Microsoft Archives

3 Min Read

October 15, 2025

October Patch Tuesday: Microsoft Fixes 6 Zero-Days, Including 4 Actively Exploited Flaws, as Windows 10 Reaches End-of-Life

Microsoft’s October 2025 Patch Tuesday has arrived with one of the largest updates of the year—193 patched, including six…

3 Min Read

October 15, 2025

Rockwell Automation Patches Privilege Escalation and Denial-of-Service Flaws Across FactoryTalk and ArmorStart Systems

Rockwell Automation has released a series of advisories addressing in several of its FactoryTalk and ArmorStart product lines. These ,…

4 Min Read

October 14, 2025

Patch Tuesday, October 2025 ‘End of 10’ Edition

Microsoft today released software updates to plug a whopping 172 security holes in its Windows operating systems, including at least two…

4 Min Read

October 14, 2025

Frightful Patch Tuesday gives admins a scare with 175+ Microsoft CVEs, 3 under attack

Spooky season is in full swing, and this extends to Microsoft's October Patch Tuesday with security updates for a frightful 175 Microsoft…

Security

2 Min Read

October 14, 2025

Malicious crypto-stealing VSCode extensions resurface on OpenVSX

A threat actor called TigerJack is constantly targeting developers with malicious extensions published on Microsoft's Visual Code (VSCode)…

3 Min Read

October 14, 2025

Patch Tuesday October 2025: Three Zero-days Under Attack

Microsoft’s Patch Tuesday October 2025 included fixes for 175 vulnerabilities, including three exploited zero-days and 13 additional…

Microsoft

3 Min Read

October 14, 2025

Final Windows 10 Patch Tuesday update rolls out as support ends

In what marks the end of an era, Microsoft has released the Windows 10 KB5066791 cumulative update, the final cumulative update for the…

Microsoft

2 Min Read

October 14, 2025

Microsoft: Exchange 2016 and 2019 have reached end of support

Microsoft has reminded that Exchange Server 2016 and 2019 reached the end of support and advised IT administrators to upgrade servers to…

15 Min Read

October 14, 2025

Microsoft October 2025 Patch Tuesday fixes 6 zero-days, 172 flaws

Today is Microsoft's October 2025 Patch Tuesday, which includes security updates for 172 flaws, including six zero-day…

5 Min Read

October 14, 2025

Windows 11 KB5066835 and KB5066793 updates released

Microsoft has released Windows 11 KB5066835 and KB5066793 cumulative updates for versions 25H2/24H2 and 23H2 to fix…

9 Min Read

October 14, 2025

Microsoft October 2025 Patch Tuesday – 4 Zero-days and 172 Vulnerabilities Patched

Microsoft rolled out its October 2025 Patch Tuesday updates, addressing a staggering 172 vulnerabilities across its ecosystem, including four…

3 Min Read

October 14, 2025

UEFI Shell Vulnerabilities Could Let Hackers Bypass Secure Boot on 200,000+ Laptops

Hackers can exploit vulnerabilities in signed UEFI shells to bypass Secure Boot protections on over 200,000 Framework laptops and desktops.…

Microsoft

2 Min Read

October 14, 2025

Microsoft warns that Windows 10 reaches end of support today

Microsoft has reminded customers today that Windows 10 has reached the end of support and will no longer receive patches for newly discovered…

3 Min Read

October 14, 2025

RMPocalypse: Single 8-Byte Write Shatters AMD’s SEV-SNP Confidential Computing

Chipmaker AMD has released fixes to address a security flaw dubbed RMPocalypse that could be exploited to undermine confidential computing…

2 Min Read

October 14, 2025

Microsoft Patches Edge IE Mode After Hackers Exploited Chakra Zero-Day for Device Takeover

After discovering that hackers were exploiting a zero-day in the Chakra JavaScript engine used by Internet Explorer versions 9, 10, and 11,…

2 Min Read

October 13, 2025

Microsoft restricts IE mode access in Edge after zero-day attacks

Microsoft is restricting access to Internet Explorer mode in Edge browser after learning that hackers are leveraging zero-day exploits in…

Microsoft

2 Min Read

October 13, 2025

Microsoft investigates outage affecting Microsoft 365 apps

Microsoft is investigating an ongoing incident that is preventing some customers from accessing Microsoft 365 applications. While the company…

2 Min Read

October 13, 2025

New Stealit Malware Campaign Spreads via VPN and Game Installer Apps

Threat actors are conducting a new malicious campaign deploying the Stealit malware via disguised applications, according to Fortinet. The…

Microsoft

2 Min Read

October 13, 2025

Microsoft: Windows 11 Media Creation Tool broken on Windows 10 PCs

Microsoft says the latest version of the Windows 11 Media Creation Tool (MCT) no longer works correctly on Windows 10 22H2 computers. The…

2 Min Read

October 13, 2025

Weekly Recap: WhatsApp Worm, Critical CVEs, Oracle 0-Day, Ransomware Cartel & More

Every week, the cyber world reminds us that silence doesn't mean safety. Attacks often begin quietly — one unpatched flaw, one…

