Critical flaw in Microsoft Copilot could have allowed zero-click attack
A recently fixed critical vulnerability in Microsoft’s Copilot AI tool could have let a remote attacker steal sensitive data from an organization simply by sending…
Author: Cybernoz
Hackers exploited Windows WebDav zero-day to drop malware
An APT hacking group known as ‘Stealth Falcon’ exploited a Windows WebDav RCE vulnerability in zero-day attacks since March 2025 against defense and government organizations in…
Windows Task Scheduler Vulnerability Let Attackers Escalate Privileges
A significant security vulnerability in Windows Task Scheduler could allow attackers to escalate their privileges to SYSTEM level access without requiring initial administrative rights. Designated…
295 Malicious IPs Launch Coordinated Brute-Force Attacks on Apache Tomcat Manager
Jun 11, 2025Ravie LakshmananNetwork Security / Threat Intelligence Threat intelligence firm GreyNoise has warned of a “coordinated brute-force activity” targeting Apache Tomcat Manager interfaces. The…
Brute-force attacks target Apache Tomcat management panels
A coordinated campaign of brute-force attacks using hundreds of unique IP addresses targets Apache Tomcat Manager interfaces exposed online. Tomcat is a popular open-source web…
Windows Common Log File System Driver Flaw Allows Attackers to Escalate Privileges
Microsoft addressed a critical security flaw (CVE-2025-32713) in the Windows Common Log File System (CLFS) driver during its June 2025 Patch Tuesday. The heap-based buffer…
ConnectWise is rotating code signing certificates. What happened?
Connectwise customers who use the company’s ScreenConnect, Automate, and ConnectWise RMM solutions are urged to update all agents and/or validate that the update has been…
West Brom Building Society project to meet customers’ digital demands
West Brom Building Society is embarking on a three-stage project to build the digital capabilities its customers want. The organisation, which offers mortgages and savings…
How AI agents could revolutionize the SOC — with human help
Listen to the article 8 min This audio is auto-generated. Please let us know if you have feedback. NATIONAL HARBOR, Md. — Artificial intelligence is poised…
Operation Secure disrupts global infostealer malware operations
An international law enforcement action codenamed “Operation Secure” targeted infostealer malware infrastructure in a massive crackdown across 26 countries, resulting in 32 arrests, data seizures,…
Windows Task Scheduler Flaw Allows Attackers to Escalate Privileges
A critical elevation of privilege vulnerability has been identified in the Windows Task Scheduler service, tracked as CVE-2025-33067. Officially published on June 10, 2025, by…
SpecterOps Privilege Zones enables security teams to define logical access boundaries
SpecterOps introduced Privilege Zones, a new addition to its flagship BloodHound Enterprise platform. Privilege Zones enable teams to define custom security boundaries around business-critical resources…