home.social

#microsoft-edge — Public Fediverse posts

Live and recent posts from across the Fediverse tagged #microsoft-edge, aggregated by home.social.

fetched live
  1. CVE-2026-58286 - Improper access control in Microsoft Edge enables network spoofing attacks. CVSS 8.1. No patch yet. Restrict browser use until fixed. #CVE #MicrosoftEdge #infosec

    valtersit.com/cve/CVE-2026-582

  2. CVE-2026-58295 - Type confusion in Microsoft Edge (Chromium-based). CVSS 8.3. Network-based security feature bypass. Patch status unknown. Monitor for updates. #CVE #MicrosoftEdge #infosec

    valtersit.com/cve/CVE-2026-582

  3. CVE-2026-58299 TOCTOU race condition in Microsoft Edge for Android. CVSS 7.5. Unauthorized attacker can execute code over network. No patch available. Monitor for updates. #CVE #MicrosoftEdge #infosec

    valtersit.com/cve/CVE-2026-582

  4. TechSpot: Microsoft reverses stance and adds Google account sign-in to Edge browser. “Microsoft latest release of the Edge browser adds a much-requested feature for users working within Google’s web ecosystem. Edge 150 finally provides a way to sign in with a Google account, usable alongside a Microsoft account.”

    https://rbfirehose.com/2026/07/04/techspot-microsoft-reverses-stance-and-adds-google-account-sign-in-to-edge-browser/
  5. TechSpot: Microsoft reverses stance and adds Google account sign-in to Edge browser. “Microsoft latest release of the Edge browser adds a much-requested feature for users working within Google’s web ecosystem. Edge 150 finally provides a way to sign in with a Google account, usable alongside a Microsoft account.”

    https://rbfirehose.com/2026/07/04/techspot-microsoft-reverses-stance-and-adds-google-account-sign-in-to-edge-browser/
  6. CVE-2026-57984 - Use After Free in Microsoft Edge. Unauthorized RCE over network. CVSS 7.5. No patch available. Mitigate now. #CVE #MicrosoftEdge #infosec

    valtersit.com/cve/CVE-2026-579

  7. CVE-2026-57986 - Use After Free in Microsoft Edge. Unauthorized network RCE. CVSS 7.5. No patch available. Monitor closely. #CVE #MicrosoftEdge #infosec

    valtersit.com/cve/CVE-2026-579

  8. Microsoft on paljastanut ja purkanut hienostuneen selainlaajennuskampanjan, jonka myötä yhtiö poisti Edge-selaimen lisäosakaupasta kaikkiaan 119 haitallista laajennusta.

    Haitalliset laajennukset keräsivät 2,6 miljoonaa latauskertaa.

    dawn.fi/uutiset/2026/06/30/mic

    #uutiset #haittaohjelma #microsoftedge

  9. Microsoft on paljastanut ja purkanut hienostuneen selainlaajennuskampanjan, jonka myötä yhtiö poisti Edge-selaimen lisäosakaupasta kaikkiaan 119 haitallista laajennusta.

    Haitalliset laajennukset keräsivät 2,6 miljoonaa latauskertaa.

    dawn.fi/uutiset/2026/06/30/mic

    #uutiset #haittaohjelma #microsoftedge

  10. Microsoft-Forscher haben Malware in 119 Microsoft-Edge-Add-ons entdeckt – insgesamt rund 2,6 Mio Installationen. Die „Stegoad“-Kampagne war offenbar seit 2021 aktiv und nutzte u. a. Ausführungsverzögerungen (3–5 Tage) zur Tarnung. 🛡️🚨
    golem.de/news/microsoft-edge-m #CyberSecurity #Malware #MicrosoftEdge

  11. Microsoft-Forscher haben Malware in 119 Microsoft-Edge-Add-ons entdeckt – insgesamt rund 2,6 Mio Installationen. Die „Stegoad“-Kampagne war offenbar seit 2021 aktiv und nutzte u. a. Ausführungsverzögerungen (3–5 Tage) zur Tarnung. 🛡️🚨
    golem.de/news/microsoft-edge-m #CyberSecurity #Malware #MicrosoftEdge

