Microsoft Outlook stops displaying inline SVG images used in attacks
Microsoft says Outlook for Web and the new Outlook for Windows will no longer display risky inline SVG images that are being used in attacks.…
Microsoft Defender bug triggers erroneous BIOS update alerts
Microsoft is working to resolve a bug that causes Defender for Endpoint to incorrectly tag some devices' BIOS (Basic Input/Output…
Confucius Shifts from Document Stealers to Python Backdoors
A long-running cyber-espionage group known as Confucius has introduced new techniques in its campaigns against Microsoft Windows users. First…
Automating Pentest Delivery: 7 Key Workflows for Maximum Impact
Penetration testing is critical to uncovering real-world security weaknesses. With the shift into continuous testing and validation, it is…
ThreatsDay Bulletin: CarPlay Exploit, BYOVD Tactics, SQL C2 Attacks, iCloud Backdoor Demand & More
From unpatched cars to hijacked clouds, this week's Threatsday headlines remind us of one thing — no corner of technology is safe.…
Chrome 141 Stable Channel Update Patches High-Severity Vulnerabilities (CVE-2025-11205 & CVE-2025-11206)
The Chrome team has announced the promotion of Chrome 141 to the Stable Channel for Windows, Mac, and Linux. The release—version…
CISA Warns of Critical RCE Flaw (CVE-2025-10659, CVSS 9.8) in Megasys Telenium Online Web Application
The U.S. Cybersecurity and Infrastructure Agency (CISA) has issued a advisory warning of a critical in the Megasys Telenium Online Web…
New bug in classic Outlook can only be fixed via Microsoft support
Microsoft is investigating a known issue that causes the classic Outlook email client to crash upon launch, which can only be…
Microsoft to force install Microsoft 365 companion apps in October
Later this month, Microsoft will start automatically installing the Microsoft 365 companion apps on Windows 11 devices that have the Microsoft…
Cyber Brief 25-10 – September 2025
Cyber Brief (September 2025)October 1, 2025 - Version: 1TLP:CLEARExecutive summaryWe analysed 285 open source reports for this Cyber Security…
WestJet data breach exposes travel details of 1.2 million customers
This story was updated with new information on the number of customers impacted. Canadian airline WestJet is informing customers that the…
Google Drive for desktop gets AI-powered ransomware detection
Google has begun rolling out a new AI-powered security feature for Google Drive desktop, which will automatically pause file syncing when it…
Microsoft: Media Creation Tool broken on Windows 11 Arm64 PCs
After rolling out Windows 11 25H2, also known as Windows 11 2025 Update, Microsoft has confirmed that the Media Creation Tool has stopped…
Ukraine Warns of CABINETRAT Backdoor + XLL Add-ins Spread via Signal ZIPs
The Computer Emergency Response Team of Ukraine (CERT-UA) has warned of new targeted cyber attacks in the country using a backdoor called…
Apache Kylin Flaw: Authentication Bypass and SSRF Vulnerabilities Found in Big Data Platform
The Apache Software Foundation has published a new advisory disclosing three in Apache Kylin, a high-concurrency OLAP engine widely used for…
Chinese APT Phantom Taurus Targeted MS Exchange Servers Over 3 Years
Researchers at Palo Alto Networks say a Chinese-linked cyberespionage group has been targeting foreign ministries, embassies, and…
Windows 11 2025 Update (25H2) is now available, Here's what's new
Today, Microsoft announced the general availability of Windows 11 25H2, also known as Windows 11 2025 Update. Windows 11 25H2 is a minor…
Phantom Taurus: New China-Linked Hacker Group Hits Governments With Stealth Malware
Government and telecommunications organizations across Africa, the Middle East, and Asia have emerged as the target of a previously…
Chinese hackers exploiting VMware zero-day since October 2024
Broadcom has patched a high-severity privilege escalation vulnerability in its VMware Aria Operations and VMware Tools software, which has…
Microsoft fixes Windows DRM video playback issues for some users
Microsoft says it has "partially" resolved a known issue that caused problems when trying to play DRM-protected video in Blu-ray/DVD/Digital…
Microsoft Expands Sentinel Into Agentic Security Platform With Unified Data Lake
Microsoft on Tuesday unveiled the expansion of its Sentinel Security Incidents and Event Management solution (SIEM) as a unified agentic…
Windows 11 KB5065789 update released with 41 changes and fixes
