Microsoft Authenticator now warns to export passwords before July cutoff
The Microsoft Authenticator app is now issuing notifications warning that the password autofill feature is being deprecated in July, suggesting users move to Microsoft Edge…
Month: May 2025
Detecting Lateral Movement in Windows-Based Network Infrastructures
As cyberattacks become increasingly sophisticated, detecting lateral movement the techniques adversaries use to navigate networks after initial compromise, has become a critical focus for cybersecurity…
Dark Partner Hackers Leverage Fake AI, VPN, and Crypto Sites to Target macOS and Windows Users
A group dubbed “Dark Partners” by cybersecurity researchers has launched a sophisticated malware campaign targeting both macOS and Windows users through a network of deceptive…
Mozilla releases Firefox 139.0.1 update to fix artifacts on Nvidia GPUs
Mozilla has rolled out an emergency Firefox 139.0.1 update after the Tuesday release caused graphical artifacts on PCs with NVIDIA GPUs. Firefox 139 shipped on May…
Windows Defender Enhancements for Advanced Threat Mitigation
In the rapidly evolving cybersecurity landscape, Microsoft has doubled down on enhancing its flagship endpoint protection platform, Microsoft Defender for Endpoint (MDE), with advanced capabilities…
Thousands of ASUS routers compromised in sophisticated hacking campaign
More than 9,000 ASUS routers have been compromised in a months-long hacking campaign that researchers from GreyNoise warn may be a prelude to the creation…
US sanctions firm linked to cyber scams behind $200 million in losses
The U.S. Treasury Department has sanctioned Funnull Technology, a Philippines-based company that supports hundreds of thousands of malicious websites behind cyber scams linked to over…
Apache InLong JDBC Vulnerability Enables Deserialization of Untrusted Data
A moderate-severity vulnerability, tracked as CVE-2025-27522, has been disclosed in Apache InLong, a popular data integration platform. The flaw, affecting versions 1.13.0 through 2.1.0, centers…
Victoria’s Secret pulls down website amid security incident
Clothing and lingerie retailer Victoria’s Secret suspended most of the functionality of its website and some in-store services to “address a security incident,” according to…
GreyNoise Flags 9,000 ASUS Routers Backdoored Via Patched Vulnerability
Threat intelligence firm GreyNoise on Wednesday lifted the lid on a stealth malware campaign that has quietly converted thousands of internet-facing ASUS home and small-office…
Google: China-backed hackers hiding malware in calendar events
Listen to the article 3 min This audio is auto-generated. Please let us know if you have feedback. Dive Brief: In October, Google’s Threat Intelligence…
Apple Safari exposes users to fullscreen browser-in-the-middle attacks
A weakness in Apple’s Safari web browser allows threat actors to leverage the fullscreen browser-in-the-middle (BitM) technique to steal account credentials from unsuspecting users. By abusing the…