  12. Payouts King Ransomware Initial Access Broker Deploys New Edgecution Malware

    An initial access broker linked to Payouts King ransomware is deploying Edgecution, a sophisticated malware utilizing a malicious Microsoft Edge browser extension. The attack begins through social engineering via Microsoft Teams, impersonating IT staff and directing victims to fake Microsoft websites offering supposed Outlook updates. Edgecution comprises two components: a browser extension that communicates with command-and-control servers via websockets, and a Python-based backdoor. The extension abuses Chrome native messaging protocol to escape browser sandbox restrictions, enabling direct host access. This allows attackers to manipulate the filesystem, launch processes, and execute arbitrary code. The malware operates in a headless browser, remaining invisible to users. Deployment methods include AutoHotKey scripts, Windows batch scripts, and PowerShell scripts. The Python backdoor supports various commands including system information collection, filesystem access, and arbitrary code execution.

    Pulse ID: 6a3ab74e2728d85de0799971
    Pulse Link: otx.alienvault.com/pulse/6a3ab
    Pulse Author: AlienVault
    Created: 2026-06-23 16:41:50

    Be advised, this data is unverified and should be considered preliminary. Always do further verification.

    #BackDoor #Browser #Chrome #CyberSecurity #Edge #InfoSec #Malware #Microsoft #MicrosoftEdge #MicrosoftTeams #OTX #OpenThreatExchange #Outlook #PowerShell #Python #RAT #RansomWare #SocialEngineering #Windows #bot #AlienVault

  13. Payouts King Ransomware Initial Access Broker Deploys New Edgecution Malware

    An initial access broker linked to Payouts King ransomware is deploying Edgecution, a sophisticated malware utilizing a malicious Microsoft Edge browser extension. The attack begins through social engineering via Microsoft Teams, impersonating IT staff and directing victims to fake Microsoft websites offering supposed Outlook updates. Edgecution comprises two components: a browser extension that communicates with command-and-control servers via websockets, and a Python-based backdoor. The extension abuses Chrome native messaging protocol to escape browser sandbox restrictions, enabling direct host access. This allows attackers to manipulate the filesystem, launch processes, and execute arbitrary code. The malware operates in a headless browser, remaining invisible to users. Deployment methods include AutoHotKey scripts, Windows batch scripts, and PowerShell scripts. The Python backdoor supports various commands including system information collection, filesystem access, and arbitrary code execution.

    Pulse ID: 6a3ab74e2728d85de0799971
    Pulse Link: otx.alienvault.com/pulse/6a3ab
    Pulse Author: AlienVault
    Created: 2026-06-23 16:41:50

    Be advised, this data is unverified and should be considered preliminary. Always do further verification.

    #BackDoor #Browser #Chrome #CyberSecurity #Edge #InfoSec #Malware #Microsoft #MicrosoftEdge #MicrosoftTeams #OTX #OpenThreatExchange #Outlook #PowerShell #Python #RAT #RansomWare #SocialEngineering #Windows #bot #AlienVault