Microsoft has released the KB5065789 preview cumulative update for Windows 11 24H2, which includes 41 improvements, including…
Broadcom fixes high-severity VMware NSX bugs reported by NSA
Broadcom has released security updates to patch two high-severity VMware NSX vulnerabilities reported by the U.S. National Security Agency…
Microsoft Flags AI Phishing Attack Hiding in SVG Files
Forget the old, error-filled emails you could spot easily. Cybercriminals have completely upgraded their methods, using AI (Artificial…
China-linked RedNovember Campaign Shows Importance of Patching Edge Devices
A long-running threat campaign linked to a Chinese state-sponsored cyber-espionage group highlights the importance of patching and protecting…
AI-Generated Code Used in Phishing Campaign Blocked by Microsoft
A credential phishing campaign that likely relied on AI-generated code to evade detection has been stopped by Microsoft Threat Intelligence.…
New TamperedChef Malware Leverages Productivity Tools to Gain Access and Exfiltrate Sensitive Data
A sophisticated malware campaign has emerged that weaponizes seemingly legitimate productivity tools to infiltrate systems and steal sensitive…
Weekly Recap: Cisco 0-Day, Record DDoS, LockBit 5.0, BMC Bugs, ShadowV2 Botnet & More
Cybersecurity never stops—and neither do hackers. While you wrapped up last week, new attacks were already underway. From hidden…
Microsoft Flags AI-Driven Phishing: LLM-Crafted SVG Files Outsmart Email Security
Microsoft is calling attention to a new phishing campaign primarily aimed at U.S.-based organizations that has likely utilized code generated…
Microsoft May Finally Let Windows Search Results Open in Your Default Browser
At present, in Windows 11, online search results from the search panel are forcibly opened in Microsoft Edge, regardless of whether users have…
TamperedChef Malware Rises: Deceptive Apps Use Signed Binaries and SEO Poisoning to Hijack Browsers
Field Effect’s Threat Intelligence team has uncovered a new wave of the TamperedChef malware campaign, leveraging digitally signed…
RedNovember: Chinese APT Expands Global Espionage to U.S. Defense, Aerospace, and Tech Firms
A new report from Recorded Future’s Insikt Group reveals that the Chinese state-sponsored threat group RedNovember has significantly…
DLL Hijacking Flaw (CVE-2025-56383) Found in Notepad++, Allowing Arbitrary Code Execution, PoC Available
A newly disclosed in Notepad++ v8.8.3 has been assigned CVE-2025-56383. The , rated CVSS 6.5, allows attackers to hijack Notepad++’s DLL…
Akira ransomware breaching MFA-protected SonicWall VPN accounts
Ongoing Akira ransomware attacks targeting SonicWall SSL VPN devices continue to evolve, with the threat actors found to be successfully…
Prompt Injection and Model Poisoning: The New Plagues of AI Security
You wake up. Your AI wakes up. Somewhere, a stranger types a sentence, and your AI listens. This is not science fiction. This is the…
Cybersecurity Weekly – Chrome 0-Day, 22.2 Tbps DDOS Attack, Kali Linux Release, Cisco IOS 0-Day and More
This week in cybersecurity was marked by a relentless pace of critical disclosures and unprecedented attack volumes, underscoring the…
Week in review: Cisco ASA zero-day vulnerabilities exploited, Fortra GoAnywhere instances at risk
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: How Juventus protects fans,…
Fake Microsoft Teams installers push Oyster malware via malvertising
Hackers have been spotted using SEO poisoning and search engine advertisements to promote fake Microsoft Teams installers that infect…
Hunt for RedNovember: Beijing hacked critical orgs in year-long snooping campaign
RedNovember, a Chinese state-sponsored cyberspy group, targeted government and critical private-sector networks around the globe between June…
Microsoft’s new AI feature will organize your photos automatically
Microsoft has begun testing a new AI-powered feature in Microsoft Photos, designed to categorize photos automatically on Windows 11 systems.…
Microsoft shares temp fix for Outlook encrypted email errors
Microsoft is investigating a known issue that triggers Outlook errors when opening encrypted emails sent from other organizations. According…
Microsoft Edge to block malicious sideloaded extensions
Microsoft is planning to introduce a new Edge security feature that will protect users against malicious extensions sideloaded into the web…