Directory Domain Services Remote Code Execution Vulnerability

Important


Active Directory Domain Services

CVE-2026-57976

Windows Active Directory Domain Services Denial of Service Vulnerability

Advertisement
Important


Active Directory Federation Services (AD FS)

CVE-2026-50368

Windows Active Directory Federation Services Denial of Service Vulnerability

Important


Active Directory Federation Services (AD FS)

Advertisement
CVE-2026-50304

Windows Active Directory Federation Services Denial of Service Vulnerability

Important


Active Directory Federation Services (AD FS)

CVE-2026-50695

Advertisement
Windows Active Directory Federation Services Denial of Service Vulnerability

Important


Active Directory Federation Services (AD FS)

CVE-2026-54983

Windows Active Directory Federation Services Denial of Service Vulnerability

Advertisement
Important


Active Directory Federation Services (AD FS)

CVE-2026-58529

Windows Active Directory Federation Services (ADFS) Information Disclosure Vulnerability

Important


Active Directory Federation Services (AD FS)

Advertisement
CVE-2026-56155

Active Directory Federation Services Elevation of Privilege Vulnerability

Important


Active Directory Federation Services (AD FS)

CVE-2026-50647

Advertisement
Active Directory Federation Server Denial of Service Vulnerability

Important


Active Directory Federation Services (AD FS)

CVE-2026-50355

Windows Active Directory Federation Services Denial of Service Vulnerability

Advertisement
Important


Active Directory Federation Services (AD FS)

CVE-2026-50411

Windows Active Directory Federation Services Denial of Service Vulnerability

Important


Active Directory Federation Services (AD FS)

Advertisement
CVE-2026-50684

Active Directory Federation Server Spoofing Vulnerability

Important


Active Directory Federation Services (AD FS)

CVE-2026-50324

Advertisement
Windows Active Directory Federation Services Denial of Service Vulnerability

Important


Age of Empires II: Definitive Edition Game

CVE-2026-50663

Game: Age of Empires II: Definitive Edition Remote Code Execution Vulnerability

Advertisement
Important


ASP.NET Core

CVE-2026-45646

OData for ASP.NET and ASP.NET Core Denial of Service Vulnerability

Important


ASP.NET Core

Advertisement
CVE-2026-50506

OData for ASP.NET and ASP.NET Core Denial of Service Vulnerability

Important


ASP.NET Core

CVE-2026-56170

Advertisement
ASP.NET Core Denial of Service Vulnerability

Important


ASP.NET Core

CVE-2026-47300

ASP.NET Core Elevation of Privilege Vulnerability

Advertisement
Important


ASP.NET Core

CVE-2026-47303

ASP.NET Core Elevation of Privilege Vulnerability

Important


Azure Active Directory

Advertisement
CVE-2026-50653

Azure Active Directory Denial of Service Vulnerability

Important


Azure Active Directory

CVE-2026-50652

Advertisement
Azure Active Directory Denial of Service Vulnerability

Important


Azure CycleCloud

CVE-2026-57969

Azure CycleCloud Elevation of Privilege Vulnerability

Advertisement
Important


Azure CycleCloud

CVE-2026-58279

Azure CycleCloud Elevation of Privilege Vulnerability

Important


Azure Monitor Agent

Advertisement
CVE-2026-47632

Azure Monitor Agent Metrics Extension Elevation of Privilege Vulnerability

Important


Azure Spring Apps

CVE-2026-50338

Advertisement
Azure Spring Apps Elevation of Privilege Vulnerability

Important


Code Integrity DLL (ci.dll)

CVE-2026-50491

Code Integrity DLL (ci.dll) Elevation of Privilege Vulnerability

Advertisement
Important


Composite Image File System Driver

CVE-2026-50381

Composite Image File System driver (cimfs.sys) Information Disclosure Vulnerability

Important


Content Delivery Manager

Advertisement
CVE-2026-50427

Content Delivery Manager Elevation of Privilege Vulnerability

Important


Desktop Window Manager

CVE-2026-58634

Advertisement
Desktop Window Manager Elevation of Privilege Vulnerability

Important


Desktop Window Manager

CVE-2026-50692

Desktop Window Manager Elevation of Privilege Vulnerability

Advertisement
Important


Desktop Window Manager

CVE-2026-58633

Desktop Window Manager Elevation of Privilege Vulnerability

Important


Extensible Storage Engine (ESENT)

Advertisement
CVE-2026-57088

Extensible Storage Engine (ESENT) Elevation of Privilege Vulnerability

Important


Github Copilot

CVE-2026-50510

Advertisement
GitHub Copilot Remote Code Execution Vulnerability

Important


GitHub Copilot and Visual Studio

CVE-2026-41109

GitHub Copilot and Visual Studio Code Security Feature Bypass Vulnerability

Advertisement
Important


GitHub Copilot and Visual Studio Code

CVE-2026-47282

GitHub Copilot and Visual Studio Code Information Disclosure Vulnerability

Important


HTTP/2

Advertisement
CVE-2026-49788

HTTP/2 Denial of Service Vulnerability

Important


Microsoft 365 Copilot for iOS

CVE-2026-58617

Advertisement
M365 Copilot for iOS Elevation of Privilege Vulnerability

Important


Microsoft Bing App for IOS

CVE-2026-58595

Microsoft Bing App for IOS Spoofing Vulnerability

Advertisement
Important


Microsoft Copilot

CVE-2026-48561

Microsoft Copilot Remote Code Execution Vulnerability

Critical


Microsoft Defender

Advertisement
CVE-2026-50658

Microsoft Defender for Endpoint for Mac Elevation of Privilege Vulnerability

Important


Microsoft Defender

CVE-2026-55012

Advertisement
Microsoft Defender Remote Code Execution Vulnerability

Critical


Microsoft Defender

CVE-2026-50657

Microsoft Defender for Endpoint for Mac Information Disclosure Vulnerability

Advertisement
Important


Microsoft Defender

CVE-2026-55011

Microsoft Defender Remote Code Execution Vulnerability

Critical


Microsoft Defender for Endpoint

Advertisement
CVE-2026-56178

Microsoft Defender for Endpoint for Mac Elevation of Privilege Vulnerability

Important


Microsoft Dynamics NAV

CVE-2026-55944

Advertisement
Microsoft Dynamics NAV and Microsoft Dynamics 365 Business Central (On Premises) Remote Code Execution Vulnerability

Critical


Microsoft Exchange Server

CVE-2026-55006

Microsoft Exchange Server Elevation of Privilege Vulnerability

Advertisement
Important


Microsoft Exchange Server

CVE-2026-55005

Microsoft Exchange Server Remote Code Execution Vulnerability

Important


Microsoft Exchange Server

Advertisement
CVE-2026-55008

Microsoft Exchange Server Spoofing Vulnerability

Critical


Microsoft Exchange Server

CVE-2026-55009

Advertisement
Microsoft Exchange Server Elevation of Privilege Vulnerability

Important


Microsoft Fabric Data Warehouse

CVE-2026-56642

Microsoft Fabric Data Warehouse Remote Code Execution Vulnerability

Advertisement
Important


Microsoft Graphics Component

CVE-2026-58609

Windows Graphics Component Remote Code Execution Vulnerability

Important


Microsoft Graphics Component

Advertisement
CVE-2026-50483

Windows Graphics Component Information Disclosure Vulnerability

Important


Microsoft Input Method Editor (IME)

CVE-2026-58534

Advertisement
Windows Input Method Editor (IME) Elevation of Privilege Vulnerability

Important


Microsoft Install Service

CVE-2026-50343

Microsoft Install Service Elevation of Privilege Vulnerability

Advertisement
Important


Microsoft NAT Helper Components (ipnathlp.dll)

CVE-2026-58537

Microsoft NAT Helper Components (ipnathlp.dll) Elevation of Privilege Vulnerability

