Microsoft Security Keys May Require PIN After Recent Windows Updates
Microsoft has confirmed that FIDO2 security keys on Windows 11 may now prompt users to set up a PIN during authentication following specific recent updates,…
Category: CyberSecurityNews
INE Expands Cross-Skilling Innovations
Cary, North Carolina, USA, November 26th, 2025, CyberNewsWire New courses, certifications, and hands-on training strengthen workforce readiness. INE, the leading provider of hands-on IT and…
Malicious Prettier Extension on VSCode Marketplace Delivers Anivia Stealer Malware to Exfiltrate Login Credentials
A dangerous malware campaign has targeted thousands of developers through a fake extension on the Visual Studio Code Marketplace. On November 21, 2025, security researchers…
Akira Ransomware Uses SonicWall VPN Exploit to Exfiltrate Sensitive Data
The Akira ransomware group has begun weaponizing vulnerabilities in SonicWall SSL VPN devices, turning merger-and-acquisition (M&A) processes into high-speed launchpads for cyberattacks. This trend exposes…
Hackers Exploit NTLM Authentication Flaws to Target Windows Systems
More than two decades after its initial discovery, the NTLM authentication protocol continues to plague Windows systems worldwide. What started in 2001 as a theoretical…
Indirect-Shellcode-Executor Tool Exploits Windows API Vulnerability to Evade AV and EDR
A new offensive security tool developed in Rust is demonstrating a novel method for bypassing modern Endpoint Detection and Response (EDR) systems by exploiting an…
Microsoft Details Security Risks of New Agentic AI Feature
In recent weeks, discussions have centered on Microsoft’s experimental agentic AI feature, which has introduced both advanced task automation and significant security concerns. This agentic…
Developers Expose Passwords and API Keys via Online Tools like JSONFormatter
Developers are unintentionally exposing passwords, API keys, and sensitive data by pasting production information into online formatting tools such as JSONFormatter and CodeBeautify. New research…
New Attack Technique Tricks AI Browsers Using a Simple ‘#’
Security researchers at Cato CTRL have discovered a new indirect prompt injection technique called HashJack, which weaponises legitimate websites to manipulate AI browser assistants. The attack…
Tor Adopts Galois Onion Encryption to Strengthen Defense Against Online Attacks
The Tor Project has announced a significant cryptographic overhaul, retiring its legacy relay encryption algorithm after decades of service and replacing it with Counter Galois…
Apache Syncope Vulnerability Allows Attacker to Access Internal Database Content
A significant issue has been disclosed that affects multiple versions of the identity and access management platform. The flaw stems from a hardcoded default encryption…
Microsoft Teams Introduces New Feature to Boost Performance and Startup Speed
Microsoft has announced a significant update to the Teams Desktop Client for Windows that aims to enhance performance and reduce startup times for calling features.…