Microsoft 365 ‘Direct Send’ abused to send phishing as internal users
An ongoing phishing campaign abuses a little‑known feature in Microsoft 365 called “Direct Send” to evade detection by email security...
Read more →Category: Bleeping Computer
Microsoft fixes Outlook bug causing crashes when opening emails
Microsoft has fixed a known issue that will cause the classic Outlook email client to crash when opening emails or...
Read more →
Microsoft confirms Family Safety blocks Google Chrome from launching
Microsoft has confirmed that its Family Safety parental control service is blocking users from launching Google Chrome and other web browsers...
Read more →
AMI MegaRAC bug enabling server hijacks exploited in attacks
CISA has confirmed that a maximum severity vulnerability in AMI’s MegaRAC Baseboard Management Controller (BMC) software is now actively exploited...
Read more →
British hacker ‘IntelBroker’ charged with $25M in cybercrime damages
A British national known online as “IntelBroker” has been charged by the U.S. for stealing and selling sensitive data from...
Read more →
Hackers turn ScreenConnect into malware using Authenticode stuffing
Threat actors are abusing the ConnectWise ScreenConnect installer to build signed remote access malware by modifying hidden settings within the...
Read more →
Hackers abuse Microsoft ClickOnce and AWS services for stealthy attacks
A sophisticated malicious campaign that researchers call OneClik has been leveraging Microsoft’s ClickOnce software deployment tool and custom Golang backdoors...
Read more →
New wave of ‘fake interviews’ use 35 npm packages to spread malware
A new wave of North Korea’s ‘Contagious Interview’ campaign is targeting job seekers with malicious npm packages that infect dev’s...
Read more →
Citrix warns of NetScaler vulnerability exploited in DoS attacks
Citrix is warning that a vulnerability in NetScaler appliances tracked as CVE-2025-6543 is being actively exploited in the wild, causing devices...
Read more →
Google releases Gemini CLI with free Gemini 2.5 Pro
Google has released Gemini 2.5 Pro-powered Gemini CLI, which allows you to use Gemini inside your terminal, including Windows Terminal....
Read more →
WinRAR patches bug letting malware launch from extracted archives
WinRAR has addressed a directory traversal vulnerability tracked as CVE-2025-6218 that, under certain circumstances, allows malware to be executed after...
Read more →
New ‘CitrixBleed 2’ NetScaler flaw let hackers hijack sessions
A recent vulnerability in Citrix NetScaler ADC and Gateway is dubbed “CitrixBleed 2,” after its similarity to an older exploited...
Read more →