Important


Microsoft Office

Advertisement
CVE-2026-55047

Microsoft Office Information Disclosure Vulnerability

Important


Microsoft Office

CVE-2026-55028

Advertisement
Microsoft Office Information Disclosure Vulnerability

Important


Microsoft Office

CVE-2026-55026

Microsoft Office Information Disclosure Vulnerability

Advertisement
Important


Microsoft Office

CVE-2026-55027

Microsoft Office Information Disclosure Vulnerability

Important


Microsoft Office

Advertisement
CVE-2026-55129

Microsoft Office Remote Code Execution Vulnerability

Critical


Microsoft Office

CVE-2026-55035

Advertisement
Microsoft Office Information Disclosure Vulnerability

Important


Microsoft Office

CVE-2026-55049

Microsoft Office Remote Code Execution Vulnerability

Advertisement
Critical


Microsoft Office

CVE-2026-55045

Microsoft Office Remote Code Execution Vulnerability

Critical


Microsoft Office

Advertisement
CVE-2026-55125

Microsoft Office Remote Code Execution Vulnerability

Important


Microsoft Office

CVE-2026-50301

Advertisement
Microsoft Office Remote Code Execution Vulnerability

Important


Microsoft Office

CVE-2026-50314

Microsoft Office Remote Code Execution Vulnerability

Advertisement
Critical


Microsoft Office

CVE-2026-56193

Microsoft Office Information Disclosure Vulnerability

Important


Microsoft Office

Advertisement
CVE-2026-47290

Microsoft Office Remote Code Execution Vulnerability

Important


Microsoft Office

CVE-2026-50467

Advertisement
Microsoft Office Remote Code Execution Vulnerability

Critical


Microsoft Office

CVE-2026-55022

Microsoft Office Remote Code Execution Vulnerability

Advertisement
Critical


Microsoft Office

CVE-2026-55023

Microsoft Office Information Disclosure Vulnerability

Important


Microsoft Office

Advertisement
CVE-2026-55017

Microsoft Office Remote Code Execution Vulnerability

Important


Microsoft Office

CVE-2026-55018

Advertisement
Microsoft Office Remote Code Execution Vulnerability

Critical


Microsoft Office

CVE-2026-50665

Microsoft Office Information Disclosure Vulnerability

Advertisement
Important


Microsoft Office

CVE-2026-55140

Microsoft Office Remote Code Execution Vulnerability

Critical


Microsoft Office

Advertisement
CVE-2026-55121

Microsoft Office Information Disclosure Vulnerability

Important


Microsoft Office

CVE-2026-56192

Advertisement
Microsoft Office Information Disclosure Vulnerability

Important


Microsoft Office

CVE-2026-56195

Microsoft Office Information Disclosure Vulnerability

Advertisement
Important


Microsoft Office

CVE-2026-55139

Microsoft Office Information Disclosure Vulnerability

Important


Microsoft Office

Advertisement
CVE-2026-55042

Microsoft Office Information Disclosure Vulnerability

Important


Microsoft Office

CVE-2026-55056

Advertisement
Microsoft Office Remote Code Execution Vulnerability

Critical


Microsoft Office

CVE-2026-55057

Microsoft Office Information Disclosure Vulnerability

Advertisement
Important


Microsoft Office Excel

CVE-2026-55949

Microsoft Excel Remote Code Execution Vulnerability

Important


Microsoft Office Excel

Advertisement
CVE-2026-55024

Microsoft Excel Remote Code Execution Vulnerability

Important


Microsoft Office Excel

CVE-2026-50408

Advertisement
Microsoft Excel Information Disclosure Vulnerability

Important


Microsoft Office Excel

CVE-2026-55947

Microsoft Excel Remote Code Execution Vulnerability

Advertisement
Important


Microsoft Office Excel

CVE-2026-55898

Microsoft Excel Information Disclosure Vulnerability

Important


Microsoft Office Excel

Advertisement
CVE-2026-58618

Microsoft Excel Remote Code Execution Vulnerability

Important


Microsoft Office Excel

CVE-2026-50678

Advertisement
Microsoft Excel Information Disclosure Vulnerability

Important


Microsoft Office Excel

CVE-2026-54988

Microsoft Excel Information Disclosure Vulnerability

Advertisement
Important


Microsoft Office Excel

CVE-2026-55039

Microsoft Excel Remote Code Execution Vulnerability

Important


Microsoft Office Excel

Advertisement
CVE-2026-50675

Microsoft Excel Remote Code Execution Vulnerability

Important


Microsoft Office Excel

CVE-2026-47642

Advertisement
Microsoft Excel Remote Code Execution Vulnerability

Important


Microsoft Office Excel

CVE-2026-48580

Microsoft Excel Information Disclosure Vulnerability

Advertisement
Important


Microsoft Office Excel

CVE-2026-55899

Microsoft Excel Remote Code Execution Vulnerability

Important


Microsoft Office Excel

Advertisement
CVE-2026-55948

Microsoft Excel Remote Code Execution Vulnerability

Important


Microsoft Office Excel

CVE-2026-54131

Advertisement
Microsoft Excel Remote Code Execution Vulnerability

Important


Microsoft Office Excel

CVE-2026-55041

Microsoft Excel Remote Code Execution Vulnerability

Advertisement
Important


Microsoft Office Excel

CVE-2026-55138

Microsoft Excel Information Disclosure Vulnerability

Important


Microsoft Office Excel

Advertisement
CVE-2026-55137

Microsoft Excel Remote Code Execution Vulnerability

Important


Microsoft Office Excel

CVE-2026-55058

Advertisement
Microsoft Excel Remote Code Execution Vulnerability

Important


Microsoft Office Excel

CVE-2026-55136

Microsoft Excel Remote Code Execution Vulnerability

Advertisement
Important


Microsoft Office Excel

CVE-2026-55054

Microsoft Excel Information Disclosure Vulnerability

Important


Microsoft Office Excel

Advertisement
CVE-2026-55036

Microsoft Excel Remote Code Execution Vulnerability

Important


Microsoft Office Excel

CVE-2026-55141

Advertisement
Microsoft Excel Remote Code Execution Vulnerability

Important


Microsoft Office Excel

CVE-2026-55037

Microsoft Excel Remote Code Execution Vulnerability

Advertisement
Important


Microsoft Office Excel

CVE-2026-55025

Microsoft Excel Remote Code Execution Vulnerability

Important


Microsoft Office Excel

Advertisement
CVE-2026-55031

Microsoft Excel Remote Code Execution Vulnerability

Important


Microsoft Office Excel

CVE-2026-55046

Advertisement
Microsoft Excel Information Disclosure Vulnerability

Important


Microsoft Office Excel

CVE-2026-55044

Microsoft Excel Remote Code Execution Vulnerability

Advertisement
Important


Microsoft Office Excel

CVE-2026-55048

Microsoft Excel Remote Code Execution Vulnerability

Important


Microsoft Office Excel

Advertisement
CVE-2026-55122

Microsoft Excel Information Disclosure Vulnerability

Important


Microsoft Office Excel

CVE-2026-55053

Advertisement
Microsoft Excel Remote Code Execution Vulnerability

Important


Microsoft Office Excel

CVE-2026-55131

Microsoft Excel Remote Code Execution Vulnerability

Advertisement
Important


Microsoft Office Excel

CVE-2026-55029

Microsoft Excel Remote Code Execution Vulnerability

Important


Microsoft Office Excel

Advertisement
CVE-2026-56156

Microsoft Excel Remote Code Execution Vulnerability

Important


Microsoft Office OneNote

CVE-2026-55133

Advertisement
Microsoft OneNote Remote Code Execution Vulnerability

Important


Microsoft Office PowerPoint

CVE-2026-55120

Microsoft PowerPoint Remote Code Execution Vulnerability

Advertisement
Critical


Microsoft Office PowerPoint

CVE-2026-55043

Microsoft PowerPoint Remote Code Execution Vulnerability

Critical


Microsoft Office PowerPoint

Advertisement
CVE-2026-55123

Microsoft PowerPoint Remote Code Execution Vulnerability

Critical


Microsoft Office SharePoint

CVE-2026-56157

Advertisement
Microsoft SharePoint Server Spoofing Vulnerability

Important


Microsoft Office SharePoint

CVE-2026-55126

Microsoft SharePoint Server Spoofing Vulnerability

Advertisement
Important


Microsoft Office SharePoint

CVE-2026-55051

Microsoft SharePoint Server Information Disclosure Vulnerability

Important


Microsoft Office SharePoint

Advertisement
CVE-2026-55040

Microsoft SharePoint Server Security Feature Bypass Vulnerability

Critical


Microsoft Office SharePoint

CVE-2026-56164

Advertisement
Microsoft SharePoint Server Elevation of Privilege Vulnerability

Moderate


Microsoft Office SharePoint

CVE-2026-55052

Microsoft SharePoint Elevation of Privilege Vulnerability

Advertisement
Important


Microsoft Office SharePoint

CVE-2026-55135

Microsoft SharePoint Server Spoofing Vulnerability

Important


Microsoft Office SharePoint

Advertisement
CVE-2026-58644

Microsoft SharePoint Remote Code Execution Vulnerability

Critical


Microsoft Office SharePoint

CVE-2026-54108

Advertisement
Microsoft SharePoint Server Spoofing Vulnerability

Important


Microsoft Office SharePoint

CVE-2026-55021

Microsoft SharePoint Server Spoofing Vulnerability

Advertisement
Important


Microsoft Office SharePoint

CVE-2026-55020

Microsoft SharePoint Server Spoofing Vulnerability

Important


Microsoft Office SharePoint

Advertisement
CVE-2026-58277

Microsoft SharePoint Elevation of Privilege Vulnerability

Important


Microsoft Office SharePoint

CVE-2026-55030

Advertisement
Microsoft SharePoint Server Spoofing Vulnerability

Important


Microsoft Office SharePoint

CVE-2026-50522

Microsoft SharePoint Remote Code Execution Vulnerability

Advertisement
Critical


Microsoft Office SharePoint

CVE-2026-55034

Microsoft SharePoint Server Spoofing Vulnerability

Important


Microsoft Office SharePoint

Advertisement
CVE-2026-55019

Microsoft SharePoint Server Spoofing Vulnerability

Important


Microsoft Office SharePoint

CVE-2026-55016

Advertisement
Microsoft SharePoint Server Spoofing Vulnerability

Important


Microsoft Office Word

CVE-2026-55055

Microsoft Word Remote Code Execution Vulnerability

Advertisement
Important


Microsoft Office Word

CVE-2026-55142

Microsoft Word Information Disclosure Vulnerability

Important


Microsoft Office Word

Advertisement
CVE-2026-55130

Microsoft Word Remote Code Execution Vulnerability

Important


Microsoft Office Word

CVE-2026-55128

Advertisement
Microsoft Word Remote Code Execution Vulnerability

Important


Microsoft Office Word

CVE-2026-55032

Microsoft Word Remote Code Execution Vulnerability

Advertisement
Important


Microsoft Office Word

CVE-2026-55038

Microsoft Word Remote Code Execution Vulnerability

Important


Microsoft Office Word

Advertisement
CVE-2026-55127

Microsoft Word Remote Code Execution Vulnerability

Critical


Microsoft Office Word

CVE-2026-55033

Advertisement
Microsoft Word Remote Code Execution Vulnerability

Critical


Microsoft Office Word

CVE-2026-55124

Microsoft Word Information Disclosure Vulnerability

Advertisement
Important


Microsoft Office Word

CVE-2026-55050

Microsoft Word Information Disclosure Vulnerability

Important


Microsoft Office Word

Advertisement
CVE-2026-55134

Microsoft Word Remote Code Execution Vulnerability

Important


Microsoft Office Word

CVE-2026-55132

Advertisement
Microsoft Word Remote Code Execution Vulnerability

Critical


Microsoft Printer Drivers

CVE-2026-49166

Windows Print Configuration Elevation of Privilege Vulnerability

Advertisement
Important


Microsoft Printer Drivers

CVE-2026-55004

Windows Print Configuration Elevation of Privilege Vulnerability

Important


Microsoft Surface

Advertisement
CVE-2026-48581

Surface Broker SDMA Elevation of Privilege Vulnerability

Important


Microsoft Windows

CVE-2026-50476

Advertisement
Windows Network Connections Service Elevation of Privilege Vulnerability

Important


Microsoft Windows App Store

CVE-2026-49165

Microsoft Windows App Store Information Disclosure Vulnerability

Advertisement
Important


Microsoft Windows App Store

CVE-2026-49784

Microsoft Windows App Store Elevation of Privilege Vulnerability

Important


Microsoft Windows App Store

Advertisement
CVE-2026-50356

Microsoft Windows App Store Elevation of Privilege Vulnerability

Important


Microsoft Windows App Store

CVE-2026-42900

Advertisement
Microsoft Windows App Store Elevation of Privilege Vulnerability

Important


Microsoft Windows Codecs Library

CVE-2026-57083

Windows Media Photo Codec Information Disclosure Vulnerability

Advertisement
Important


Microsoft Windows Media Foundation

CVE-2026-56189

Microsoft Windows Media Foundation Remote Code Execution Vulnerability

Critical


Microsoft Windows Media Foundation

Advertisement
CVE-2026-57087

Microsoft Windows Media Foundation Remote Code Execution Vulnerability

Critical


Microsoft Windows Media Foundation

CVE-2026-57094

Advertisement
Microsoft Windows Media Foundation Remote Code Execution Vulnerability

Critical


Microsoft Windows Media Foundation

CVE-2026-57090

Microsoft Windows Media Foundation Remote Code Execution Vulnerability

Advertisement
Critical


Microsoft Windows Media Foundation

CVE-2026-58610

Microsoft Windows Media Foundation Remote Code Execution Vulnerability

Important


Microsoft Windows Media Foundation

Advertisement
CVE-2026-54993

Microsoft Windows Media Foundation Remote Code Execution Vulnerability

Important


Microsoft Windows Search Component

CVE-2026-50373

Advertisement
Windows Search Service Elevation of Privilege Vulnerability

Important


Microsoft Windows Search Component

CVE-2026-50679

Windows Search Service Elevation of Privilege Vulnerability

Advertisement
Important


Microsoft Windows Speech

CVE-2026-49171

Windows Speech Runtime Elevation of Privilege Vulnerability

Important


Microsoft XML

Advertisement
CVE-2026-57097

Microsoft XML Security Feature Bypass Vulnerability

Important


Microsoft XML Core Services

CVE-2026-50359

Advertisement
Microsoft XML Core Services Elevation of Privilege Vulnerability

Important


Minecraft Bedrock Dedicated Server

CVE-2026-55010

Minecraft Bedrock Dedicated Server Remote Code Execution Vulnerability

Advertisement
Critical


Outlook Copilot

CVE-2026-55145

Outlook Copilot Tampering Vulnerability

Moderate


Power BI

Advertisement
CVE-2026-58647

Microsoft PowerBI Report Server Spoofing Vulnerability

Important


Quality Windows Audio/Video Experience (QWAVE) service

CVE-2026-54989

Advertisement
Quality Windows Audio/Video Experience (QWAVE) Elevation of Privilege Vulnerability

Important


Reliable Multicast Transport Driver (RMCAST)

CVE-2026-54995

Windows Reliable Multicast Transport Driver (RMCAST) Remote Code Execution Vulnerability

Advertisement
Critical


Reliable Multicast Transport Driver (RMCAST)

CVE-2026-54982

Windows Reliable Multicast Transport Driver (RMCAST) Remote Code Execution Vulnerability

Critical


Remote Desktop Client

Advertisement
CVE-2026-50474

Remote Desktop Client Remote Code Execution Vulnerability

Critical


Remote Desktop Client

CVE-2026-54990

Advertisement
Remote Desktop Client Remote Code Execution Vulnerability

Important


Remote Desktop Client

CVE-2026-50330

Windows Remote Desktop Client Elevation of Privilege Vulnerability

Advertisement
Important


Remote Desktop Client

CVE-2026-50504

Windows Remote Desktop Client Information Disclosure Vulnerability

Important


Role: DNS Server

Advertisement
CVE-2026-50426

Windows DNS Server Remote Code Execution Vulnerability

Important


Role: DNS Server

CVE-2026-49169

Advertisement
Windows DNS Server Remote Code Execution Vulnerability

Important


RPC Runtime

CVE-2026-50346

Netlogon RPC Elevation of Privilege Vulnerability

Advertisement
Important


SQL Server

CVE-2026-54118

Microsoft SQL Server Remote Code Execution Vulnerability

Critical


SQL Server

Advertisement
CVE-2026-47296

Microsoft SQL Server Elevation of Privilege Vulnerability

Important


SQL Server

CVE-2026-54116

Advertisement
Microsoft SQL Server Information Disclosure Vulnerability

Important


SQL Server

CVE-2026-47295

Microsoft SQL Server Elevation of Privilege Vulnerability

Advertisement
Important


SQL Server

CVE-2026-55002

Microsoft SQL Server Elevation of Privilege Vulnerability

Important


SQL Server

Advertisement
CVE-2026-50468

Microsoft SQL Server Information Disclosure Vulnerability

Important


SQL Server

CVE-2026-54117

Advertisement
Microsoft SQL Server Remote Code Execution Vulnerability

Critical


SQL Server ODBC driver

CVE-2026-42990

SQL Server ODBC driver Elevation of Privilege Vulnerability

Advertisement
Important


Universal Plug and Play (upnp.dll)

CVE-2026-49180

Universal Plug and Play (upnp.dll) Information Disclosure Vulnerability

Important


Universal Plug and Play (upnp.dll)

Advertisement
CVE-2026-58547

Windows Universal Plug and Play (UPnP) Device Host Elevation of Privilege Vulnerability

Important


Universal Plug and Play (upnp.dll)

CVE-2026-50455

Advertisement
Universal Plug and Play (upnp.dll) Information Disclosure Vulnerability

Important


Virtual Hard Disk (VHD) Miniport Driver

CVE-2026-58601

Virtual Hard Disk (VHD) Miniport Driver Elevation of Privilege Vulernability

Advertisement
Important


Visual Studio

CVE-2026-47305

Visual Studio Remote Code Execution Vulnerability

Important


Visual Studio Code

Advertisement
CVE-2026-50520

Visual Studio Code Remote Code Execution Vulnerability

Important


Visual Studio Code

CVE-2026-45496

Advertisement
Visual Studio Code Security Feature Bypass Vulnerability

Important


Visual Studio Code

CVE-2026-57102

Visual Studio Code Security Feature Bypass Vulnerability

Advertisement
Important


Visual Studio Code

CVE-2026-57101

Visual Studio Code Security Feature Bypass Vulnerability

Important


Window PC Manager

Advertisement
CVE-2026-50438

Microsoft PC Manager Elevation of Privilege Vulnerability

Important


Window PC Manager

CVE-2026-58636

Advertisement
Microsoft PC Manager Elevation of Privilege Vulnerability

Important


Windows Active Directory

CVE-2026-55001

Active Directory Domain Services Elevation of Privilege Vulnerability

Advertisement
Important


Windows Active Directory

CVE-2026-50682

Active Directory Denial of Service Vulnerability

Important


Windows Active Directory

Advertisement
CVE-2026-54119

Windows Active Directory Denial of Service Vulnerability

Important


Windows Active Directory

CVE-2026-54115

Advertisement
Windows Message Queuing (MSMQ) Elevation of Privilege Vulnerability

Important


Windows Admin Center

CVE-2026-57107

Windows Admin Center Elevation of Privilege Vulnerability

Advertisement
Important


Windows Admin Center

CVE-2026-58631

Windows Admin Center (WAC) Remote Code Execution Vulnerability

Important


Windows Admin Center

Advertisement
CVE-2026-56169

Windows Admin Center Elevation of Privilege Vulnerability

Important


Windows Admin Center

CVE-2026-56185

Advertisement
Windows Admin Center Information Disclosure Vulnerability

Important


Windows Admin Center

CVE-2026-56196

Windows Admin Center (WAC) Remote Code Execution Vulnerability

Advertisement
Important


Windows Admin Center

CVE-2026-56197

Windows Admin Center (WAC) Remote Code Execution Vulnerability

Important


Windows Ancillary Function Driver for WinSock

Advertisement
CVE-2026-57093

Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability

Important


Windows Ancillary Function Driver for WinSock

CVE-2026-50312

Advertisement
Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability

Important


Windows Ancillary Function Driver for WinSock

CVE-2026-34346

Windows Ancillary Function Driver for WinSock Information Disclosure Vulnerability

Advertisement
Important


Windows Ancillary Function Driver for WinSock

CVE-2026-50462

Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability

Important


Windows App Installer

Advertisement
CVE-2026-48571

Windows App Package Installer Elevation of Privilege Vulnerability

Important


Windows App Installer

CVE-2026-48572

Advertisement
Windows App Package Installer Elevation of Privilege Vulnerability

Important


Windows App Installer

CVE-2026-50400

Windows App Package Installer Elevation of Privilege Vulnerability

Advertisement
Important


Windows Application Model

CVE-2026-50331

Windows Application Model Core API Elevation of Privilege Vulnerability

Important


Windows AppX Deployment Service

Advertisement
CVE-2026-49803

Windows AppX Deployment Extensions Elevation of Privilege Vulnerability

Important


Windows Audio Compression Manager (ACM)

CVE-2026-50351

Advertisement
Windows Audio Compression Manager (ACM) Elevation of Privilege Vulnerability

Important


Windows Audio Service

CVE-2026-34328

Windows Audio Service Information Disclosure Vulnerability

Advertisement
Important


Windows Audio Service

CVE-2026-50440

Windows Audio Service Elevation of Privilege Vulnerability

Important


Windows Backup Engine

Advertisement
CVE-2026-50406

Windows Backup Engine Elevation of Privilege Vulnerability

Important


Windows BitLocker

CVE-2026-50661

Advertisement
Windows BitLocker Security Feature Bypass Vulnerability

Important


Windows Bluetooth Port Driver

CVE-2026-42975

Windows Bluetooth Port Driver Remote Code Execution

Advertisement
Important


Windows Bluetooth Service

CVE-2026-58538

Windows Bluetooth Service Elevation of Privilege Vulnerability

Important


Windows Boot Loader

Advertisement
CVE-2026-58638

Windows Boot Loader Security Feature Bypass Vulnerability

Important


Windows Brokering File System

CVE-2026-50466

Advertisement
Microsoft Brokering File System Elevation of Privilege Vulnerability

