cyberattack

In recent developments, cybersecurity researchers have uncovered a sophisticated phishing toolkit named PoisonSeed, designed to circumvent the robust protections offered by FIDO2 authentication. This malicious tool targets users of Microsoft 365, Google Workspace, and Okta by redirecting their...

Wing FTP Server, a widely used commercial file transfer solution, has become the focus of intense security scrutiny following the disclosure and real-world exploitation of the remote code execution vulnerability CVE-2025-47812. This critical flaw, actively exploited in the wild, highlights the...

On July 10, 2025, Microsoft 365 experienced a significant outage that disrupted services for thousands of users worldwide. The incident began around 5 a.m. GMT, with users reporting sudden logouts from their Outlook email accounts and error messages indicating invalid Microsoft licenses, despite...

A new ransomware variant named DEVMAN has recently emerged, targeting Windows 10 and 11 systems. This malware is a derivative of the DragonForce ransomware family, itself based on the Conti framework, but introduces unique behaviors that distinguish it from its predecessors. Technical Analysis...

Four days of total digital silence. That was the stark reality for the 20 million users of YES24, South Korea’s largest online bookstore, after a catastrophic ransomware attack forced the entire platform—website and app—offline. Orders for books, reservations for concerts, and access to digital...

In a chilling demonstration of how cybercriminals are evolving their attack strategies, security researchers recently uncovered an advanced and highly orchestrated campaign by the North Korean BlueNoroff hacking group that leverages deepfake technology, social engineering, and custom macOS...

Microsoft is currently under scrutiny following allegations that its GitHub platform may have been used to host code facilitating unauthorized data extraction from the National Labor Relations Board (NLRB). Representative Stephen Lynch has formally requested that Microsoft CEO Satya Nadella...

In recent months, the cybersecurity landscape has been rocked by a rapidly escalating campaign in which cybercriminals have weaponized TeamFiltration, a penetration testing tool, to orchestrate massive attacks on Office 365 accounts. According to incident data and credible analyses from leading...

Improper input validation remains a persistent and dangerous security concern even among well-established applications, and the recent CVE-2025-47968 affecting Microsoft AutoUpdate (MAU) underscores the ongoing risks faced by both enterprise and personal users. Microsoft AutoUpdate, responsible...

Windows Installer, long regarded as a core component of the Microsoft Windows operating system, is once again under the cybersecurity spotlight. A recent vulnerability, tracked as CVE-2025-32714, has surfaced, revealing an elevation of privilege issue rooted in improper access control. As...

Collaboration between global tech companies and law enforcement has reached new heights as the digital threat landscape evolves. The recent joint operation between Microsoft, India's Central Bureau of Investigation (CBI), and Japan’s Cybercrime Control Center (JC3) marks a significant advance in...

A staggering wave of panic has rippled across the United States in the wake of what experts are calling one of the largest security breaches in digital history. More than 184 million passwords—alongside user emails and other sensitive personal data—have potentially been exposed, implicating some...

In the still-expanding digital landscape of 2024, another catastrophic cybersecurity incident has emerged, sending shockwaves across the United States and beyond. Over 184 million passwords, along with associated email addresses and critical login links, have been exposed in a sweeping data...

In a newly issued advisory, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) has put multinational enterprises and IT professionals on high alert following a series of attacks specifically targeting Commvault’s Microsoft Azure-hosted environment. This warning, published just as...

The global scale and sophistication of cybercrime reached new heights with the recent crackdown on the notorious Lumma malware network, as revealed by Microsoft in partnership with law enforcement agencies worldwide. For many Windows users and enterprises, this revelation isn’t just another...

In recent months, cybersecurity experts have observed a significant uptick in sophisticated phishing attacks targeting Microsoft 365 users. These attacks often employ malicious HTML attachments to bypass traditional email security measures, posing substantial risks to organizations worldwide...

Here’s a summary of what happened, based on your Forbes excerpt and forum highlights: What Happened at Pwn2Own Berlin 2025? On the first day, Windows 11 was successfully hacked three separate times by elite security researchers using zero-day exploits (vulnerabilities unknown to the vendor)...

When the doors opened on the first day of Pwn2Own Berlin 2025, few could have predicted just how quickly and decisively some of the world’s most widely used enterprise operating systems would fall to the creative might of leading security researchers. Within hours, Windows 11 and Red Hat...

A newly disclosed security vulnerability, tracked as CVE-2025-30397, has captured the attention of the Windows community and cybersecurity professionals worldwide. This scripting engine memory corruption vulnerability in Microsoft’s Scripting Engine—commonly underpinning legacy browsers and...

Windows Media has long served as a critical component of the Windows ecosystem, powering media playback and streaming functionalities across millions of devices and enterprise environments. However, the recent disclosure of CVE-2025-29962—a heap-based buffer overflow vulnerability within Windows...