Microsoft lifts more safeguard holds blocking Windows 11 updates
Microsoft has removed two more compatibility holds preventing customers from installing Windows 11 24H2 via Windows Update. The first safeguard hold was added in April…
Month: October 2025
Your Next Career Power Move
By Brad Tompkins, Executive Director, VMUG Every IT pro remembers the first time they built something that just worked. A perfectly tuned lab, clean deployment,…
Hackers Using AI to Automate Vulnerability Discovery and Malware Generation
Security teams around the world are grappling with a new breed of cyber threats that leverage advanced automation to identify software weaknesses and craft malicious…
Fortune 500 companies designate specialist roles to bolster security operations teams
Fortune 500 companies have seen the structure of their security operations teams evolve in recent years, with four of every 10 companies assigning a dedicated,…
Microsoft fixes highest-severity ASP.NET Core flaw ever
Earlier this week, Microsoft patched a vulnerability that was flagged with the “highest ever” severity rating received by an ASP.NET Core security flaw. This HTTP…
Microsoft Windows 11 October Update Breaks Localhost (127.0.0.1) Connections
Microsoft’s October 2025 cumulative update for Windows 11 has disrupted localhost functionality, preventing developers and users from accessing local web applications and services via 127.0.0.1.…
F5 supply-chain hack endangers more than 600,000 internet-connected devices
More than 600,000 F5 network security devices running the company’s flagship BIG-IP software are sitting unpatched on the internet one day after the company revealed…
John Bolton indictment says suspected Iranian hackers accessed his emails, issued threats
Suspected Iranian hackers infiltrated former national security adviser John Bolton’s email account and threatened to release sensitive materials, his indictment alleges. The indictment on charges…
Hackers Using TikTok Videos to Deploy Self-Compiling Malware That Leverages PowerShell for Execution
Cybercriminals are exploiting TikTok’s massive user base to distribute sophisticated malware campaigns that promise free software activation but deliver dangerous payloads instead. The attack leverages…
From AI to Generative AI: The Evolution of Cloud Security Operations
Cloud Security plays a crucial role in the field of information security operations, handling much of the heavy lifting needed to protect systems and data.…
ClickFake Interview Campaign Used by Threat Actors to Deliver OtterCandy Malware
A North Korean-linked group, WaterPlum’s Cluster B, has evolved its tactics by introducing OtterCandy—a Node.js–based RAT and information stealer—through the ClickFake Interview campaign, with significant…
North Korean Hackers Combine BeaverTail and OtterCookie into Advanced JS Malware
The North Korean threat actor linked to the Contagious Interview campaign has been observed merging some of the functionality of two of its malware programs,…