  14. 🇬🇧 𝗛𝗼𝘄 𝘁𝗵𝗲 𝗘𝗨 𝗗𝗠𝗔 𝗟𝗲𝘁𝘀 𝗨𝗞 𝗨𝘀𝗲𝗿𝘀 𝗙𝘂𝗹𝗹𝘆 𝗨𝗻𝗶𝗻𝘀𝘁𝗮𝗹𝗹 𝗠𝗶𝗰𝗿𝗼𝘀𝗼𝗳𝘁 𝗘𝗱𝗴𝗲 𝗼𝗻 𝗪𝗶𝗻𝗱𝗼𝘄𝘀 𝟭𝟭

    𝖫𝖾𝖺𝗋𝗇 𝗁𝗈𝗐 𝗍𝗈 𝖿𝗎𝗅𝗅𝗒 𝗋𝖾𝗆𝗈𝗏𝖾 𝖬𝗂𝖼𝗋𝗈𝗌𝗈𝖿𝗍 𝖤𝖽𝗀𝖾 𝖿𝗋𝗈𝗆 𝖶𝗂𝗇𝖽𝗈𝗐𝗌 𝟣𝟣 𝗂𝗇 𝗍𝗁𝖾 𝖴𝖪 𝖻𝗒 𝖺𝗉𝗉𝗅𝗒𝗂𝗇𝗀 𝗍𝗁𝖾 𝖤𝖴 𝖣𝗂𝗀𝗂𝗍𝖺𝗅 𝖬𝖺𝗋𝗄𝖾𝗍𝗌 𝖠𝖼𝗍 (𝖣𝖬𝖠) 𝗐𝗈𝗋𝗄𝖺𝗋𝗈𝗎𝗇𝖽. 𝖣𝗂𝗌𝖼𝗈𝗏𝖾𝗋 𝗍𝗁𝖾 𝖾𝖺𝗌𝗒, 𝗌𝗍𝖾𝗉-𝖻𝗒-𝗌𝗍𝖾𝗉 𝗆𝖾𝗍𝗁𝗈𝖽 𝗎𝗌𝗂𝗇𝗀 𝗍𝗁𝖾 𝖶𝗂𝗇𝗍𝗈𝗒𝗌 𝖺𝗉𝗉 𝗍𝗈 𝗎𝗇𝗂𝗇𝗌𝗍𝖺𝗅𝗅 𝖤𝖽𝗀𝖾 𝖺𝗇𝖽 𝗄𝖾𝖾𝗉 𝗒𝗈𝗎𝗋 𝗉𝗋𝖾𝖿𝖾𝗋𝗋𝖾𝖽 𝖻𝗋𝗈𝗐𝗌𝖾𝗋 𝖺𝗌 𝗍𝗁𝖾 𝖽𝖾𝖿𝖺𝗎𝗅𝗍.

    dariusz.wieckiewicz.org/en/how

    #Windows11
    #MicrosoftEdge
    #EUDMA
    #EUDigitalMarketsAct
    #DigitalMarketsAct
    #Wintoys

