Microsoft
-
Microsoft Windows WebDAV 0-Day RCE Vulnerability Actively Exploited in The Wild
A critical zero-day vulnerability in Microsoft Windows, designated CVE-2025-33053, has been actively exploited by the advanced persistent threat (APT) group…
Read More » -
New Rust-Developed InfoStealer Drains Sensitive Data from Chromium-Based Browsers
A newly identified information-stealing malware, crafted in the Rust programming language, has emerged as a significant threat to users of…
Read More » -
Iranian APT ‘BladedFeline’ Remains Hidden in Networks for 8 Years
ESET researchers have uncovered the persistent activities of BladedFeline, an Iranian-aligned Advanced Persistent Threat (APT) group, which has maintained covert…
Read More » -
Windows Authentication Coercion Attacks Present Major Risks to Enterprise Networks
Authentication coercion remains a potent attack vector in Windows environments, enabling attackers with even low-privileged domain accounts to force targeted…
Read More » -
Microsoft Reveals Techniques for Defending Against Evolving AiTM Attacks
Microsoft has exposed the escalating sophistication of phishing attacks, particularly focusing on Adversary-in-the-Middle (AiTM) techniques that are becoming a cornerstone…
Read More » -
Attackers Exploit Microsoft Entra Billing Roles to Escalate Privileges
A recent discovery by security researchers at BeyondTrust has revealed a critical, yet by-design, security gap in Microsoft Entra ID…
Read More » -
Pure Crypter Uses Multiple Evasion Methods to Bypass Windows 11 24H2 Security Features
Pure Crypter, a well-known malware-as-a-service (MaaS) loader, has been recognized as a crucial tool for threat actors targeting Windows-based systems…
Read More » -
Dadsec Hacker Group Uses Tycoon2FA Infrastructure to Steal Office365 Credentials
Cybersecurity researchers from Trustwave’s Threat Intelligence Team have uncovered a large-scale phishing campaign orchestrated by the notorious hacker group Storm-1575,…
Read More » -
Attackers Exploit Microsoft Entra Billing Roles to Escalate Privileges in Organizational Environments
A startling discovery by BeyondTrust researchers has unveiled a critical vulnerability in Microsoft Entra ID and Azure environments, where attackers…
Read More » -
Threat Actor Sells Burger King Backup System RCE Vulnerability for $4,000
A threat actor known as #LongNight has reportedly put up for sale remote code execution (RCE) access to Burger King…
Read More » -
TAG-110 Hackers Deploy Malicious Word Templates in Targeted Attacks
The Russia-aligned threat actor TAG-110, also linked to UAC-0063 and APT28 (BlueDelta) with medium confidence by CERT-UA, has shifted tactics…
Read More » -
Russian Hackers Exploit Oracle Cloud Infrastructure to Target Scaleway Object Storage
Russian threat actors have been leveraging trusted cloud infrastructure platforms like Oracle Cloud Infrastructure (OCI) Object Storage and Scaleway Object…
Read More » -
Hackers Exploit RVTools to Deploy Bumblebee Malware on Windows Systems
A reliable VMware environment reporting tool, RVTools, was momentarily infiltrated earlier this week on May 13, 2025, to disseminate the…
Read More » -
Cybercriminal Andrei Tarasov Escapes US Extradition, Returns to Russia
Andrei Vladimirovich Tarasov, a 33-year-old Russian cybercrime figure known online as “Aels,” has returned to Russia after evading US extradition.…
Read More » -
Windows 10 KB5058379 Update Causes PCs to Enter Recovery Mode and Prompt for BitLocker Key
Security update KB5058379 for Windows 10, released in May 2025, is causing significant technical issues for numerous systems. Users report…
Read More »