Important


Windows Brokering File System

CVE-2026-49162

Microsoft Brokering File System Elevation of Privilege Vulnerability

Advertisement
Important


Windows Brokering File System

CVE-2026-50305

Microsoft Brokering File System Elevation of Privilege Vulnerability

Important


Windows Brokering File System

Advertisement
CVE-2026-50361

Microsoft Brokering File System Elevation of Privilege Vulnerability

Important


Windows Brokering File System

CVE-2026-50458

Advertisement
Microsoft Brokering File System Elevation of Privilege Vulnerability

Important


Windows Client-Side Caching (CSC) Service

CVE-2026-58637

Windows Client-Side Caching Elevation of Privilege Vulnerability

Advertisement
Important


Windows Clip Service

CVE-2026-50384

Windows Clip Service Elevation of Privilege Vulnerability

Important


Windows Clipboard Server

Advertisement
CVE-2026-50689

Windows Clipboard Server Elevation of Privilege Vulnerability

Important


Windows Clipboard Server

CVE-2026-49183

Advertisement
Windows Clipboard Server Elevation of Privilege Vulnerability

Important


Windows Clipboard User Service

CVE-2026-50488

Clipboard User Service Elevation of Privilege Vulnerability

Advertisement
Important


Windows Cloud Files Mini Filter Driver

CVE-2026-50374

Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability

Important


Windows Cloud Files Mini Filter Driver

Advertisement
CVE-2026-50401

Windows Cloud Files Mini Filter Driver Information Disclosure Vulnerability

Important


Windows Cloud Files Mini Filter Driver

CVE-2026-58613

Advertisement
Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability

Important


Windows Cloud Files Mini Filter Driver

CVE-2026-58536

Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability

Advertisement
Important


Windows Common Log File System Driver

CVE-2026-50697

Windows Common Log File System Driver Elevation of Privilege Vulnerability

Important


Windows Connected User Experiences and Telemetry

Advertisement
CVE-2026-50421

Windows Connected User Experiences and Telemetry Elevation of Privilege Vulnerability

Important


Windows Container Isolation FS Filter Driver (unionfs.sys)

CVE-2026-50428

Advertisement
Windows Container Isolation FS Filter Driver (unionfs.sys) Information Disclosure Vulnerability

Important


Windows CryptoAPI

CVE-2026-55144

Windows Cryptography API: Next Generation (CNG) Tampering Vulnerability

Advertisement
Important


Windows Cryptographic Services

CVE-2026-50681

Windows Secure Channel Information Disclosure Vulnerability

Important


Windows Cryptographic Services

Advertisement
CVE-2026-44806

Windows Secure Channel Denial of Service Vulnerability

Important


Windows Cryptographic Services

CVE-2026-50302

Advertisement
Windows Cryptographic Services Security Feature Bypass Vulnerability

Important


Windows Cryptographic Services

CVE-2026-50352

Windows Cryptographic Services Information Disclosure Vulnerability

Advertisement
Important


Windows Data.dll

CVE-2026-50347

Windows Data.dll Remote Code Execution Vulnerability

Important


Windows Devices Human Interface

Advertisement
CVE-2026-50310

Windows Human Interface Device Information Disclosure Vulnerability

Important


Windows DHCP Client

CVE-2026-54128

Advertisement
Windows DHCP Client Remote Code Execution Vulnerability

Critical


Windows DHCP Client

CVE-2026-49181

Windows DHCP Client Elevation of Privilege Vulnerability

Advertisement
Important


Windows DHCP Server

CVE-2026-50518

Windows DHCP Server Remote Code Execution Vulnerability

Critical


Windows DHCP Server

Advertisement
CVE-2026-50370

DHCP Server Service Remote Code Execution Vulnerability

Critical


Windows DHCP Server

CVE-2026-50683

Advertisement
Windows DHCP Client Elevation of Privilege Vulnerability

Important


Windows DHCP Server

CVE-2026-50685

Windows DHCP Server Remote Code Execution Vulnerability

Advertisement
Important


Windows DHCP Server

CVE-2026-58627

Windows DHCP Server Denial of Service Vulnerability

Important


Windows DHCP Server

Advertisement
CVE-2026-56159

DHCP Server Service Remote Code Execution Vulnerability

Critical


Windows DHCP Server

CVE-2026-48564

Advertisement
DHCP Server Service Remote Code Execution Vulnerability

Critical


Windows DirectX

CVE-2026-50353

DirectX Graphics Kernel Elevation of Privilege Vulnerability

Advertisement
Important


Windows DirectX

CVE-2026-50382

DirectX Graphics Kernel Remote Code Execution Vulnerability

Critical


Windows DirectX

Advertisement
CVE-2026-49807

Windows DirectX Information Disclosure Vulnerability

Important


Windows DirectX

CVE-2026-58629

Advertisement
DirectX Graphics Kernel Elevation of Privilege Vulnerability

Important


Windows DirectX

CVE-2026-50375

DirectX Graphics Kernel Elevation of Privilege Vulnerability

Advertisement
Important


Windows DNS

CVE-2026-50465

Windows DNS Client Tampering Vulnerability

Important


Windows DNS

Advertisement
CVE-2026-50487

Windows DNS Client Elevation of Privilege Vulnerability

Important


Windows DNS

CVE-2026-50495

Advertisement
DNS Client Tampering Vulnerability

Important


Windows DNS

CVE-2026-49174

DNS Client Tampering Vulnerability

Advertisement
Important


Windows DNS

CVE-2026-50295

Windows Zero Trust DNS Security Feature Bypass Vulnerability

Important


Windows DNS

Advertisement
CVE-2026-49175

Windows DNS Client Elevation of Privilege Vulnerability

Important


Windows Domain Controller

CVE-2026-50424

Advertisement
Windows Domain Controller Denial of Service Vulnerability

Important


Windows DWM

CVE-2026-58541

Microsoft DWM Core Library Elevation of Privilege Vulnerability

Advertisement
Important


Windows DWM Core Library

CVE-2026-50437

Windows DWM Core Library Information Disclosure Vulnerability

Important


Windows Event Logging Service

Advertisement
CVE-2026-50502

Windows Event Logging Service Remote Code Execution Vulnerability

Important


Windows Event Logging Service

CVE-2026-34348

Advertisement
Windows Event Logging Service Information Disclosure Vulnerability

Important


Windows File Explorer

CVE-2026-33842

Windows File Explorer Information Disclosure Vulnerability

Advertisement
Important


Windows File Explorer

CVE-2026-50389

Windows File Explorer Information Disclosure Vulnerability

Important


Windows File Explorer

Advertisement
CVE-2026-57084

Windows File Explorer Information Disclosure Vulnerability

Important


Windows File Explorer

CVE-2026-41087

Advertisement
Windows File Explorer Information Disclosure Vulnerability

Important


Windows File Explorer

CVE-2026-50442

Windows File Explorer Information Disclosure Vulnerability

Advertisement
Important


Windows File Explorer

CVE-2026-50456

Windows File Explorer Information Disclosure Vulnerability

Important


Windows File Explorer

Advertisement
CVE-2026-50473

Windows File Explorer Information Disclosure Vulnerability

Important


Windows File Explorer

CVE-2026-40422

Advertisement
Windows File Explorer Information Disclosure Vulnerability

Important


Windows File History Service

CVE-2026-57091

Windows File History Service Elevation of Privilege Vulnerability

Advertisement
Important


Windows Filtering Platform (WFP)

CVE-2026-50405

Windows Filtering Platform Elevation of Privilege Vulnerability

Important


Windows FTP Service

Advertisement
CVE-2026-49172

Windows FTP Service Remote Code Execution Vulnerability

Important


Windows GDI

CVE-2026-50387

Advertisement
Windows GDI Elevation of Privilege Vulnerability

Important


Windows GDI+

CVE-2026-49796

Windows GDI+ Remote Code Execution Vulnerability

Advertisement
Critical


Windows GDI+

CVE-2026-54122

Windows GDI+ Remote Code Execution Vulnerability

Important


Windows GDI+

Advertisement
CVE-2026-50380

Windows GDI+ Remote Code Execution Vulnerability

Critical


Windows Graphics Kernel

CVE-2026-50296

Advertisement
DirectX Graphics Kernel Elevation of Privilege Vulnerability

Important


Windows Graphics Kernel

CVE-2026-50493

DirectX Graphics Kernel Elevation of Privilege Vulnerability

Advertisement
Important


Windows Group Policy

CVE-2026-50391

Windows Group Policy Elevation of Privilege Vulnerability

Important


Windows HTTP.sys

Advertisement
CVE-2026-50420

HTTP.sys Information Disclosure Vulnerability

Important


Windows HTTP.sys

CVE-2026-49787

Advertisement
HTTP.sys Denial of Service Vulnerability

Important


Windows Hyper-V

CVE-2026-50485

Windows Hyper-V Denial of Service Vulnerability

Advertisement
Important


Windows Hyper-V

CVE-2026-54129

Windows Hyper-V Elevation of Privilege Vulnerability

Important


Windows Hyper-V

Advertisement
CVE-2026-50680

Windows Hyper-V Elevation of Privilege Vulnerability

Critical


Windows Hyper-V

CVE-2026-54127

Advertisement
Windows Hyper-V Elevation of Privilege Vulnerability

Critical


Windows Image Acquisition

CVE-2026-50315

Windows Image Acquisition Elevation of Privilege Vulnerability

Advertisement
Important


Windows Installer

CVE-2026-50490

Windows Installer Elevation of Privilege Vulnerability

Important


Windows Installer

Advertisement
CVE-2026-58540

Windows Installer Elevation of Privilege Vulnerability

Important


Windows Internal System User Profile

CVE-2026-50425

Advertisement
Windows Internal System User Profile Elevation of Privilege Vulnerability

Important


Windows Internal Task Bar

CVE-2026-50293

Windows Internal Task Bar Elevation of Privilege Vulnerability

Advertisement
Important


Windows Internet Key Exchange (IKE) Protocol

CVE-2026-50696

Internet Key Exchange (IKE) Protocol Denial of Service Vulnerability

Important


Windows Kernel

Advertisement
CVE-2026-50688

Windows Win32k Elevation of Privilege Vulnerability

Important


Windows Kernel

CVE-2026-58545

Advertisement
Windows Kernel Security Feature Bypass Vulnerability

Important


Windows Kernel

CVE-2026-56644

DirectX Graphics Kernel Elevation of Privilege Vulnerability

Advertisement
Important


Windows Kernel

CVE-2026-56643

DirectX Graphics Kernel Elevation of Privilege Vulnerability

Important


Windows Kernel

Advertisement
CVE-2026-50377

Windows Kernel Elevation of Privilege Vulnerability

Important


Windows Kernel

CVE-2026-50329

Advertisement
Microsoft DWM Core Library Elevation of Privilege Vulnerability

Important


Windows Kernel

CVE-2026-49173

Windows Kernel Elevation of Privilege Vulnerability

Advertisement
Important


Windows Kernel

CVE-2026-50475

Windows Kernel Information Disclosure Vulnerability

Important


Windows Kernel

Advertisement
CVE-2026-50463

Windows Kernel Information Disclosure Vulnerability

Important


Windows Kernel

CVE-2026-50354

Advertisement
Windows Kernel Elevation of Privilege Vulnerability

Important


Windows Kernel

CVE-2026-50419

Windows Kernel Information Disclosure Vulnerability

Advertisement
Important


Windows Kernel

CVE-2026-50429

Windows Kernel Information Disclosure Vulnerability

Important


Windows Kernel

Advertisement
CVE-2026-50423

Windows Kernel Elevation of Privilege Vulnerability

Important


Windows Kernel

CVE-2026-50316

Advertisement
Windows Kernel Information Disclosure Vulnerability

Important


Windows Kernel

CVE-2026-50687

Windows Win32k Elevation of Privilege Vulnerability

Advertisement
Important


Windows Kernel

CVE-2026-50294

Windows Kernel Information Disclosure Vulnerability

Important


Windows Kernel

Advertisement
CVE-2026-50399

Windows Kernel Elevation of Privilege Vulnerability

Important


Windows Kernel

CVE-2026-50390

Advertisement
Windows Kernel Elevation of Privilege Vulnerability

Important


Windows Kernel

CVE-2026-50673

Windows Kernel Elevation of Privilege Vulnerability

Advertisement
Important


Windows Kernel

CVE-2026-50436

Windows Kernel Elevation of Privilege Vulnerability

Important


Windows Kernel

Advertisement
CVE-2026-50397

Windows Kernel Elevation of Privilege Vulnerability

Important


Windows Kernel

CVE-2026-58532

Advertisement
Windows Kernel Elevation of Privilege Vulnerability

Important


Windows Kernel

CVE-2026-49798

Windows Kernel Elevation of Privilege Vulnerability

Advertisement
Important


Windows Kernel

CVE-2026-54132

Windows Kernel Elevation of Privilege Vulnerability

Important


Windows Kernel

Advertisement
CVE-2026-49795

Windows Kernel Elevation of Privilege Vulnerability

Important


Windows Kernel

CVE-2026-58614

Advertisement
Windows Kernel Security Feature Bypass Vulnerability

Important


Windows Kernel

CVE-2026-49167

Windows Kernel Elevation of Privilege Vulnerability

Advertisement
Important


Windows Kernel

CVE-2026-50478

Windows Kernel Elevation of Privilege Vulnerability

Important


Windows Kernel

Advertisement
CVE-2026-50332

Windows Kernel Elevation of Privilege Vulnerability

Important


Windows Kernel

CVE-2026-50670

Advertisement
Windows Win32k Elevation of Privilege Vulnerability

Important


Windows Kernel

CVE-2026-50459

Windows Kernel Elevation of Privilege Vulnerability

Advertisement
Important


Windows Kernel

CVE-2026-50477

Windows Kernel Elevation of Privilege Vulnerability

Important


Windows Kernel

Advertisement
CVE-2026-50300

Windows DWM Core Library Information Disclosure Vulnerability

Important


Windows Kernel

CVE-2026-50484

Advertisement
Windows Kernel Elevation of Privilege Vulnerability

Important


Windows Kernel

CVE-2026-49808

Windows Kernel Elevation of Privilege Vulnerability

Advertisement
Important


Windows Kernel Mode Driver

CVE-2026-58602

Windows Kernel-Mode Driver Elevation of Privilege Vulnerability

Important


Windows Kernel-Mode Drivers

Advertisement
CVE-2026-50393

Windows Kernel-Mode Driver Elevation of Privilege Vulnerability

Important


Windows Kernel-Mode Drivers

CVE-2026-50396

Advertisement
Windows Kernel-Mode Driver Elevation of Privilege Vulnerability

Important


Windows Key Guard

CVE-2026-50378

Windows Key Guard Elevation of Privilege Vulnerability

Advertisement
Important


Windows Key Guard

CVE-2026-50303

Windows Key Guard Security Feature Bypass Vulnerability

Important


Windows Local Security Authority Subsystem Service (LSASS)

Advertisement
CVE-2026-40378

Windows Local Security Authority Subsystem Service (LSASS) Denial of Service Vulnerability

Important


Windows Local Security Authority Subsystem Service (LSASS)

CVE-2026-49799

Advertisement
Windows Local Security Authority Subsystem Service (LSASS) Denial of Service Vulnerability

Important


Windows LUAFV

CVE-2026-50371

Windows LUA File Virtualization Filter Driver Elevation of Privilege Vulnerability