  15. 🇬🇧 𝗛𝗼𝘄 𝘁𝗵𝗲 𝗘𝗨 𝗗𝗠𝗔 𝗟𝗲𝘁𝘀 𝗨𝗞 𝗨𝘀𝗲𝗿𝘀 𝗙𝘂𝗹𝗹𝘆 𝗨𝗻𝗶𝗻𝘀𝘁𝗮𝗹𝗹 𝗠𝗶𝗰𝗿𝗼𝘀𝗼𝗳𝘁 𝗘𝗱𝗴𝗲 𝗼𝗻 𝗪𝗶𝗻𝗱𝗼𝘄𝘀 𝟭𝟭

    𝖫𝖾𝖺𝗋𝗇 𝗁𝗈𝗐 𝗍𝗈 𝖿𝗎𝗅𝗅𝗒 𝗋𝖾𝗆𝗈𝗏𝖾 𝖬𝗂𝖼𝗋𝗈𝗌𝗈𝖿𝗍 𝖤𝖽𝗀𝖾 𝖿𝗋𝗈𝗆 𝖶𝗂𝗇𝖽𝗈𝗐𝗌 𝟣𝟣 𝗂𝗇 𝗍𝗁𝖾 𝖴𝖪 𝖻𝗒 𝖺𝗉𝗉𝗅𝗒𝗂𝗇𝗀 𝗍𝗁𝖾 𝖤𝖴 𝖣𝗂𝗀𝗂𝗍𝖺𝗅 𝖬𝖺𝗋𝗄𝖾𝗍𝗌 𝖠𝖼𝗍 (𝖣𝖬𝖠) 𝗐𝗈𝗋𝗄𝖺𝗋𝗈𝗎𝗇𝖽. 𝖣𝗂𝗌𝖼𝗈𝗏𝖾𝗋 𝗍𝗁𝖾 𝖾𝖺𝗌𝗒, 𝗌𝗍𝖾𝗉-𝖻𝗒-𝗌𝗍𝖾𝗉 𝗆𝖾𝗍𝗁𝗈𝖽 𝗎𝗌𝗂𝗇𝗀 𝗍𝗁𝖾 𝖶𝗂𝗇𝗍𝗈𝗒𝗌 𝖺𝗉𝗉 𝗍𝗈 𝗎𝗇𝗂𝗇𝗌𝗍𝖺𝗅𝗅 𝖤𝖽𝗀𝖾 𝖺𝗇𝖽 𝗄𝖾𝖾𝗉 𝗒𝗈𝗎𝗋 𝗉𝗋𝖾𝖿𝖾𝗋𝗋𝖾𝖽 𝖻𝗋𝗈𝗐𝗌𝖾𝗋 𝖺𝗌 𝗍𝗁𝖾 𝖽𝖾𝖿𝖺𝗎𝗅𝗍.

    dariusz.wieckiewicz.org/en/how

    #Windows11
    #MicrosoftEdge
    #EUDMA
    #EUDigitalMarketsAct
    #DigitalMarketsAct
    #Wintoys

  16. The Register: Cloudflare teams up with big browsers to help websites tell welcome from unwelcome visitors. “Cloudflare, along with Google Chrome, Microsoft Edge, and Mozilla Firefox, have committed to develop Private Access Control Tokens (PACTs), a way for websites to generate a digital token that asserts a given browsing session is being run by a human or bot with legitimate intent, as […]

    https://rbfirehose.com/2026/06/23/the-register-cloudflare-teams-up-with-big-browsers-to-help-websites-tell-welcome-from-unwelcome-visitors/
  17. The Register: Cloudflare teams up with big browsers to help websites tell welcome from unwelcome visitors. “Cloudflare, along with Google Chrome, Microsoft Edge, and Mozilla Firefox, have committed to develop Private Access Control Tokens (PACTs), a way for websites to generate a digital token that asserts a given browsing session is being run by a human or bot with legitimate intent, as […]

    https://rbfirehose.com/2026/06/23/the-register-cloudflare-teams-up-with-big-browsers-to-help-websites-tell-welcome-from-unwelcome-visitors/
  18. PACT: Cloudflare will mit Browserherstellern böswilligen Traffic aussortieren

    Browser sollen gegenüber Internetseiten künftig ausweisen, dass Menschen – oder autorisierte KI-Agenten – für den Traffic verantwortlich sind.

    heise.de/news/PACT-Cloudflare-

    #Browser #Chrome #Firefox #Internet #IT #MicrosoftEdge #news

  19. PACT: Cloudflare will mit Browserherstellern böswilligen Traffic aussortieren

    Browser sollen gegenüber Internetseiten künftig ausweisen, dass Menschen – oder autorisierte KI-Agenten – für den Traffic verantwortlich sind.

    heise.de/news/PACT-Cloudflare-

    #Browser #Chrome #Firefox #Internet #IT #MicrosoftEdge #news

  20. #Google to End #ManifestV2 Support in #Chrome, Disabling #uBlockOrigin and Other #AdBlockers

    […] “Users can switch to a non - #Chromium browser such as #Firefox, which continues to support Manifest V2 extensions”.

    “Firefox continues to support Manifest V2 alongside V3 extensions, and #Mozilla has stated it has no current plans to remove V2 support”.

    #RaymondHill, the developer of uBlock Origin, pointed out that Firefox offers the best experience for users who want full uBlock Origin functionality”.

