Recently leaked Windows zero-days now exploited in attacks

Threat actors are exploiting three recently disclosed Windows security vulnerabilities in attacks aimed at gaining SYSTEM or ...

Hackers exploit Marimo flaw to deploy NKAbuse malware from Hugging Face

Hackers are exploiting a critical vulnerability in Marimo reactive Python notebook to deploy a new variant of NKAbuse malware ...
Security Boulevard

Shadow Admins in Active Directory: Hidden Privilege Paths Attackers Exploit

What Are Shadow Admins in AD? A common problem we encounter within many customer AD environments are accounts that, at first ...

Cisco Systems issues three advisories for critical vulnerabilities in Webex, ISE

The cloud-based Webex service has already been patched, but admins must replace an identity provider certificate in Webex ...

Unpatched Microsoft Defender flaw lets hackers gain admin access

A security researcher has published a working exploit for a Microsoft Defender security flaw that affects Windows 10, 11, and ...

Hackers used AI to steal hundreds of millions of Mexican government and private citizen records in one of the largest cybersecurity breaches ever

A group of hackers used both Claude Code and ChatGPT in a cybersecurity hack that lasted two and a half months.
CSO Online

Microsoft’s Windows Recall still allows silent data extraction

A cybersecurity researcher says Recall’s redesigned security model does not stop same-user malware from accessing plaintext ...

Despite Cease-Fire, Iran’s Hackers Haven’t Logged Off

Tehran’s digital warriors have continued to seek ways to gain an advantage in the conflict in a new phase of cyberspace ...
Microsoft

Dissecting Sapphire Sleet’s macOS intrusion from lure to compromise

The Microsoft Defender Security Research Team uncovered a sophisticated macOS intrusion campaign attributed to the North ...