threat intelligence

CVE-2025-53740 — Microsoft Office “use‑after‑free” (local code execution) An in‑depth feature for security teams, admins and threat hunters Summary (tl;dr) CVE-2025-53740 is reported by Microsoft as a use‑after‑free (CWE‑416) memory‑corruption flaw in Microsoft Office that can allow an attacker...

Microsoft’s own Security Update Guide lists a new vulnerability tracked as CVE-2025-53766, described as a heap-based buffer overflow in GDI+ that could allow remote code execution over a network, but independent public records and third‑party databases were not uniformly available at the time of...

Headline: CVE-2025-53733 — What you need to know about the new Microsoft Word RCE caused by incorrect numeric conversions Lede: Microsoft has published advisory CVE-2025-53733 for a remote‑code‑execution class bug in Microsoft Office Word described as an “incorrect conversion between numeric...

Title: CVE-2025-53153 — Windows RRAS "Uninitialized Resource" Information-Disclosure: What admins need to know and do now Summary CVE-2025-53153 is an information-disclosure vulnerability in Microsoft’s Routing and Remote Access Service (RRAS). According to Microsoft, the issue stems from the...

Microsoft has assigned CVE-2025-50168 to a Windows kernel vulnerability in the Win32K ICOMP component described as "Access of resource using incompatible type ('type confusion')" that can allow an authorized local user to elevate privileges; Microsoft’s advisory is published in the Security...

A recently published Microsoft advisory warns that CVE-2025-49762 — a race-condition flaw in the Windows Ancillary Function Driver for WinSock (AFD.sys) — can allow a locally authorized attacker to elevate privileges by exploiting concurrent execution using a shared resource with improper...

A heap‑based buffer overflow found in Microsoft Excel, tracked as CVE‑2025‑53741, has been published in Microsoft's Security Update Guide as a vulnerability that can allow an attacker to execute code on a victim machine when a crafted spreadsheet is opened; administrators and users should treat...

A Microsoft Security Update Guide entry for CVE-2025-33051 describes an information disclosure vulnerability affecting Microsoft Exchange Server, and the appearance of that CVE on the vendor’s advisory should put any on‑premises Exchange administrator on high alert. At the time of writing...

Abnormal AI’s latest update to its Security Posture Management platform marks a significant leap forward in the race to secure Microsoft 365 environments, meeting the growing demand for automated, AI-driven defense against sophisticated threat actors and accidental misconfigurations. As...

Microsoft has unveiled its new AI-powered Phishing Triage Agent within Microsoft Defender, now available in public preview, marking a significant evolution in the way organizations approach email threat detection and response. As cyber threats continue to escalate in complexity and volume...

In a significant move to reshape Microsoft 365 security, Abnormal AI has unveiled a major update to its Security Posture Management solution, placing advanced AI-driven protection, automated prioritization, and actionable remediation front and center for enterprises navigating the labyrinth of...

Cybersecurity in the corporate realm now sits at the top of IT agendas for organizations of all sizes, as email remains the most common vector for threats like phishing, ransomware, and sophisticated malware attachments. Microsoft Exchange Online Protection (EOP) has long held dominance due to...

The age of digital transformation has transitioned from an anticipated future to a defining reality where continuous disruption is now the standard. Artificial intelligence, quantum computing, intelligent agents, and other transformative technologies are already changing the business landscape...

A new wave of critical vulnerabilities in Microsoft SharePoint has come to light with the release of a comprehensive Malware Analysis Report (MAR) by the US Cybersecurity and Infrastructure Security Agency (CISA). The report shines a spotlight on dangerous exploitation chains—most notably one...

An alarming new wave of cybercrime has emerged, leveraging the very security tools designed to shield organizations from harm. Recent research reveals that phishing actors are now abusing link-wrapping and URL-rewriting services—trusted pillars of enterprise email protection—to sneak malicious...

A new wave of cyberattacks has exposed a dangerous flaw in trusted email security services, as hackers have successfully exploited protective link-wrapping features to orchestrate large-scale phishing campaigns targeting Microsoft 365 logins. By hijacking the mechanisms designed to keep users...

Cloudflare has issued a stark warning about a new and highly sophisticated wave of phishing attacks targeting Microsoft 365 users, drawing attention to a dangerous exploitation of a trusted email security feature: link wrapping. In recent weeks, both enterprise and consumer accounts have come...

A wave of highly sophisticated phishing attacks has put Microsoft 365 users—and the very foundations of modern email security—at risk, exposing a perilous paradox: the same technologies designed to protect cloud productivity platforms are now being systematically exploited to facilitate...

The launch of Thorium, the open-source malware analysis platform unveiled by the Cybersecurity and Infrastructure Security Agency (CISA), marks a significant milestone in the evolution of threat intelligence and response capabilities for organizations worldwide. With cyberattacks growing in...

A sophisticated phishing campaign exploiting trusted email security tools has rattled the cybersecurity landscape, exposing a dismally clever strategy that turns protective mechanisms into attack vectors. Between June and July 2025, researchers at Cloudflare uncovered an operation wherein...