    “The Chromium standard is also affecting other major browsers such as #MicrosoftEdge and #Opera. While some have indicated they may support V2 temporarily, the overall trend points toward adopting Manifest V3 across the Chromium ecosystem”.

    ghacks.net/2026/06/16/google-t

    #GoogleChrome #uBlock #AdBlocker #ChromeExtensions #Chrome150 #Chrome151 #ManifestV3 #DevlinCronin #MV2 #MV3 #Edge #EdgeBrowser

  21. #Google to End #ManifestV2 Support in #Chrome, Disabling #uBlockOrigin and Other #AdBlockers

    […] “Users can switch to a non - #Chromium browser such as #Firefox, which continues to support Manifest V2 extensions”.

    “Firefox continues to support Manifest V2 alongside V3 extensions, and #Mozilla has stated it has no current plans to remove V2 support”.

    #RaymondHill, the developer of uBlock Origin, pointed out that Firefox offers the best experience for users who want full uBlock Origin functionality”.

    “The Chromium standard is also affecting other major browsers such as #MicrosoftEdge and #Opera. While some have indicated they may support V2 temporarily, the overall trend points toward adopting Manifest V3 across the Chromium ecosystem”.

    ghacks.net/2026/06/16/google-t

    #GoogleChrome #uBlock #AdBlocker #ChromeExtensions #Chrome150 #Chrome151 #ManifestV3 #DevlinCronin #MV2 #MV3 #Edge #EdgeBrowser

  22. Microsoft Edge zmienia zasady gry. Menedżer haseł odblokujesz tylko przez Windows Hello

    Używasz wbudowanego menedżera haseł w przeglądarce Edge? Przygotuj się na odczuwalną zmianę w codziennych nawykach.

    Microsoft właśnie zaktualizował swoją przeglądarkę do wersji 145, ostatecznie wycofując logowanie za pomocą klasycznego hasła głównego. Od teraz dostęp do twoich najwrażliwszych danych chroni obowiązkowo podsystem Windows Hello.

    Bez biometrii lub PIN-u nie odzyskasz danych

    Do tej pory użytkownicy mogli zabezpieczyć swój sejf z hasłami za pomocą jednego, skomplikowanego ciągu znaków. Aktualizacja z 4 czerwca 2026 roku zamyka ten rozdział w systemach Windows. Zamiast wpisywać hasło główne, przeglądarka Edge domyślnie wymusza uwierzytelnienie tożsamości poprzez wbudowane mechanizmy sprzętowe.

    Co to oznacza w praktyce? Aby podejrzeć zapisane loginy do banku czy poczty, musisz użyć odcisku palca, rozpoznawania twarzy lub systemowego kodu PIN. Jeśli twój komputer nie posiada kamery na podczerwień zgodnej z Windows Hello ani czytnika linii papilarnych, pozostaje ci jedynie wpisanie PIN-u przypisanego do danego urządzenia.

    Dlaczego Microsoft wymusza nowe standardy?

    Choć dla wielu osób konieczność rezygnacji z ulubionego hasła może wydawać się irytująca, z punktu widzenia cyberbezpieczeństwa to doskonały ruch. Tradycyjne hasła – nawet te długie i skomplikowane – mogą zostać przechwycone, złamane lub wyłudzone metodami phishingowymi.

    Opieranie zabezpieczeń o fizyczne urządzenie i biometrię lub lokalny PIN w dużej mierze eliminuje to ryzyko. Microsoft po prostu odbiera użytkownikom możliwość popełnienia błędu, przepychając nas w stronę standardu kluczy dostępu (passkeys). To odważny krok, który wyraźnie odróżnia Edge’a od konkurencji – warto przypomnieć, że Google Chrome wciąż pozwala na odblokowanie swojego menedżera za pomocą tradycyjnego hasła.

    Microsoft Build 2026: Nadella stawia wszystko na agentów AI

    #aktualizacjaEdge #biometria #cyberbezpieczeństwo #menedżerHaseł #MicrosoftEdge #Passkeys #przeglądarkiInternetowe #WindowsHello