Advertisement
Important


Windows Management Services

CVE-2026-58544

Windows Management Services Elevation of Privilege Vulnerability

Important


Windows Media

Advertisement
CVE-2026-34349

Windows Media Information Disclosure Vulnerability

Important


Windows Media

CVE-2026-50379

Advertisement
Windows Media Elevation of Privilege Vulnerability

Important


Windows Media

CVE-2026-58542

Windows Media Remote Code Execution Vulnerability

Advertisement
Critical


Windows Media

CVE-2026-50677

Windows Media Elevation of Privilege Vulnerability

Important


Windows Media

Advertisement
CVE-2026-50358

Windows Media Elevation of Privilege Vulnerability

Important


Windows Media

CVE-2026-50676

Advertisement
Windows Media Elevation of Privilege Vulnerability

Important


Windows Media

CVE-2026-50327

Windows Media Remote Code Execution Vulnerability

Advertisement
Critical


Windows Media

CVE-2026-50404

Windows Media Elevation of Privilege Vulnerability

Important


Windows Media

Advertisement
CVE-2026-50655

Microsoft Windows Media Foundation Remote Code Execution Vulnerability

Critical


Windows Media

CVE-2026-50415

Advertisement
Windows Media Information Disclosure Vulnerability

Important


Windows Media

CVE-2026-50414

Windows Media Elevation of Privilege Vulnerability

Advertisement
Important


Windows Media

CVE-2026-50433

Windows Media Elevation of Privilege Vulnerability

Important


Windows Media

Advertisement
CVE-2026-50394

Windows Media Information Disclosure Vulnerability

Important


Windows Media

CVE-2026-50336

Advertisement
Windows Media Elevation of Privilege Vulnerability

Important


Windows Media

CVE-2026-50398

Windows Media Elevation of Privilege Vulnerability

Advertisement
Important


Windows Message Queuing

CVE-2026-50447

Windows Message Queuing Service (MSMQ) Remote Code Execution Vulnerability

Important


Windows Message Queuing

Advertisement
CVE-2026-50505

Windows Message Queuing Service (MSMQ) Remote Code Execution Vulnerability

Important


Windows Message Queuing Queue Manager

CVE-2026-50439

Advertisement
Microsoft Message Queuing Queue Manager Remote Code Execution Vulnerability

Important


Windows Message Queuing Queue Manager

CVE-2026-54992

Microsoft Message Queuing Queue Manager Remote Code Execution Vulnerability

Advertisement
Critical


Windows MIDI Service Module

CVE-2026-56183

Windows MIDI Service Module Elevation of Privileges Vulnerability

Important


Windows MIDI Service Module

Advertisement
CVE-2026-50342

Windows MIDI Service Module Elevation of Privileges Vulnerability

Important


Windows MIDI Service Module

CVE-2026-56187

Advertisement
Windows MIDI Service Module Elevation of Privileges Vulnerability

Important


Windows Narrator Braille

CVE-2026-58635

Windows Narrator Braille Elevation of Privilege Vulnerability

Advertisement
Important


Windows Netlogon

CVE-2026-50500

Windows Netlogon Elevation of Privilege Vulnerability

Important


Windows Network Address Translation (NAT)

Advertisement
CVE-2026-56181

Windows Network Address Translation (NAT) Spoofing Vulnerability

Moderate


Windows Network File System

CVE-2026-56650

Advertisement
Windows Network File System Elevation of Privilege Vulnerability

Important


Windows Network File System

CVE-2026-56648

Windows NFS Server Elevation of Privilege Vulnerability

Advertisement
Important


Windows Network File System

CVE-2026-56194

Windows NFS Server Elevation of Privilege Vulnerability

Important


Windows Network File System

Advertisement
CVE-2026-56649

Windows Network File System Remote Code Execution Vulnerability

Important


Windows Network Policy Server SNMP

CVE-2026-50496

Advertisement
Windows Network Policy Server SNMP Information Disclosure Vulnerability

Important


Windows Network Policy Server SNMP

CVE-2026-50470

Windows Network Policy Server SNMP Information Disclosure Vulnerability

Advertisement
Important


Windows Notification

CVE-2026-50337

Windows Notification Elevation of Privilege Vulnerability

Important


Windows Notification

Advertisement
CVE-2026-50334

Windows Push Notification Information Disclosure Vulnerability

Important


Windows NTFS

CVE-2026-50422

Advertisement
Windows NTFS Elevation of Privilege Vulnerability

Important


Windows NTFS

CVE-2026-50341

Windows NTFS Information Disclosure Vulnerability

Advertisement
Important


Windows NTFS

CVE-2026-50308

Windows NTFS Remote Code Execution Vulnerability

Important


Windows NTFS

Advertisement
CVE-2026-50471

Windows NTFS Remote Code Execution Vulnerability

Important


Windows NTFS

CVE-2026-50402

Advertisement
NTFS Elevation of Privilege Vulnerability

Important


Windows NTFS

CVE-2026-50388

Windows NTFS Remote Code Execution Vulnerability

Advertisement
Important


Windows NTFS

CVE-2026-50313

Windows NTFS Remote Code Execution Vulnerability

Important


Windows NTFS

Advertisement
CVE-2026-50417

Windows NTFS Remote Code Execution Vulnerability

Important


Windows NTFS

CVE-2026-50309

Advertisement
Windows NTFS Remote Code Execution Vulnerability

Important


Windows NTFS

CVE-2026-56175

Windows NTFS Elevation of Privilege Vulnerability

Advertisement
Important


Windows NTFS

CVE-2026-50494

Windows NTFS Remote Code Execution Vulnerability

Important


Windows NTFS

Advertisement
CVE-2026-56182

Windows NTFS Elevation of Privilege Vulnerability

Important


Windows NTFS

CVE-2026-50482

Advertisement
Windows NTFS Remote Code Execution Vulnerability

Important


Windows NTFS

CVE-2026-58640

Windows NTFS Remote Code Execution Vulnerability

Advertisement
Important


Windows NTFS

CVE-2026-50386

Windows NTFS Remote Code Execution Vulnerability

Important


Windows NTFS

Advertisement
CVE-2026-50672

Windows NTFS Elevation of Privilege Vulnerability

Important


Windows NTFS

CVE-2026-50668

Advertisement
Windows Resilient File System (ReFS) Elevation of Privilege Vulnerability

Important


Windows NTFS

CVE-2026-49789

Windows NTFS Elevation of Privilege Vulnerability

Advertisement
Important


Windows NTFS

CVE-2026-49797

Windows NTFS Remote Code Execution Vulnerability

Important


Windows NTFS

Advertisement
CVE-2026-50448

Windows NTFS Remote Code Execution Vulnerability

Important


Windows NTFS

CVE-2026-49184

Advertisement
Windows NTFS Remote Code Execution Vulnerability

Important


Windows NTFS

CVE-2026-50412

Windows NTFS Elevation of Privilege Vulnerability

Advertisement
Important


Windows NTFS

CVE-2026-50667

Windows Common Log File System Driver Elevation of Privilege Vulnerability

Important


Windows NTFS

Advertisement
CVE-2026-50461

Windows NTFS Remote Code Execution Vulnerability

Important


Windows OLE

CVE-2026-50686

Advertisement
Windows OLE Remote Code Execution Vulnerability

Important


Windows OLE

CVE-2026-50344

Windows OLE Elevation of Privilege Vulnerability

Advertisement
Important


Windows Operating Systems

CVE-2026-50317

Windows Operating Systems Elevation of Privilege Vulnerability

Important


Windows Operating Systems

Advertisement
CVE-2026-50335

Windows Operating Systems Elevation of Privilege Vulnerability

Important


Windows Overlay Filter

CVE-2026-54987

Advertisement
Windows Overlay Filter Elevation of Privilege Vulnerability

Important


Windows Overlay Filter

CVE-2026-50435

Windows Overlay Filter Elevation of Privilege Vulnerability

Advertisement
Important


Windows Overlay Filter

CVE-2026-50409

Windows Overlay Filter Information Disclosure Vulnerability

Important


Windows PowerShell

Advertisement
CVE-2026-40400

Windows PowerShell Remote Code Execution Vulnerability

Important


Windows Print Spooler Components

CVE-2026-57085

Advertisement
Windows Print Spooler Information Disclosure Vulnerability

Important


Windows Print Spooler Components

CVE-2026-50499

Windows Print Spooler Elevation of Privilege Vulnerability

Advertisement
Important


Windows Print Spooler Components

CVE-2026-50383

Windows Print Spooler Information Disclosure Vulnerability

Important


Windows Print Spooler Components

Advertisement
CVE-2026-58608

Windows Print Spooler Remote Code Execution Vulnerability

Critical


Windows Projected File System

CVE-2026-50469

Advertisement
Windows Projected File System Elevation of Privilege Vulnerability

Important


Windows Push Notifications

CVE-2026-50430

Windows Push Notification Information Disclosure Vulnerability

Advertisement
Important


Windows Push Notifications

CVE-2026-44800

Windows Push Notifications Elevation of Privilege Vulnerability

Important


Windows Push Notifications

Advertisement
CVE-2026-50434

Windows Push Notification Information Disclosure Vulnerability

Important


Windows Push Notifications

CVE-2026-50339

Advertisement
Windows Push Notification Information Disclosure Vulnerability

Important


Windows Push Notifications

CVE-2026-50363

Windows Push Notifications Elevation of Privilege Vulnerability

Advertisement
Important


Windows Quality of Service (QoS) Packet Scheduler

CVE-2026-50431

Windows Quality of Service (QoS) Packet Scheduler Information Disclosure Vulnerability

Important


Windows RDP

Advertisement
CVE-2026-57982

Windows Remote Desktop Protocol (RDP) Information Disclosure Vulnerability

Important


Windows RDP

CVE-2026-57979

Advertisement
Windows Remote Desktop Protocol (RDP) Information Disclosure Vulnerability

Important


Windows RDP

CVE-2026-56190

Remote Desktop Protocol Remote Code Execution Vulnerability

Advertisement
Important


Windows RDP

CVE-2026-58594

Remote Desktop Client Remote Code Execution Vulnerability

Important


Windows RDP

Advertisement
CVE-2026-55003

Windows Remote Desktop Protocol (RDP) Information Disclosure Vulnerability

Important


Windows RDP

CVE-2026-58546

Advertisement
Windows Remote Desktop Client Information Disclosure Vulnerability

Important


Windows RDP

CVE-2026-58533

Windows Remote Desktop Client Information Disclosure Vulnerability

Advertisement
Important


Windows RDP

CVE-2026-58535

Windows Remote Desktop Client Information Disclosure Vulnerability

Important


Windows RDP

Advertisement
CVE-2026-50376

Windows Remote Desktop Client Information Disclosure Vulnerability

Important


Windows RDP

CVE-2026-58539

Advertisement
Windows Remote Desktop Client Information Disclosure Vulnerability

Important


Windows RDP

CVE-2026-50445

Windows Remote Desktop Protocol (RDP) Information Disclosure Vulnerability

Advertisement
Important


Windows RDP

CVE-2026-54126

Windows Remote Desktop Protocol (RDP) Information Disclosure Vulnerability

Important


Windows Redirected Drive Buffering

Advertisement
CVE-2026-50372

Windows Redirected Drive Buffering System Elevation of Privilege Vulnerability

Important


Windows Remote Access Connection Manager

CVE-2026-50666

Advertisement
Windows Remote Access Elevation of Privilege Vulnerability

Important


Windows Remote Access Service Infrastructure

CVE-2026-56647

Windows Remote Access Service Infrastructure Elevation of Privilege Vulnerability

Advertisement
Important


Windows Remote Desktop Protocol

CVE-2026-50497

Windows Remote Desktop Protocol (RDP) Information Disclosure Vulnerability

Important


Windows Remote Desktop Services

Advertisement
CVE-2026-58626

Windows Remote Desktop Services Remote Code Execution Vulnerability

Important


Windows Remote Desktop Services

CVE-2026-50369

Advertisement
Windows Remote Desktop Services Elevation of Privilege Vulnerability

Important


Windows Remote Help Defense

CVE-2026-55014

Windows Remote Help Defense Elevation of Privilege Vulnerability

Advertisement
Important


Windows Resilient File System (ReFS)

CVE-2026-50492

Windows Resilient File System (ReFS) Remote Code Execution Vulnerability

Important


Windows Resilient File System (ReFS)

Advertisement
CVE-2026-50501

Windows Resilient File System (ReFS) Remote Code Execution Vulnerability

Important


Windows Resilient File System (ReFS)

CVE-2026-50357

Advertisement
Windows Resilient File System (ReFS) Elevation of Privilege Vulnerability

Important


Windows Resilient File System (ReFS)

CVE-2026-58530

Windows Resilient File System (ReFS) Remote Code Execution Vulnerability

Advertisement
Important


Windows Resilient File System (ReFS)

CVE-2026-50318

Windows Resilient File System (ReFS) Elevation of Privilege Vulnerability

Important


Windows Resilient File System (ReFS)

Advertisement
CVE-2026-49792

Windows Resilient File System (ReFS) Remote Code Execution Vulnerability

Important


Windows Resilient File System (ReFS)

CVE-2026-49793

Advertisement
Windows Resilient File System (ReFS) Remote Code Execution Vulnerability

Important


Windows Resilient File System (ReFS)

CVE-2026-50362

Windows Resilient File System (ReFS) Remote Code Execution Vulnerability

Advertisement
Important


Windows Resilient File System (ReFS)

CVE-2026-54109

Windows Resilient File System (ReFS) Remote Code Execution Vulnerability

Important


Windows Resilient File System (ReFS)

Advertisement
CVE-2026-50407

Windows Resilient File System (ReFS) Elevation of Privilege Vulnerability

Important


Windows Resilient File System (ReFS)

CVE-2026-50441

Advertisement
Windows Resilient File System (ReFS) Elevation of Privilege Vulnerability

Important


Windows Routing and Remote Access Service (RRAS)

CVE-2026-57096

Windows Routing and Remote Access Service (RRAS) Elevation of Privilege Vulnerability

Advertisement
Important


Windows Routing and Remote Access Service (RRAS)

CVE-2026-50451

Windows Routing and Remote Access Service (RRAS) Elevation of Privilege Vulnerability

Important


Windows Routing and Remote Access Service (RRAS)

Advertisement
CVE-2026-49791

Windows Routing and Remote Access Service (RRAS) Elevation of Privilege Vulnerability

Important


Windows RPC API

CVE-2026-50365

Advertisement
Remote Access Management service/API (RPC server) Elevation of Privilege Vulnerability

