Microsoft Edge
Hackers earn $1,298,250 for 47 zero-days at Pwn2Own Berlin 2026
The Pwn2Own Berlin 2026 hacking contest has concluded, with security researchers collecting $1,298,250 in rewards after exploiting 47 zero-day flaws. The competition took place at the OffensiveCon conference from May 14 to May 16 and focused on enterprise technologies and artificial intelligence. Throughout the contest, the hackers targeted fully patched products across web browsers, enterprise applications, local […]
Microsoft backpedals: Edge to stop loading passwords into memory
Microsoft is updating the Edge web browser to ensure it no longer loads saved passwords into process memory in clear text at startup after previously stating it was “by design.” This behavior was disclosed on May 4 by security researcher Tom Jøran Sønstebyseter Rønning, who demonstrated that all credentials stored in the Edge built-in password manager were […]
Windows 11 and Microsoft Edge hacked at Pwn2Own Berlin 2026
On the first day of Pwn2Own Berlin 2026, security researchers collected $523,000 in cash awards after exploiting 24 unique zero-days. Today’s highlight was Orange Tsai’s attempt, who was awarded $175,000 in rewards after chaining 4 logic bugs to achieve a sandbox escape on Microsoft Edge. Windows 11 was also hacked three times by Angelboy and TwinkleStar03 (working with the DEVCORE Internship Program), Marcin Wiązowski, […]
Microsoft Teams right-click paste broken by Edge update bug
Microsoft is warning that a recent Microsoft Edge browser update introduced a bug that breaks right-click paste in chats in the Microsoft Teams desktop client. In an advisory published on April 14, Microsoft says users are reporting that they are unable to paste URLs, text, or images into Teams chats when using right-click context menus, with the […]
Malicious GhostPoster browser extensions found with 840,000 installs
Another set of 17 malicious extensions linked to the GhostPoster campaign has been discovered in Chrome, Firefox, and Edge stores, where they accumulated a total of 840,000 installations. The GhostPoster campaign was first reported by Koi Security researchers in December. They found 17 extensions that were hiding malicious JavaScript code in their logo images, which monitored browser activity and planted […]
ShadyPanda browser extensions amass 4.3M installs in malicious campaign
A long-running malware operation known as “ShadyPanda” has amassed over 4.3 million installations of seemingly legitimate Chrome and Edge browser extensions that evolved into malware. The operation, discovered by Koi Security, unfolded in distinct phases that gradually introduced additional malicious functionality, turning the browser extension from a legitimate tool into spyware. The ShadyPanda campaign consists […]
Microsoft Edge gets scareware sensor for faster scam detection
Microsoft is introducing a new scareware sensor for the Microsoft Edge web browser, which helps detect scam pages more quickly and ensures that Defender SmartScreen blocks them faster. In scareware scams (also known as tech support scams), fraudsters use aggressive landing pages to trick potential victims into believing that their devices have been compromised with malware […]
Microsoft Edge to block malicious sideloaded extensions
Microsoft is planning to introduce a new Edge security feature that will protect users against malicious extensions sideloaded into the web browser. Edge enables developers to install extensions locally (also known as sideloading) for testing purposes before publishing them to the Microsoft Edge Add-ons store by toggling the “Developer Mode” option on the Extensions management page and clicking the […]
Microsoft Edge now an ‘AI-powered browser’ with Copilot Mode
Microsoft has introduced Copilot Mode, an experimental feature designed to transform Microsoft Edge into a web browser powered by artificial intelligence (AI). As the company explained on Monday, this new mode transforms Edge’s interface, with new tabs showing a single input box that combines chat, search, and web navigation functions. Once Copilot Mode is enabled, the AI […]
Microsoft Edge now offers secure password deployment for businesses
Microsoft announced that a new Edge feature allowing employees to share passwords more securely in enterprise environments has reached general availability. Known as secure password deployment, this feature will be available to Microsoft Edge for Business users starting this week, minimizing the risk of unauthorized access by ensuring that employees don’t accidentally share passwords with […]