Microsoft fixes known issue that breaks Windows 11 updates
Microsoft is rolling out a configuration update designed to address a known issue causing Windows Update to fail on some Windows 11 systems. The KB5062324…
Month: June 2025
New FileFix Attack Abuses Windows File Explorer to Execute Malicious Commands
A novel social engineering technique called “FileFix” that exploits Windows File Explorer’s address bar functionality to execute malicious commands, presenting a dangerous alternative to the…
America, Netflix, and Microsoft Hacked to Inject Fake Phone Numbers
Jérôme Segura, cybercriminals are exploiting search parameter vulnerabilities to inject fake phone numbers into the legitimate websites of major brands like Apple, Bank of America,…
Gonjeshke Darande Threat Actors Pose as Hacktivist Infiltrated Iranian Crypto Exchange
In a significant escalation of cyber warfare in the Middle East, suspected Israeli state-sponsored threat actors operating under the name “Gonjeshke Darande” (Predatory Sparrow) successfully…
New DRAT V2 Update Enhances C2 Protocol with Shell Command Execution Capabilities
A new variant of the DRAT remote access trojan (RAT), dubbed DRAT V2, has been uncovered as part of a TAG-140 campaign targeting Indian government…
Kali Linux 2025.1c Fixes Key Issue, Adds New Tools and Interface Updates
Kali Linux users face update errors due to a lost signing key in April 2025. Learn how to identify if your system is affected and…
Federal officials, critical infrastructure leaders remain on guard for Iran-linked hacks
Federal officials and private-sector security leaders said Tuesday that they are closely monitoring for cyberattacks related to the Iran conflict but thus far have not…
How Today’s Pentest Models Compare and Why Continuous Wins
As threat actors grow faster, stealthier, and more persistent, the approach to pentesting needs to keep evolving. Traditional, periodic assessments no longer keep up with…
Facebook, Netflix, Microsoft Hijacked to Insert Fake Phone Number
Summary 1. Scammers inject fake phone numbers into legitimate company websites (Netflix, Microsoft, Bank of America) using malicious URL parameters. 2. Cybercriminals buy Google ads…
The Hidden Front: Iran, Cyber Warfare, and the Looming Threat to U.S. Critical Infrastructure
By James Hess – CEO and Co-Founder, Unknown Cyber In today’s world, military strength is no longer defined solely by missiles and troops. The digital…
Threat Actors Exploit ConnectWise Configuration to Create Signed Malware
Threat actors have increasingly exploited vulnerabilities and configurations in ConnectWise software to distribute signed malware, masquerading as legitimate applications. Initially observed in February 2024 with…
Linux Foundation launches Agent2Agent, a protocol that enables agentic AI interoperability
The Linux Foundation launched the Agent2Agent (A2A) project, an open protocol for secure agent-to-agent communication and collaboration. The A2A protocol is a collaborative effort launched…