Important


Windows Runtime

CVE-2026-54125

Windows Runtime Elevation of Privilege Vulnerability

Advertisement
Important


Windows Runtime

CVE-2026-50323

Windows Runtime Elevation of Privilege Vulnerability

Important


Windows Runtime

Advertisement
CVE-2026-50449

Windows Runtime Elevation of Privilege Vulnerability

Important


Windows Runtime

CVE-2026-50460

Advertisement
Windows Runtime Elevation of Privilege Vulnerability

Important


Windows Runtime

CVE-2026-50403

Windows Runtime Elevation of Privilege Vulnerability

Advertisement
Important


Windows Runtime

CVE-2026-50410

Windows Runtime Elevation of Privilege Vulnerability

Important


Windows Runtime

Advertisement
CVE-2026-50340

Windows Runtime Elevation of Privilege Vulnerability

Important


Windows Runtime

CVE-2026-50322

Advertisement
Windows Runtime Elevation of Privilege Vulnerability

Important


Windows Runtime

CVE-2026-50345

Windows Runtime Elevation of Privilege Vulnerability

Advertisement
Important


Windows Runtime

CVE-2026-50452

Windows Runtime Elevation of Privilege Vulnerability

Important


Windows Runtime

Advertisement
CVE-2026-50486

Windows Runtime Elevation of Privilege Vulnerability

Important


Windows Runtime

CVE-2026-50503

Advertisement
Windows Runtime Elevation of Privilege Vulnerability

Important


Windows Runtime

CVE-2026-50457

Windows Runtime Elevation of Privilege Vulnerability

Advertisement
Important


Windows Runtime

CVE-2026-50385

Windows Runtime Elevation of Privilege Vulnerability

Important


Windows Runtime

Advertisement
CVE-2026-50413

Windows Runtime Elevation of Privilege Vulnerability

Important


Windows Runtime

CVE-2026-50348

Advertisement
Windows Runtime Elevation of Privilege Vulnerability

Important


Windows Runtime

CVE-2026-58527

Windows Runtime Elevation of Privilege Vulnerability

Advertisement
Important


Windows Schannel

CVE-2026-56186

Windows Secure Channel Information Disclosure Vulnerability

Important


Windows Secure Boot

Advertisement
CVE-2026-49783

Secure Boot Security Feature Bypass Vulnerability

Important


Windows Secure Kernel Mode

CVE-2026-50392

Advertisement
Windows Secure Kernel Mode Elevation of Privilege Vulnerability

Critical


Windows Secure Kernel Mode

CVE-2026-42982

Windows Secure Kernel Mode Elevation of Privilege Vulnerability

Advertisement
Critical


Windows Secure Socket Tunneling Protocol (SSTP)

CVE-2026-50694

Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability

Critical


Windows Sensor Data Service

Advertisement
CVE-2026-58619

Windows Sensor Data Service Elevation of Privilege Vulnerability

Important


Windows Sensor Data Service

CVE-2026-50367

Advertisement
Windows Sensor Data Service Elevation of Privilege Vulnerability

Important


Windows Server

CVE-2026-50311

Windows Server Elevation of Privilege Vulnerability

Advertisement
Important


Windows Server Backup

CVE-2026-50364

Windows Backup Service Elevation of Privilege Vulnerability

Important


Windows Server Network driver

Advertisement
CVE-2026-56188

Windows Server Network driver Remote Code Execution Vulnerability

Critical


Windows Server Update Service

CVE-2026-50328

Advertisement
Windows Server Update Service (WSUS) Tampering Vulnerability

Important


Windows Server Update Service

CVE-2026-50444

Windows Server Update Service (WSUS) Elevation of Privilege Vulnerability

Advertisement
Critical


Windows SMB

CVE-2026-50690

Windows SMB Information Disclosure Vulnerability

Important


Windows SMB

Advertisement
CVE-2026-58531

Windows SMB Elevation of Privilege Vulnerability

Important


Windows SMB

CVE-2026-54997

Advertisement
Windows SMB Information Disclosure Vulnerability

Important


Windows SMB

CVE-2026-49801

Windows SMB Information Disclosure Vulnerability

Advertisement
Important


Windows SMB Server

CVE-2026-56168

Windows SMB Server Denial of Service Vulnerability

Important


Windows SMB Server

Advertisement
CVE-2026-50360

Windows SMB Server Elevation of Privilege Vulnerability

Important


Windows SMB Server Network Transport Driver (srvnet.sys)

CVE-2026-57089

Advertisement
Windows SMB Server Network Transport Driver (srvnet.sys) Remote Code Execution Vulnerability

Important


Windows Spaceport.sys

CVE-2026-50298

Windows Spaceport.sys Elevation of Privilege Vulnerability

Advertisement
Important


Windows Spaceport.sys

CVE-2026-50333

Windows Spaceport.sys Elevation of Privilege Vulnerability

Important


Windows StateRepository API

Advertisement
CVE-2026-49170

Windows StateRepository API Server file Elevation of Privilege Vulnerability

Important


Windows Storage

CVE-2026-58526

Advertisement
Windows Storage Elevation of Privilege Vulnerability

Important


Windows Storage Spaces Direct

CVE-2026-50299

Windows Storage Spaces Direct Remote Code Execution Vulnerability

Advertisement
Important


Windows Storage Spaces Direct

CVE-2026-49168

Storage Spaces Direct Elevation of Privilege Vulnerability

Important


Windows Subsystem for Linux

Advertisement
CVE-2026-57973

Windows Subsystem for Linux (WSL2) Kernel Tampering Vulnerability

Important


Windows Subsystem for Linux

CVE-2026-57968

Advertisement
Windows Subsystem for Linux (WSL2) Kernel Elevation of Privilege Vulnerability

Important


Windows System

CVE-2026-50418

Windows System Secure Feature Bypass Vulnerability

Advertisement
Important


Windows TCP/IP

CVE-2026-49177

Windows TCP/IP Information Disclosure Vulnerability

Important


Windows TCP/IP

Advertisement
CVE-2026-50306

Windows TCP/IP Elevation of Privilege Vulnerability

Important


Windows TCP/IP

CVE-2026-54999

Advertisement
Windows TCP/IP Remote Code Execution Vulnerability

Critical


Windows TCP/IP

CVE-2026-50307

Windows TCP/IP Elevation of Privilege Vulnerability

Advertisement
Important


Windows Telephony Service

CVE-2026-50669

Windows Telephony Server Elevation of Privilege Vulnerability

Important


Windows Terminal

Advertisement
CVE-2026-54124

Windows Terminal Remote Code Execution Vulnerability

Important


Windows Trusted Runtime Interface Driver

CVE-2026-50350

Advertisement
Windows Trusted Runtime Interface Driver Information Disclosure Vulnerability

Important


Windows Unified Consent System

CVE-2026-50326

Windows Unified Consent System Elevation of Privilege Vulnerability

Advertisement
Important


Windows Universal Disk Format File System Driver (UDFS)

CVE-2026-49790

Windows Universal Disk Format File System Driver (UDFS) Elevation of Privilege Vulnerability

Important


Windows Universal Disk Format File System Driver (UDFS)

Advertisement
CVE-2026-50498

Windows Universal Disk Format File System Driver (UDFS) Elevation of Privilege Vulnerability

Important


Windows USB Audio Class driver (usbaudio.sys)

CVE-2026-58528

Advertisement
Windows USB Audio Class Driver Information Disclosure Vulnerability

Important


Windows USB Audio Class driver (usbaudio.sys)

CVE-2026-50453

Windows USB Audio Class Driver Information Disclosure Vulnerability

Advertisement
Important


Windows USB Audio Class driver (usbaudio.sys)

CVE-2026-49794

Windows USB Audio Class Driver Information Disclosure Vulnerability

Important


Windows USB Driver

Advertisement
CVE-2026-50321

Windows USB Driver Elevation of Privilege Vulnerability

Important


Windows USB Hub Driver

CVE-2026-50479

Advertisement
Windows USB Hub Driver Elevation of Privilege Vulnerability

Important


Windows USB Print Driver

CVE-2026-49802

Windows USB Print Driver Elevation of Privilege Vulnerability

Advertisement
Important


Windows USB Print Driver

CVE-2026-58543

Universal Print Management Service Elevation of Privilege Vulnerability

Important


Windows USB Print Driver

Advertisement
CVE-2026-49806

Windows USB Print Driver Elevation of Privilege Vulnerability

Important


Windows USB Print Driver

CVE-2026-54991

Advertisement
Windows USB Print Driver Elevation of Privilege Vulnerability

Important


Windows USB Print Driver

CVE-2026-55000

Windows USB Print Driver Elevation of Privilege Vulnerability

Advertisement
Important


Windows USB Print Driver

CVE-2026-50674

Windows USB Print Driver Elevation of Privilege Vulnerability

Important


Windows USB Print Driver

Advertisement
CVE-2026-54111

Universal Print Management Service Elevation of Privilege Vulnerability

Important


Windows USB Print Driver

CVE-2026-54996

Advertisement
Windows USB Print Driver Elevation of Privilege Vulnerability

Important


Windows USB Video Driver

CVE-2026-49804

Windows USB Video Driver Elevation of Privilege Vulnerability

Advertisement
Important


Windows User Interface Core

CVE-2026-50454

Windows User Interface Core Elevation of Privilege Vulnerability

Important


Windows Virtual Filtering Platform (VFP)

Advertisement
CVE-2026-50432

Window Virtual Filtering Platform (VFP) Denial of Service Vulnerability

Important


Windows VMSwitch

CVE-2026-57092

Advertisement
Microsoft Windows VMSwitch Elevation of Privilege Vulnerability

Critical


Windows WalletService

CVE-2026-49176

Windows WalletService Elevation of Privilege Vulnerability

Advertisement
Important


Windows Web Proxy Auto-Discovery Protocol (WPAD)

CVE-2026-49800

Windows Web Proxy Auto-Discovery Protocol (WPAD) Elevation of Privilege Vulnerability

Important


Windows Web Proxy Auto-Discovery Protocol (WPAD)

Advertisement
CVE-2026-50480

Windows Web Proxy Auto-Discovery Protocol (WPAD) Elevation of Privilege Vulnerability

Important


Windows WebView

CVE-2026-56173

Advertisement
Windows WebView Elevation of Privilege Vulnerability

Important


Windows Win32K

CVE-2026-49805

Win32k Elevation of Privilege Vulnerability

Advertisement
Important


Windows Win32K

CVE-2026-57095

Win32k Elevation of Privilege Vulnerability

Important


Windows Win32K

Advertisement
CVE-2026-50416

Win32k Information Disclosure Vulnerability

Important


Windows Win32K

CVE-2026-56184

Advertisement
Win32k Information Disclosure Vulnerability

Important


Windows Win32K

CVE-2026-50489

Win32k Elevation of Privilege Vulnerability

Advertisement
Important


Windows Win32K

CVE-2026-54986

Windows Win32k Elevation of Privilege Vulnerability

Important


Windows Win32K

Advertisement
CVE-2026-58632

Windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability

Important


Windows Win32K

CVE-2026-50325

Advertisement
Win32k Elevation of Privilege Vulnerability

Important


Windows Win32K

CVE-2026-50297

Win32k Elevation of Privilege Vulnerability

Advertisement
Important


Windows Win32K

CVE-2026-54114

Windows Win32k Elevation of Privilege Vulnerability

Important


Windows Win32K

Advertisement
CVE-2026-54107

Windows Win32k Elevation of Privilege Vulnerability

Important


Windows Win32K

CVE-2026-54112

Advertisement
Windows Win32k Elevation of Privilege Vulnerability

Important


Windows Win32K – GRFX

CVE-2026-56176

Windows Win32k Elevation of Privilege Vulnerability

Advertisement
Important


Windows Wireless Networking

CVE-2026-58628

Windows Wireless Network Manager Elevation of Privilege Vulnerability

Important


Windows Wireless Wide Area Network Service

Advertisement
CVE-2026-50450

Windows Network Connections Service Elevation of Privilege Vulnerability

Important


Windows Wireless Wide Area Network Service

CVE-2026-50509

Advertisement
Wireless Wide Area Network Service (WwanSvc) Elevation of Privilege Vulnerability

Important


Source link

Continue Reading

Tech

Microsoft releases Windows 10 KB5099539 extended security update

Published

on

Windows 10

Microsoft has released the Windows 10 KB5099539 extended security update, which includes the July 2026 Patch Tuesday security updates for 570 vulnerabilities, along with additional security fixes.

Initially, Microsoft only offered consumers one year of extended security updates. However, last month, Microsoft quietly extended its free Windows 10 Extended Security Updates (ESU) program for consumers by an additional year, allowing enrolled devices to receives security updates until October 12, 2027.

If you are running Windows 10 Enterprise LTSC or are enrolled in the ESU program, you can install this update like normal by going into Settings, clicking on Windows Update, and manually performing a ‘Check for Updates.’

image
Windows 10 KB5099539 update
Windows 10 KB5099539 update
Source: BleepingComputer

After installing this update, Windows 10 will be updated to build 19045.7548, and Windows 10 Enterprise LTSC 2021 will be updated to build 19044.7548.

What’s new in Windows 10 KB5099539

Microsoft is no longer releasing new features for Windows 10, and the KB5099539 update primarily contains security updates and bug fixes.

Advertisement

The update also includes fixes released as part of today’s record-breaking July 2026 Patch Tuesday, which fixed a record-breaking 570 vulnerabilities, including two exploited and one publicly disclosed zero-day flaws.

The complete list of fixes in KB5099539 is listed below:

  • [OLE Automation (known issue)] Fixed: Addresses a compatibility issue in OLE Automation (oleaut32.dll) that was introduced by the June 2026 security update. Some applications that use the IDispatch::Invoke method to call COM methods with BYREF parameters that share the same underlying storage might fail. These failures can include parameter marshaling errors or automation call failures. This update corrects how parameter ownership is managed and restores expected application behavior.

  • [File Explorer (known issue)] Fixed: An issue where the OneDrive shortcut in File Explorer stops working when File Explorer is run with administrative mode.

  • Advertisement
  • [Recycle Bin (known issue)] Fixed: This update addresses an issue where the confirmation dialog might display an internal Recycle Bin file name instead of the original file name when permanently deleting a file.

  • [Input] This update changes hotkey unregister and cleanup behavior. In rare cases, some built-in Windows experiences that rely on previous hotkey lifecycle behavior might temporarily stop responding to certain keyboard shortcuts. This issue can typically be resolved by restarting the app affected. If the issue is not resolved, report it through the Feedback Hub.

  • [Secure Boot]


    • This update enables dynamic status reporting for Secure Boot states in Windows Security App.
    • This update includes additional high confidence device targeting data, increasing coverage of devices eligible to automatically receive new Secure Boot certificates. Certificate deployment via Windows updates continues across supported PCs and non-managed business devices in the coming months.
  • [Networking] This update introduces a security hardening change that enforces TDI transport registration requirements. As a result, applications that use sockets over unregistered third-party TDI transports might stop working after installing this update. Registered TDI transports are not affected. For more information, see Third-party TDI transports might stop working after installing Windows security updates released on or after July 14, 2026.

  • Advertisement
  • [Remote Desktop (RDP) Security] Support for SHA-2 certificate thumbprints has been added for trusted RDP publishers, with SHA-1 support retained only for backward compatibility and planned for future removal. New guidance is available for managing RDP file security through Group Policy to help organizations reduce phishing risks by controlling which .rdp files users can open. We recommend IT administrators migrate to SHA-256 thumbprints or a stronger algorithm as soon as possible to avoid disruption.

Microsoft also warns that an intentional security hardening change that enforces TDI transport registration requirements may impact legacy applications that rely on unregistered third-party TDI transports.

Windows users can determine whether they are affected by checking the Windows System event log in Event Viewer for AFD Event ID 16003 entries.

“To determine if you have a TDI transport that is affected by this change, check the Windows System event logs in Event Viewer > Windows > System,” Microsoft explains.