2 Min Read

October 13, 2025

Microsoft Locks Down IE Mode After Hackers Turned Legacy Feature Into Backdoor

Microsoft said it has revamped the Internet Explorer (IE) mode in its Edge browser after receiving "credible reports" in August 2025 that…

2 Min Read

October 13, 2025

Apple Bug Bounty Payouts Can Now Top $5m

Apple has doubled its top award for ethical hacking discoveries to $2m, although security researchers could earn even more if they’re…

2 Min Read

October 13, 2025

Astaroth Banking Trojan Abuses GitHub to Remain Operational After Takedowns

Cybersecurity researchers are calling attention to a new campaign that delivers the Astaroth banking trojan that employs GitHub as a backbone…

2 Min Read

October 13, 2025

New Rust-Based Malware "ChaosBot" Uses Discord Channels to Control Victims' PCs

Cybersecurity researchers have disclosed details of a new Rust-based backdoor called ChaosBot that can allow operators to conduct…

7 Min Read

October 12, 2025

Week in review: Hackers extorting Salesforce, CentreStack 0-day exploited

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: How to get better results from…

4 Min Read

October 11, 2025

Identity Risk Intelligence – The Missing Piece in Continuous Threat Exposure Management (CTEM)

In today’s cybersecurity landscape, identity is no longer just a credentialing concern; it is the battleground. Modern cyber defenses…

Microsoft

2 Min Read

October 10, 2025

Windows 11 23H2 Home and Pro reach end of support in 30 days

Microsoft has reminded customers again today that systems running Home and Pro editions of Windows 11 23H2 will stop receiving security…

3 Min Read

October 10, 2025

Ransomware crims that exploited SharePoint 0-days add Velociraptor to their arsenal

The ransomware gang caught exploiting Microsoft SharePoint zero-days over the summer has added a new tool to its arsenal: Velociraptor, an…

Microsoft

2 Min Read

October 10, 2025

Copilot on Windows can now connect to email, create Office docs

Microsoft has upgraded its AI-powered Copilot digital assistant to generate Office documents and to connect to Outlook and Gmail email…

2 Min Read

October 10, 2025

Stealit Malware Abuses Node.js Single Executable Feature via Game and VPN Installers

Cybersecurity researchers have disclosed details of an active malware campaign called Stealit that has leveraged Node.js' Single Executable…

3 Min Read

October 10, 2025

Pro-Russia hacktivist group dies of cringe after falling into researchers' trap

Security researchers say they duped pro-Russia cybercriminals into targeting a fake critical infrastructure organization, which the crew later…

1 Min Read

October 10, 2025

Microsoft Warns of ‘Payroll Pirates’ Hijacking HR SaaS Accounts to Steal Employee Salaries

A threat actor known as Storm-2657 has been observed hijacking employee accounts with the end goal of diverting salary payments to…

2 Min Read

October 10, 2025

From Detection to Patch: Fortra Reveals Full Timeline of CVE-2025-10035 Exploitation

Fortra on Thursday revealed the results of its investigation into CVE-2025-10035, a critical security flaw in GoAnywhere Managed File Transfer…

3 Min Read

October 10, 2025

175 Malicious npm Packages with 26,000 Downloads Used in Credential Phishing Campaign

Cybersecurity researchers have flagged a new set of 175 malicious packages on the npm registry that have been used to facilitate credential…

4 Min Read

October 10, 2025

‘Payroll Pirate’ Attacks Target U.S. Universities, Diverting Employee Salaries

Microsoft Threat Intelligence has revealed a spate of financially motivated cyberattacks against universities across the United States. The…

4 Min Read

October 10, 2025

October 2025 Patch Tuesday forecast: The end of a decade with Microsoft

A lot of classic software is reaching end-of-life (EOL) this month. Windows 10, Office 2016 and Exchange Server 2016 have survived after…

2 Min Read

October 10, 2025

DFIR Tool Hijacked: Ransomware Group Storm-2603 Abuses Velociraptor for Stealthy LockBit/Babuk Attacks

Cisco Talos has confirmed that ransomware operators are now abusing Velociraptor, an open-source digital forensics and incident response…

2 Min Read

October 9, 2025

Microsoft: Hackers target universities in “payroll pirate” attacks

A cybercrime gang tracked as Storm-2657 has been targeting university employees in the United States to hijack salary payments in "pirate…

Microsoft

2 Min Read

October 9, 2025

Microsoft Defender mistakenly flags SQL Server as end-of-life

Microsoft is working to resolve a known issue that causes its Defender for Endpoint enterprise endpoint security platform to…

1 Min Read

October 9, 2025

From HealthKick to GOVERSHELL: The Evolution of UTA0388's Espionage Malware

A China-aligned threat actor codenamed UTA0388 has been attributed to a series of spear-phishing campaigns targeting North America, Asia, and…

Microsoft

2 Min Read

October 9, 2025

Microsoft: Windows Backup now available for enterprise users

Microsoft announced this week the general availability of Windows Backup for Organizations, a new enterprise-grade backup tool that helps…

Microsoft

2 Min Read

October 9, 2025

Azure outage blocks access to Microsoft 365 services, admin portals

Microsoft is working to resolve an outage affecting its Azure Front Door content delivery network (CDN), which is preventing customers from…