Microsoft
-
Advanced Features Bypass AI Detection and Steal Password Manager Data
The Python-based information-stealing tool Xillen Stealer has reached versions 4 and 5, significantly expanding its targeting capabilities and functionality across…
Read More » -
Critical Azure Bastion Vulnerability Lets Attackers Bypass Login and Gain Higher Privileges
Microsoft disclosed a critical authentication bypass vulnerability in Azure Bastion, its managed remote access service, enabling attackers to escalate privileges…
Read More » -
AppleScript Used to Deliver macOS Malware Disguised as Zoom & Teams Updates
Since Apple removed the popular “right-click and open” Gatekeeper override in August 2024, threat actors have shifted their tactics to…
Read More » -
Microsoft Patch Tuesday for November 2025
CVE-2025-62199 Microsoft Office Use after free in Microsoft Office allows an unauthorized attacker to execute code locally. Remote Code Execution…
Read More » -
New Microsoft Teams Feature Exposes Users to Phishing and Malware Risks
Microsoft is poised to roll out a significant update to Teams, enabling users to initiate chats with anyone using just…
Read More » -
AI-Powered Cyber Threats Rise: Attackers Target Manufacturing Sector
A comprehensive new report reveals that manufacturing organizations are grappling with a dual challenge: rapidly adopting generative AI technologies while…
Read More » -
Threat Actors Use Stolen RDP Credentials to Deploy Cephalus Ransomware
A new ransomware group, Cephalus, has emerged in the cybersecurity threat landscape, targeting organizations through compromised Remote Desktop Protocol (RDP)…
Read More » -
AI Browsers That Beat Paywalls by Imitating Humans
The emergence of AI-powered browsers represents a significant shift in how artificial intelligence interacts with web content. However, it has…
Read More » -
BitLocker Recovery Risk After October 2025 Updates
Microsoft has issued an urgent advisory for Windows users, confirming that a recent set of security updates released after October…
Read More » -
Open VSX Registry Responds to Leaked Tokens and Malicious Extension Incident
The Open VSX team and Eclipse Foundation have addressed a significant security incident involving leaked authentication tokens and malicious extensions…
Read More » -
New BOF Tool Bypasses Microsoft Teams Cookie Encryption to Steal User Chats
Cybersecurity researchers at Tier Zero Security have released a specialised Beacon Object File (BOF) tool that exploits a critical weakness…
Read More » -
Hackers Hide SSH–Tor Backdoor Inside Weaponized Military Documents
In October 2025, cybersecurity researchers at Cyble Research and Intelligence Labs (CRIL) uncovered a sophisticated malware campaign distributing weaponized ZIP…
Read More » -
Akira Ransomware Strikes Apache OpenOffice, Allegedly Exfiltrates 23GB of Data
The notorious Akira ransomware gang announced on October 29, 2025, that it successfully penetrated the systems of Apache OpenOffice, claiming…
Read More » -
Attackers Exploit Windows Server Update Services Flaw to Steal Sensitive Organizational Data
Sophos researchers have identified real-world exploitation of a newly disclosed vulnerability in Windows Server Update Services (WSUS), where threat actors…
Read More » -
Threat Actors Abuse AzureHound Tool to Enumerate Azure and Entra ID Environments
The cybersecurity landscape continues to shift toward cloud-based attacks, with threat actors increasingly exploiting legitimate security tools for malicious reconnaissance.…
Read More » -
New Attack Chains Ghost SPNs and Kerberos Reflection to Elevate SMB Privileges
Microsoft has addressed a critical privilege escalation vulnerability affecting Windows environments worldwide. Attackers can exploit misconfigured Service Principal Names (SPNs)…
Read More » -
Microsoft DNS Outage Disrupts Azure and Microsoft 365 Services Worldwide
Microsoft experienced a widespread service outage on Wednesday, October 29, 2025, affecting its Azure cloud platform and Microsoft 365 suite,…
Read More » -
10 Best Cloud Access Security Brokers (CASB) in 2025
The year 2025 marks a new era in enterprise cloud adoption, characterized by a complex tapestry of Software-as-a-Service (SaaS) applications,…
Read More »