“If you find an AFD Event ID: 16003 ‘An unregistered TDI provider (\Driver) was detected’, then your TDI transport is affected by this change.”

Advertisement

Otherwise, Microsoft says there are no known issues with this update.


article image

Security teams log 54% of successful attacks and alert on just 14%. The rest move through your environment unseen.

The Picus whitepaper shows how breach and attack simulation tests your SIEM and EDR rules so threats stop slipping by detection.

Get the whitepaper

Source link

Advertisement
Continue Reading

Tech

OpenAI’s first hardware device will be a HomePod

Published

on

The description for OpenAI’s first hardware device suggests it will be a speaker that can wiggle around a bit while it reads your email, so a HomePod, but more annoying and privacy-invasive.

Just moments after OpenAI shared an empty statement on Apple’s trade secret lawsuit, new information was shared about the company’s upcoming hardware. While it offered no public comment, internally it wants everyone to believe it is a completely unique product.

The newly leaked information comes from Bloomberg, which shares that the first OpenAI hardware product will be a smart speaker. It will have motorized moving parts, a rechargeable battery, and act as a companion to the user.

It is rumored to be the first of five potential hardware products that OpenAI is working on. The device could be revealed later in 2026 and ship in early 2027 as long as Apple’s lawsuit doesn’t stop its release.

Advertisement

OpenAI believes that it’s so unique it couldn’t possibly be seen as a copy of anything Apple ships today.

We don’t talk about HomePod

The supposed speaker device will have a unique design, lack a display, but it will have a camera for processing its surroundings. It will utilize ChatGPT Live and have the ability to parse user speech even as it provides an answer.

Cartoonish yellow potted plant with big eyes on a wooden desk, surrounded by books, a pencil holder with colorful pencils, a white clock, and a green vase against a pink wall

Nintendo already makes a product that randomly talks and is overly nice to you

OpenAI also hopes that the product can be proactive and speak without being prompted. If I’ve learned anything about technology, it’s that people hate it when products speak on their own.

Advertisement

Ask anyone that bought Nintendo’s Talking Flower, or perhaps someone who owned a Furby.

The product is meant to connect on a “humanlike” level with users, learn from user data, and feel like a companion.

Frankly, I’m tired of this desire to anthropomorphize AI chatbots. They can’t think, they can’t reason, they don’t hear, or speak, or any of those things.

In any case, this certainly sounds a lot like a HomePod, or perhaps the future Apple Home Hub tablet that will ship with an AI-powered mechanical arm.

Advertisement
Small smart speaker with a square screen showing colorful streaming app icons including Apple TV, Netflix, YouTube, and CBS, sitting on a white surface beside a green leafy plant

The Apple Home Hub is expected to be announced at any time

It seems OpenAI wants this product to act as a kind of home for ChatGPT. Apple pitched the HomePod the same way when it was first announced — a home for Siri.

The parallels couldn’t be more obvious. And given that Jony Ive is behind the product’s design, I’m not sure how this will release without resembling an Apple product.

With only a couple of years of runway left before OpenAI’s cash starts to run out, it seems odd to bet everything on a technology most people probably already have in their homes. Amazon and Google just upgraded their range of smart speakers with AI capabilities, and Siri is getting a significant upgrade later in the fall.

Advertisement

What Apple has that these other companies don’t is user trust with private data. OpenAI needs a way to get access to users’ apps and email, while everyone’s iPhone already has it, privately.

Frankly, if a smart speaker that can wiggle and read your emails is all OpenAI has got after poaching 400 Apple employees, it is in trouble. Perhaps that supposed iPhone killer that’s expected by 2028 will turn things around.

Source link

Advertisement
Continue Reading

Tech

It’s hot out there, but please stop putting your warm phones in the fridge

Published

on

Every summer, social media rediscovers the same “life hack”: if your phone gets too hot, stick it in the fridge for a few minutes. It sounds logical. Refrigerators are cold. Phones are hot. Problem solved. Except it isn’t. Repair technicians, smartphone manufacturers, and safety experts all agree this is one of the worst things you can do to an overheating phone. While the trick might cool the exterior temporarily, it can quietly create a much bigger problem inside the device – one that could permanently damage components or shorten the life of its battery.

According to a new BBC report, the latest warning comes from a UK phone repair shop, but it’s one experts have been repeating for years.

Your phone isn’t overheating because it needs a fridge

According to a report by the BBC, Jamie Farnell, who runs Shropshire Phone Repairs in Wem, says his shop has been inundated with devices suffering heat-related issues during the recent heatwave. Many customers admitted they had tried cooling their phones by putting them inside a fridge or freezer after seeing the advice circulate on social media.

Farnell says that’s exactly what people shouldn’t do. The problem isn’t the cold itself – it’s what happens when a warm electronic device is exposed to a cold, humid environment. Rapid temperature changes create condensation, allowing moisture to form inside the phone. Unlike the water you might notice on the outside of a cold drink, condensation inside a smartphone can reach the display, charging port, logic board, or battery connectors. That moisture can lead to corrosion, short circuits, or expensive repairs.

Farnell also pointed out another familiar internet myth that refuses to die: putting wet phones in rice. He says that trick is just as ineffective as the refrigerator hack, despite both continuing to circulate widely online. The warning comes after an alarming incident at his repair shop, where an iPad with a swollen lithium battery reportedly burst into flames during June’s heatwave. Swollen batteries are often a sign of excessive heat stress and should never be ignored.

Advertisement

Apple and Samsung say the same thing: let the phone cool naturally

This isn’t simply one repair technician’s opinion. Apple says iPhones are designed to protect themselves when they become too hot by dimming the display, slowing charging, reducing performance, or temporarily disabling certain features until temperatures return to normal. The company’s advice is straightforward: move the phone to a cooler environment out of direct sunlight and allow it to cool naturally. Apple does not recommend exposing the device to sudden temperature extremes.

Samsung offers similar guidance for Galaxy devices. If a phone displays a “Device cooling down” warning, users should stop using it, unplug it from charging, remove any protective case, close background apps, and simply let it cool on its own. The phone automatically reduces performance and pauses charging to protect its internal components while it sheds heat.

Even the Associated Press, citing guidance from Apple, Samsung, Google and UK electronics retailer Currys during last summer’s heatwave, warned against placing phones in refrigerators or freezers because of condensation risks. If your phone genuinely feels too hot to hold, there are safer ways to help it recover. Turn it off if possible, remove the charging cable, close demanding apps, lower the screen brightness, take off thick protective cases, and keep it somewhere shaded with good airflow. Avoid charging while gaming or recording long videos, especially in direct sunlight.

Modern smartphones already contain sophisticated thermal management systems designed to slow themselves down before permanent damage occurs. The temporary performance hit may be annoying, but it’s considerably cheaper than replacing a moisture-damaged motherboard. As tempting as the refrigerator trick may seem during a heatwave, your phone doesn’t need a blast of cold air. It just needs a little patience.

Advertisement

Source link

Continue Reading

Tech

LaserPecker LX2 review: Specs, Features, Price

Published

on

The LaserPecker LX2 is an enclosed desktop laser cutter with swappable modules that bridges hobbyist and small-business laser work. Its sticker price is intimidating, but it’s a useful tool for those who buy it.

A laser cutter was once an industrial machine that needed a dedicated workshop. That has changed.

Desktop models now bring real cutting power to a home office or studio. The LaserPecker LX2 is one of the more ambitious of these.

It is a fully enclosed system with a large work area. The laser heads are interchangeable, so one machine grows with the user’s needs.

Advertisement

LaserPecker LX2 review: Specifications

Product LaserPecker LX2 Laser Cutter
Starting price $1,649 (20W bundle); up to $2,999 (40W with extras)
Laser modules 20W diode, 40W diode, 2W IR; 60W diode coming soon
Module swap Tool-free wedge-lock, swappable in seconds
Working area 19.7 by 12 inches (500 by 305 mm)
Max working speed 1,000 mm/s at 10,000 mm/s^2 acceleration
Positioning precision 0.01 mm
Engraving accuracy 0.01 mm or better
Engraving density 10 to 300 dpi
Camera 12MP overhead with point-to-shape positioning
Max processing height 45 mm standard, 150 mm with optional riser base
Max rotary diameter 130 mm (requires optional riser base)
Cutting depth (40W) 22 mm paulownia, 19 mm cherry, 20 mm acrylic, 0.5 mm steel
Supported materials Wood, acrylic, leather, glass, stone, metals, and more
Connectivity USB and Wi-Fi, offline operation supported
Main unit size 30.7 by 24 by 11.1 inches
Main unit weight 49.6 pounds
Input power 24V, 10A, 240W
Safety certification CE, RoHS, FCC, FDA, and others; Class 1 enclosure

LaserPecker LX2 review: Design and safety

The LX2 is a large, fully enclosed unit weighing 49.6 pounds. It is built to sit on a workbench rather than be carried around.

The enclosure is the key safety feature. It is Class 1 certified, so it runs safely without you needing to wear separate laser goggles.

Desktop LaserPecker laser engraver with white body, dark top, and yellow-tinted viewing window, sitting on a wooden surface in a workshop or maker space

LaserPecker LX2 review: The yellow screen protects your eyes from the laser.

LaserPecker lists a nine-layer protection system. This covers overheat detection, smoke and flame sensors, an emergency stop, and a lock.

Advertisement

Dual-door access, on the front and side, makes loading materials easier. A removable base tray catches debris and ash for cleaning.

It ships in 20W and 40W diode versions, plus a 2W infrared option, with each module swappable.

LaserPecker LX2 review: Inside the box

The LX2 arrived in a large, incredibly well-packed box from the manufacturer. This box is large and heavy, so I recommend using a team lift approach if at all possible.

I didn’t. Learn from my mistakes and the sore shoulder I lived with for two days after getting it into my home.

Advertisement

Inside the box, LaserPecker includes:

  • LX2 Main Unit
  • AC Power Adapter
  • Laser Module 20w or 40w (depending on your choice at purchase)
  • Smoke Exhaust Pipe
  • Slats x4
  • USB-A to USB-C Cable (1.5m)
  • Safety Key x2
  • Sample Material Pack
  • Tool Box
  • User Manual

LaserPecker LX2 review: Build quality

Out of the box, one fact is abundantly clear: From a hardware standpoint, the LaserPecker LX2 is phenomenally well made.

Every piece and part is machined and precise.

Interior of a laser cutter showing a 40W laser head, cable chain, and large empty black workbed under bright lighting

LaserPecker LX2 review: The platform for engraving.

My previous experience with LaserPecker products set a level of expectation for the LX2 before it arrived. LaserPecker actually surpassed those expectations.

Advertisement

This hardware is next level in quality.

Nothing about the LaserPecker LX2 feels cheap or budgeted for budget’s sake. Every single detail on the hardware just works, meaning the LaserPecker LX2 feels like another huge step forward on LaserPecker’s path of quality.

The software is another story.

LaserPecker LX2 review: Setting up the LX2 App

Unboxing and setting up the LaserPecker LX2 takes time. It is not a painful process at all on the hardware side, but it is not fast.

Advertisement

The components are clearly marked, and the assembly instructions are very clear, with LaserPecker quite literally including all the tools needed to assemble the LaserPecker LX2.

I had the enclosure, rails, base plate, optional riser base, and the laser module assembled and on my work table in less than 20 minutes.

I also pre-attached the exhaust pipe and set up the optional smoke purifier unit next to the LX2. The exhaust pipe included with the smoke purifier was set to exit under the stove hood in my kitchen.

If you plan to purchase the optional riser base, know that you will need to lift the LX2 onto the riser base. This is much easier with two people.

Advertisement

LaserPecker LX2 review: The LaserPecker Design Space, software, and Mac compatibility

The LX2 runs on LaserPecker’s own Design Space software.

Hardware assembly was a smooth process, but once again, the LaserPecker Design Space app remains lacking compared to the quality of the LX2.

The LaserPecker LX2 connects via wired USB cable and Wi-Fi network.

But to enable the Wi-Fi function, you must connect the laser unit to your Mac or PC via USB-A to USB-C first with the provided cable. You also have to initialize it through the macOS LaserPecker Design Space app Beta, downloadable from the LaserPecker website.

Advertisement

The Beta version is here specifically for the LX2.

Previous versions of the instructions for using the app to connect to Wi-Fi were lacking. This time, the new version does well here.

Where the app falls down again is the lack of refinement in the process.

For example, updating the firmware begins normally and displays a progress bar up to 25%. But then the bar disappears, and the process does not show any visual progress or signal failure, nor completion.

Advertisement

The only way to know is to allow the process to run for (in my approach) 15 minutes, power down the unit, close the app, and then power everything on again. All of this to see if I was then running the current firmware.

It isn’t the end of the world, but it is annoying.

Interior of a desktop laser cutter viewed through yellow safety cover, showing a 40W laser head on rails above a patterned metal work surface with caution label on the frame

LaserPecker LX2 review: A 40W module is installed, but it can take up to 60W.

Connecting to Wi-Fi nearly drove me to abort the entire process.

Advertisement

Every time I attempted the direct USB cable connection method detailed in the manual, I received an error message.

Exhaustive attempts and borderline witchcraft were performed, booting up the unit and the app in different orders. After changing cables too many times and holding my breath, I could never get the unit on the Wi-fi this way.

I then downloaded the mobile app and tried again. Only the process is tedious and not what I would call polished at all.

To connect via mobile app, the LX2 acts as a temporary hot spot to process the information on the Wi-Fi network to the LX2. If you receive an error, you have to restart everything, power it down, and try again.

Advertisement

This process took five attempts, but it eventually worked, and I connected the LX2 to my Wi-fi network. It has been solid ever since.

The LaserPecker Design Space app does not feel like a macOS application, but rather an 85 percent port over from Windows. In my research on LaserPecker, this seems to be consistent.

On the upside, this version of the app has improved, and I hope that LaserPecker puts time and resources into refining the app moving forward.

The company also lists compatibility with LightBurn, the industry-standard third-party laser application.

Advertisement

LightBurn support is significant for Mac users. It runs natively on macOS, giving Mac owners a professional way to drive it.

For Apple users, Mac-native LightBurn and Wi-Fi control make the LX2 a practical fit. It does not depend on a Windows-only toolchain, a common frustration in this class.

LaserPecker LX2 review: The modular laser system

The defining feature of the LX2 is its swappable laser modules. A tool-free wedge-lock system lets users change heads in seconds.

The 20W diode module suits high-detail engraving work. The 40W module is the heavier cutter, handling thicker materials and having a faster throughput.

Advertisement

A 2W infrared module is also available separately. It is built for metal, using a different wavelength to mark gold and silver.

LaserPecker lists a 60W diode module as coming soon. That indicates buyers can expand power later without replacing the base machine.

The modular approach is the LX2’s main argument. One enclosure and motion system can serve several very different jobs as needs change.

LaserPecker LX2 review: Module swaps and alignment

LaserPecker provided me with both the 20W and 40W laser modules for testing, and the swapping process is exactly as advertised. It is smooth, quick, and painless.

Advertisement

Calibration and alignment is handled through the app. It requires a few clicks and less than a minute to be up and running.

LaserPecker LX2 review: Performance and precision

LaserPecker rates the LX2’s engraving capability at up to 1,000 mm/s, with 10,000 mm/s^2 acceleration. An industrial dual Y-axis and linear guide system keeps that speed stable.

The 40W module is the cutting workhorse. LaserPecker lists single-pass cuts up to 22 mm in paulownia, a type of hardwood tree, and 20 mm in acrylic.

Positioning is handled by a 12MP overhead camera with point-to-shape alignment. A 3D auto-focus system scans the surface and adjusts height as it works.

Advertisement

That curved-surface capability is notable. The laser stays focused across uneven or rounded objects, not just flat stock.

For testing purposes, I chose pieces of my own artwork that have details and variable line widths for engraving tests.

For the best results, SVG files are recommended, so that is what I created.

To begin, I work in Adobe Photoshop with a digital pen display to create illustrations at a high resolution. From here, I can save a high-resolution TIFF file that I open in Adobe Illustrator as a raster image, and convert the line art to vector with the image trace feature in Illustrator.

Advertisement

This gives me clear vector lines I can convert to an SVG file that drops directly into the LaserPecker Design Space app with no issues at all. From there, I clicked the live camera preview inside the enclosure, dropped my balsa wood board, aligned the art where I wanted to engrave, and started the process.

From there, I clicked the live camera preview inside the enclosure, dropped my balsa wood board, aligned the art where I wanted to engrave, and started the process.

Before printing, there is a safety check that requires you to push the main function button on the LX2 to begin. I like this redundancy to ensure no hands or objects are inside the laser space.

The app delivers a live feed of the process and a countdown timer to completion.

Advertisement
Two engraved fantasy art prints: left, an armored adventurer with a chest for a head captioned

LaserPecker LX2 review: Test engravings

I recommend purchasing a few flat, heavy magnets to hold the material in place away from the laser area. The motion of the laser arm can rock the unit slightly on large prints and move the placement of light materials like thin balsa wood.

The end result of my tests are two of the best engravings I have ever seen from a unit like this. The details are outstanding and I know I have not scratched the surface of what is possible with the unit.

The options are staggering, and when you include the optional accessories like the rotary extension for different engravings and materials, my imagination is burning with ideas.

Advertisement

What I really love about the LaserPecker app (despite the initial connection issues) is the array of design and production features it offers for new and experienced designers.

LaserPecker seems to understand that not every user will have access to art programs, or have a deep understanding of how to use them. The app’s design space includes basic tools for adding text, drawing shapes, and pen and line/shape tools to prevent shaky hand-drawn lines when using a mouse and keyboard.

The app also has a series of filters and tracing options for images imported into the design space, to create functional line and engraving-ready pieces for use.

For now, these filters and tracing options are not as robust as a digital art program like Adobe Illustrator, but they do work with a little bit of finessing. The better the contrast on the image, the better the end results using the app’s filters and tracing.

Advertisement

One of the novelty features in the app is a Puzzle setting that allows you to create a puzzle piece grid of cut lines that you can drop on the work surface. All to quickly create your own custom puzzles.

The batch printing feature is brilliant as well.

It utilizes the LX2 camera and auto-focus features to set a parameter on a single piece, and then recreate that engraving on multiple pieces regardless of their placement or angle on the work surface. I intend to get use out of this in the future by creating a series of custom tokens for board games and role-playing games.

With all of the features, I am very happy with the results of each print I create with the LX2, and I am excited to make more.

Advertisement

Where things fall down for the production and quality of life for the LX2 is the amount of fumes and smoke generated.

The enclosure does a fair job of working the smoke away from the work area. But if you have a small workspace or plan to use the LX2 in an apartment like I am, I cannot recommend purchasing the smaller Smart Air Assist enough.

It is a smaller unit that regulates how much smoke is present in the enclosure and works to keep it under control. It is $160 and it is vital with your initial purchase.

However, if you have the budget, I strongly recommend the Smoke Purifier accessory.

Advertisement

LaserPecker LX2 review: The smoke purifier accessory

Laser cutting and engraving produce smoke and fine particles. For an enclosed desktop unit used indoors, extraction matters.

LaserPecker sells a matching desktop smoke purifier for the LX2. It is a filtration unit that sits alongside the machine and clears the air.

The purifier uses a multi-stage filtration system. A HEPA filter handles fine particles, with activated carbon for odors and gases.

White LaserPecker machine with black top, digital control panel, and vents connected by flexible gray ducts, sitting on a wooden surface against a beige wall.

LaserPecker LX2 review: Filtration is essential.

Advertisement

LaserPecker rates it at capturing 99.97% of particles down to 0.3 microns. It also lists noise at around 61 decibels, with filter-life reminders and a timer.

For anyone running the LX2 indoors, the purifier is close to essential. Venting smoke from frequent cutting is not optional.

The smoke purifier is not quiet at all. This unit is powerful, and it does the job very, very well, but you will have to contend with the exhaust noise.

LaserPecker LX2 review: Powerful and flexible, with caveats

The LaserPecker LX2 packs serious capability into a desktop footprint. The enclosed design and swappable modules make it far more versatile than a portable engraver.

Advertisement

The modular system is its strongest argument. It scales from 20W through 40W and IR, with a 60W module to come.

The cautions are around polish rather than power.

There has been talk online of inconsistent positioning and false probe warnings, which read as firmware issues. But in all of my testing, I did not encounter this issue at all.

For Apple users, the LX2 avoids the usual trap. Mac-native LightBurn support slots it into an Apple workflow cleanly, unlike many competing cutters.

Advertisement

Despite the frustrating initial connectivity, the LaserPecker Design Space app handles job management and output well.

My issues come down to software problems that need to be addressed, and the staggering cost for the LX2 and accessories.

This is a unit for hardcore hobbyists or creators looking to start a small business or Etsy shop. This is a large investment when the smoke purifier, accessories, and materials are factored in.

Consumers should keep this in mind when considering the LX2.

Advertisement

The LX2 is a good machine, and I recommend it. Just be prepared for initial setup struggles and a high out-of-pocket cost.

LaserPecker LX2 Pros

  • Swappable modules from 20W up to a future 60W
  • Large enclosed work area with Class 1 safety
  • Mac-native LightBurn software support
  • Outstanding detail work

LaserPecker LX2 Cons

  • Gets expensive once modules and extras are added
  • Heavy and large for a desktop machine

Rating: 4 out of 5

Where to buy the LaserPecker LX2

The LaserPecker LX2 is available in a range of packages. The 20W Standard Bundle from LaserPecker’s website, including the 20W laser module, Smart Air Assist, Slats, and a Fire Extinguisher is $1,499, discounted from $1,999.

On Amazon, the LaserPecker LX2 Basic Bundle is $1,499 for 20W, down from $1,649, while the 40W version is $1,799, down from $2,149.

Source link

Advertisement
Continue Reading

Tech

Google Cloud’s VMware service loses resilience due to a dud update

Published

on

Virtualization

As VMware itself warns of critical flaw in its load balancer

Google Cloud has admitted it made a configuration change that means some customers of its VMware Engine (GCVE) can’t use stretched cluster.

A G-Cloud incident report time-stamped 13:24 PDT on July 14 (21:24 UTC) reports some customers “are experiencing zonal outages impacting network connectivity across multiple regions” and that the trouble started at 10:00 PDT.

Advertisement

Google first attributed the problem to “an underlying network connectivity issue affecting the infrastructure that links the zones within a stretch cluster,” and warned “This disruption is causing synchronization issues between the affected zones.”

Storage and compute services weren’t impacted, and VMs kept running. Users just couldn’t reach their virtual servers.

That’s bad because the whole point of stretched clusters is to enhance resilience by creating a virtual pool of resources that spans two physical sites, while keeping the two rigs in synch to enable rapid failover without disruption.

Google’s next update offered “underlying inter-zone communication failures and Border Gateway Protocol (BGP) session flapping between cluster zones” as the reason for the mess, adding “Specifically, network connectivity has been lost between the affected zones and the witness appliance. Because the witness appliance is currently unreachable, the cluster zones are unable to safely synchronize state.”

Advertisement

At 16:05 PDT Google ‘fessed up.

“Our investigation has identified a recent configuration update that is the likely cause of the inter-zone network disruption,” the web giant admitted. “Teams are working on remediation.”

Google hasn’t said when it will set things right, so customers in the impacted regions – australia-southeast1, australia-southeast2, europe-west3, and northamerica-northeast2 – must wait to learn when they’ll once again enjoy the resilience they pay for.

Other VMware customers may not want to wait because the Broadcom business unit on Tuesday warned of seven flaws in its VMware Avi Load Balancer. One of them, CVE-2026-47865, is an authentication bypass vulnerability that earned a CVSS score of 9.8.

Advertisement

The product’s name is a little misleading, as it’s actually a full Application Delivery Controller that includes load balancing and a Web Application Firewall

VMware hasn’t said much about the flaw other than warning “A malicious user with network access may be able to access the Avi Control plane by bypassing the authentication mechanism.” The tool works with VMware’s Cloud Foundation bundle, Kubernetes Service, and can connect resources in public clouds. Unauthorized access is therefore distinctly undesirable.

The five remaining CVEs are also significant, with CVSS ratings ranging from 8.8 to 7.1. Broadcom has fixed the flaws in recent updates to the product. ®

Source link

Advertisement
Continue Reading

Tech

X Square Robot’s Open-Source Embodied AI Stack

Published

on

This article is brought to you by X Square Robot.

Large language models gave artificial intelligence a working recipe. Pretrain a large model on broad data, and general capability follows. Robotics has no such recipe. Robotics systems have long been assembled from separate perception, planning, and control parts that rarely add up to intelligence a robot can carry from one task to another, or one machine to another. The central problem in embodied AI is to find the equivalent recipe, and the field does not yet agree on what it is.

X Square Robot, a Chinese embodied-AI company, has made an unusually explicit bet. It argues that the recipe is an integrated stack, spanning the data a robot learns from, a world model for predicting changes in the physical world, and an action model that brings together perception, planning, reasoning, and decision-making to generate executable robot behavior. The company also believes that the stack should be built and released in the open.

X Square Robot shares its vision of bringing robots into real homes.X Square Robot

Advertisement

X Square Robot’s embodied AI stack

What holds the stack together is a small set of principles rather than a single overarching model.

  • The first is that the basic unit of robot data is an interaction, not a trajectory; a demonstration is successful only if it changes the world as intended, not simply because the joints moved.
  • The second is that pretraining should yield usable capability, not just an initialization for later fine-tuning.
  • The third is that behavior should be modeled around physical events rather than fixed slices of time.

These principles make the layers interdependent, since the same robot-free data that trains the action model is also structured to feed the world model. It is worth being precise, though. The company describes the world model and the action model as complementary but independent model families that share a code base. Both sit within its broader World Unified Model, which it has presented as an architecture for training vision, language, action, and physical prediction together.

Robot learning data: Engineering for quality and cost, not scale

For the X Square Robot team, one of the biggest constraints on general-purpose robots is the cost and quality of interaction data, not the number of parameters. To address that, the company built its Universal Manipulation Interface (UMI) data collection system, QUANXTA Zero Series. It works by collecting demonstrations from people wearing a rig with dual grippers rather than teleoperating a robot. This approach is not itself new, and builds on established methods for robot-free data capture. What sets it apart are two engineering choices.

The first is quality control, and it is the most distinctive part. Rather than accepting recorded trajectories as they are, the system runs a closed inspection loop, and its notable step is physical playback. A sample of trajectories is replayed on the real robot, and only those that actually complete the task count as valid. That makes the validity rate a measured quantity rather than an assumption. For example, a gripper that closes a fraction of a second too early still looks like a grasp in the data, yet it has pushed the object away, so it shouldn’t be classified as valid. A smaller clean dataset can be worth more than a larger noisy one.

The second choice is how lower-cost human data and scarce robot data are combined. The company pretrains on a large volume of robot-free demonstrations to build general representations, then adds a small amount of real-robot data as an anchor to the specific machine’s dynamics. It reports that this reaches performance comparable to an all-robot dataset at roughly a 20-fold lower cost of collection, driven mainly by how much cheaper the wearable rig is than a teleoperation setup.

Advertisement

The resulting dataset is deliberately model-agnostic, formatted to feed both action models and world models. The caveat is that the strongest results are measured on the company’s own robots and data-collection pipelines. Broader independent testing will help confirm and extend these promising results across a wider range of settings.

A world model organized around events

In developing its world model, called WALL-WM, X Square Robot took a differentiated approach. Most action models predict a fixed-length chunk of motion from the current image and instruction. That is convenient, but it segments behavior into fixed-duration windows, so the boundaries fall where elapsed time dictates rather than where one action ends and the next begins. WALL-WM instead treats an action-grounded semantic event as its unit: a coherent piece of behavior such as reaching, grasping, or placing, something that can be named in language, seen in video, and executed as motion.

WALL-WM’s design reflects a specific concern about not discarding what large video models already know. To achieve that, a text-to-video model is coupled to a freshly initialized action network that reads from the video features without overwriting them, which preserves the visual prior. From that one process, it offers two modes. An event mode runs in variable-length segments and suits reasoning over long horizons, while a fixed-length mode produces the steady, real-time output a controller needs. That places WALL-WM between mainstream chunk-based action models and pure video world models, keeping the predictive character of a world model while still yielding executable control.

In a series of experiments, the company relied on a generalization test that is more specific than most. A model trained on a limited dataset was evaluated on long-horizon tasks in unseen settings and, on the company’s real-robot benchmark, reportedly outscored baselines that had been fine-tuned on related data. That is a meaningful result if it holds. For now, it is measured on the company’s own benchmark. With the code now being released, the broader community will have the opportunity to test, reproduce, and build on them across more settings.

Advertisement

A policy that runs before fine-tuning, and action tokens with meaning

The action layer carries two connected ideas. The first is a requirement the company sets for itself with Wall-OSS-0.5, its vision-language-action model: The pretrained model should run on a real robot before any task-specific fine-tuning.

The interest is less in the scores than in the design behind them. The model trains three objectives together, namely discrete action tokens, language grounding, and continuous action generation. And it keeps gradients flowing through all of them rather than freezing parts of the network as some rival designs do. It’s also a more strict method, since it reports untuned behavior such as approaching, grasping, and recovering, including on a deformable task held out of training.

The second idea is the action interface itself, called X-Tokenizer. Most systems that turn continuous motion into discrete tokens produce codes that the language model cannot interpret. X-Tokenizer reframes tokenization as learning a semantic interface, so that the top-level code stands for the intent of a motion while lower-level codes carry finer detail, all aligned with the language model’s own features.

A useful consequence is stability. Adding noise to an action barely moves the intent code, which is what lets one tokenizer to be reused across robots without re-tuning. The tokenizer inside the production action model is a related variant of this approach. Together, the two ideas give the action layer something rather powerful: capability that transfers.

Advertisement

The future of embodied AI stacks

X Square Robot is betting that its unique approach combining three layers, each specialized in solving a key part of the problem, will stand out from other embodied AI stacks. The physical-playback step that grounds data quality is uncommon and sensible. The reframing of world modeling around events, with one backbone serving both reasoning and control, is a genuinely distinct approach. And the pairing of a deployable pretraining standard with a tokenizer designed as a semantic interface gives the action layer unusual coherence.

X Square Robot’s valuation has climbed above 20 billion yuan (about US $2.9 billion), suggesting that investors increasingly view data infrastructure, foundation models, and scalable training systems as long-term differentiators in embodied AI.

The next phase will bring broader validation. Much of the current evidence comes from X Square’s own robots and benchmarks. With the world model code now being made public, and as the community begins to test, reproduce, and build on the work, the reported capabilities will be tested across more robots, tasks, and settings.

X Square Robot’s recent funding rounds reflect similar confidence. The company’s valuation has climbed above 20 billion yuan (about US $2.9 billion), suggesting that investors increasingly view data infrastructure, foundation models, and scalable training systems as long-term differentiators in embodied AI.

Advertisement

What’s next for X Square Robot

To learn more about its future plans, the following Q&A with the X Square Robot team further explores the company’s technology, strategy, and vision.

What made now the right moment, technically, to commit to this stack? What recently became possible that wasn’t possible a couple of years ago?

It is not one breakthrough but several trends maturing together. Foundation models gave us a shared representation across vision, language, and action, so we can model what a robot sees, what it is asked to do, and how its actions change the world in one framework, rather than as separate perception, planning, and control modules.

Compute and infrastructure are finally sufficient for large-scale pretraining over long-horizon, multi-embodiment data. Just as importantly, we realized that data, not model size, is the real bottleneck for general robots—what is scarce is diverse, high-quality, reproducible interaction data. And world modeling has become practical. The useful question is no longer how to predict a few seconds of video, but how to understand the ways actions change objects, contacts, and task states. Two years ago these ingredients existed separately. Today they are mature enough to work as one system.

Advertisement

“We realized that data, not model size, is the real bottleneck for general robots—what is scarce is diverse, high-quality, reproducible interaction data. And world modeling has become practical.”

Your data system captures demonstrations with a wearable VR rig and custom grippers rather than teleoperating robots. What was wrong with standard teleoperation?

Teleoperation is built around controlling the robot. It forces the operator to work within the machine’s kinematics, latency, and viewpoint, and the resulting demonstrations are slower, stiffer, and less diverse. We built our system around capturing human skill instead. Manipulation is really about contact, timing, finger coordination, and recovery, not just the path the hand takes, and a wearable rig records those before the behavior is compressed onto one particular robot. It also breaks teleoperation’s expensive scaling law, in which every demonstration needs a robot.

People can generate rich data independently of any robot, and the crucial property is that those demonstrations can still be replayed and executed on a physical robot through the model. Mobility is convenient, but that replay is the real point, because it is what lets the same data be reused across different platforms.

Advertisement

Robot and person loading a washing machine together in a modern laundry room. In X Square Robot’s approach, demonstrations can be replayed and executed on a physical robot through the AI model, allowing the same data to be reused across different platforms.X Square Robot

X Square Robot reports that its pipeline has roughly an 85 percent data-validity rate. Why is quality control such an underrated bottleneck?

Because errors in robot data are far more expensive than in language data. A small timing or contact error can change what a demonstration means. If a gripper closes a fraction of a second too early, the motion still looks like a grasp, but physically it has pushed the object away. A dataset that mixes failures and accidental successes teaches ambiguity, not skill, because the real unit is the interaction, not the trajectory.

So we run automated inspection, kinematic checks, and physical replay, where we play a sample of trajectories back on the real robot and count only the ones that actually complete the task. Data quality sets the ceiling on how good a policy can be. In our experience a smaller, cleaner dataset often beats a much larger, noisier one, which is why we treat quality control as part of the model, not a preprocessing afterthought.

The model runs in both “event mode” and “chunk mode.” When does each matter?

Advertisement

Both matter, for different reasons. The physical world changes through events—when contact occurs, a grasp forms, or an object slips—not in fixed-frame windows. Event mode concentrates the model’s attention on those moments, and it matters most for long-horizon tasks, like clearing a table, where progress is a sequence of semantic events rather than a smooth stream. It runs in variable-length segments that follow the task rather than a clock. Chunk mode matters for deployment. Real controllers need a stable, real-time interface, and fixed-length chunks integrate cleanly with existing control systems.

We organize learning around events in the first place because a fixed window can split one motion in half or merge two together, which turns training into short-horizon pattern matching and weakens the model on long tasks. So the world model’s job is to connect event-level understanding, which is where the reasoning happens, with a fixed-length output a real robot can actually run.

Why make “deployable before fine-tuning” the criterion?

Pretraining should produce capability, not just a good starting point. If a model is only useful after heavy fine-tuning, then most of the intelligence still lives in the downstream supervision, not in the foundation model. Deployable before fine-tuning is a more honest test of what pretraining actually learned. A well-pretrained robot should already know how to approach, grasp, move, avoid obstacles, and correct itself. Fine-tuning should adapt it to a specific task or robot, not create the ability from nothing. It is also a practical requirement. A robot in a home or a workplace shouldn’t need a brand-new dataset and a new policy every time the task changes, so a foundation model that already carries general skill, and some ability to recover, is the minimum bar for something genuinely useful in the real world.

Advertisement

What is the most challenging part of cross-embodiment learning?

Robots differ in control frequency, delay, compliance, sensing precision, and contact dynamics, so the same instruction can require different action decompositions and recovery strategies, and a behavior that works on one arm cannot simply be copied to another. Cross-embodiment learning needs an intermediate abstraction, lower than language but higher than joint angles: how you approach an object, how you make contact, how you apply force, and how you recover from a mistake.

When we say cross-embodiment, the main capability we mean is multi-embodiment generalization: transferring across robots, training on many embodiments at once, and adapting to different kinematics. Human-to-robot transfer and other techniques are specific approaches to that goal.

“A robot in a home or workplace shouldn’t need a new dataset and policy every time the task changes. A useful foundation model should already carry general skills and the ability to recover.”

Advertisement

What would you most like to see other researchers attempt to reproduce or stress-test?

Three things, above all. Whether event-level representations really generalize beyond our own datasets, across more tasks, scenes, objects, embodiments, and failure conditions. Whether pretraining stays effective on robots the model never saw during training, or whether its capability is still too tightly coupled to what it has already seen. And whether real-robot evaluation can become a shared language for the field, so that we compare not just success rates but the reasons systems fail, where an instruction was misread, where perception broke down, or where recovery fell short. Robotics has been driven too often by impressive demonstrations, and real progress comes from results that are reproducible and diagnosable.

What capability is still missing before robots become dependable in homes?

Benchmarks measure competence, like whether a model can finish a task. Homes demand reliability, safe and consistent operation over time in a place that changes every day, with objects moving, instructions that are vague, and people interrupting. The missing piece is not a higher one-time success rate: it is robust recovery. A dependable home robot has to know when it is uncertain, when to slow down, when to ask for help, and how to bring the world back to a safe state after it drops something or misunderstands a request.

Advertisement

In a real home, failure recovery matters more than raw success, because the home does not reset itself. Homes also demand careful personalization, learning a household’s routines and preferences over time, with safety and trust as first principles. That combination, not any single skill, separates a capable demonstration from a robot people can live with.

Humanoid service robot stands by a table in a modern living room. X Square Robot’s approach is that, in a real home, failure recovery matters more than raw success, because the home does not reset itself and it demands careful personalization, with safety and trust as first principles. X Square Robot

How do the open-source components fit into X Square Robot’s World Unified Model direction?

We see these releases as layers of the World Unified Model direction rather than isolated projects. Wall-OSS-0.5, the action model, asks whether an open vision-language-action model can gain directly measurable capability from large-scale pretraining, so it is the capability layer. WALL-WM, the world model, asks how a robot should understand change in the world, shifting from fixed windows to event-level modeling, so it is the representation layer. The data system supplies the interaction data that both of them learn from.

Together they form a loop in which models produce capability, world models organize understanding, and the open-source community drives reproduction and improvement. World Unified Model is the broader architecture those layers support, bringing vision, language, action, and physical prediction together.

Advertisement

We are releasing these pieces openly because embodied intelligence cannot be solved by one organization; it needs many embodiments, many real tasks, and broad feedback, and the long-term goal is a stack that keeps learning and ultimately moves robots from laboratory demonstrations toward reliable everyday use.

Source link

Continue Reading

Tech

SoftBank boss says the AI revolution will cost $5 trillion a year, also, there’s no bubble

Published

on

Sarah Connor warned us: Multiple reports are routinely confirming that the alleged “AI revolution” is not going the way Big Tech and VC investors would like it to. SoftBank’s founder and largest shareholder, however, still believes the revolution will come to pass. AI skeptics, in his view, are simply on the wrong side of history. Or are they?

Masayoshi Son is hell-bent on bringing AI to the masses, and he’s ready to spend the enormous sums required to reach this historic goal. Speaking at SoftBank’s annual corporate conference in Tokyo, the outspoken founder shared a few numbers about that spending, though he chose not to elaborate on exactly where the money would come from.

Son believes developing and deploying AI for the wider society will cost $5 trillion a year through 2040. He said he’s “confident” that figure reflects the true cost of the AI revolution. His reasoning: if AI-related revenue eventually accounts for 20% of global GDP by 2040, spending $5 trillion, or roughly 800 trillion yen, a year to get there will ultimately amount to a rounding error.

In recent years, Son has emerged as one of the most enthusiastic proponents of generative AI, chatbots, and other LLM-related technologies. SoftBank has invested heavily in OpenAI and several other AI-related unicorns, and Son has previously predicted that the first true artificial general intelligence (AGI) will arrive by 2030.

Advertisement

Given all that, Son doesn’t want to hear anything about an AI bubble. Asking about one, he says, is an absurd proposition, and people who raise the question, in his words, simply don’t understand what AI is about. SoftBank has made a few prescient bets on tech unicorns in the past, providing early investment to Chinese giant Alibaba and bringing the iPhone to the Japanese market.

However, the conglomerate has also made some costly mistakes. WeWork, the office sharing company SoftBank valued at $47 billion in 2019, ultimately filed for bankruptcy a few years later.

The AI revolution could hand the Japanese conglomerate and its “boss” another massive stream of profits, a second Alibaba, but with exponentially bigger margins. Or it could turn into an exponentially larger dot-com bubble, one that burns large parts of the financial world, Wall Street included.

According to Deutsche Bank analysts, the AI boom may currently be the only thing keeping the US economy out of a recession. Separately, several surveys suggest many CEOs privately believe an AI bubble does exist, yet remain in full FOMO mode, planning to keep investing regardless. Meanwhile, nearly half of the data center projects planned for 2026 in the US aren’t likely to come online on schedule, and rising geopolitical tensions in the Middle East add another layer of uncertainty.

Advertisement

And yet, Son appears unfazed. SoftBank’s CEO predicts AI data centers will need 3 terawatts of power generation by 2040, nearly double the total power consumed worldwide today.

To meet that demand, Son said gas will serve as the primary power source in the near term, with nuclear fusion, not traditional nuclear plants, eventually taking over as the cheaper, cleaner alternative. Asked whether space based solar power, as championed by Elon Musk, could be the answer instead, Son said both could play a role, but that fusion on Earth would ultimately be the more practical option.

Within the next decade and a half, Son believes, AI agents will be the ones calling the shots, as many as 100 trillion of them by 2040. “We will go from a human-centric world to an agent-centric world. The age when humans are the highest life form on Earth will end. For better or for worse, it will happen, and it can’t be stopped,” Son said.

Advertisement

Source link

Continue Reading

Tech

Nearly 300 GitHub repos pose as legit software to push malware

Published

on

Nearly 300 GitHub repos pose as legit software to push malware

A threat actor has published hundreds of fake GitHub repositories impersonating legitimate software and security projects to distribute infostealer malware.

The campaign drew traffic from search results for security products, cryptocurrency services, financial tools, developer utilities, secure email providers, macOS utilities, and gaming software.

The malware collects data from more than 19 web browsers, steals info from 32 cryptocurrency wallets, and exfiltrates sensitive details from messaging and social media apps.

image

Cybersecurity company ArcticWolf identified the activity after finding that one of its products was impersonated in the campaign starting June 26.

In total, the researchers uncovered 292 fake repositories, each including a README file with a download link directing visitors to a malicious download page.

Advertisement
Fake GitHub repository featuring badges of authenticity
Fake GitHub repository featuring badges of authenticity
Source: Arctic Wolf

The landing pages feature wording and branding designed to inspire trust, such as a button named “Download Secure Content” and spoofed trust badges.

Analyzing the code for the delivery page, the researchers noticed that it relies on “a single templated HTML/JS artifact reused across all impersonated brands.”

” Its client-side script parses the URL path into two segments – path[0] as a user_code (the “rotating” path token, e.g., yyvxx9rswefr, which tracks the referring repository/redirector), and path[1] as the referrer domain (e.g., Arctic-Wolf[.]github.io),” Arctic Wolf says.

Visible branding is derived from a second segment when it is rendered, by replacing the hyphens with spaces and applying the proper title cases.

The malicious landing page
The malicious landing page
Source: Arctic Wolf

According to the researchers, the page delivers a large ZIP archive, whose name and payload is changed roughly every minute. Inside the archive is a trojanized libcurl.dll and a legitimate, signed WinGUP updater that gets a different name based on the impersonated product.

“When the user runs the executable, gup.exe side-loads libcurl.dll, which decodes and reflectively executes an embedded infostealer entirely in memory.”

Advertisement

The information stealer appears to be a variant of the BoryptGrab family, targeting the following data from infected systems:

  • Passwords, cookies, payment information, and other data from 19 web browsers
  • Data of 32 cryptocurrency wallet brands
  • Telegram sessions, Discord tokens, and Steam session tokens
  • Credentials for Meta’s Max messaging application
  • Windows Credential Manager contents
  • Files from Desktop and Documents whose names or extensions suggested passwords, recovery phrases, wallets, backups, etc.
  • Screenshots, system details, and installed-software lists

The researchers note that this variant of BoryptGrab exhibits a previously undocumented capability to bypass Chrome’s App-Bound Encryption through direct code injection into the browser process.

The stolen data is compressed before being sent to a Russia-based command-and-control (C2) server.

The stealer's execution and data-theft flow
The stealer’s execution and data-theft flow
Source: Arctic Wolf

Arctic Wolf reports that the malware does not establish persistence on the host and is instead designed to collect as much data as possible in a single execution.

Similarly, there’s no anti-analysis layer at all, and the temporary directory where the collected data is stored during exfiltration staging isn’t wiped, leaving forensic evidence behind. 

At the time of Arctic Wolf’s report, GitHub had removed a large portion of the malicious repositories, though the researchers report that several dozen GitHub Pages redirectors still remained active.

Advertisement

The researchers couldn’t attribute the campaign to a specific threat actor, though they assess that the operator is likely Russian-speaking and financially motivated.

Arctic Wolf concludes that the success of the campaign depends entirely on users trusting “free downloads” of premium software tools and recommends caution when interacting with unofficial GitHub pages.

The researchers shared a Yara rule for detecting this activity along with indicators of compromise (IoCs) associated with BoryptGrab.


article image

Security teams log 54% of successful attacks and alert on just 14%. The rest move through your environment unseen.

The Picus whitepaper shows how breach and attack simulation tests your SIEM and EDR rules so threats stop slipping by detection.

Advertisement

Get the whitepaper

Source link

Continue Reading

Trending

Copyright © 2025