A critical server-side vulnerability in Instagram’s infrastructure allowed unauthenticated attackers to access private photos and captions without a login or follower relationship, according to a…
Attackers are increasingly turning their attention to construction firms by abusing weaknesses in business software that runs on their job sites. One of the newest…
A massive database containing 149 million stolen login credentials was discovered exposed online without password protection or encryption. Posing serious security risks to users of…
A new malware campaign is exploiting fake Blue Screen of Death warnings and trusted Microsoft build tools to deliver a dangerous remote access trojan. The…
Microsoft has launched an urgent investigation into severe stability issues plaguing the January 2026 security update for Windows 11, following reports that the patch is…
A sophisticated “homoglyph” phishing campaign targeting customers of Marriott International and Microsoft. Attackers are registering domains that replace the letter “m” with the combination “rn”…
The Cybersecurity and Infrastructure Security Agency (CISA) has added a critical vulnerability affecting Broadcom’s VMware vCenter Server to its Known Exploited Vulnerabilities (KEV) catalog. This…
Microsoft is preparing to deploy a significant, potentially controversial update to Microsoft Teams that automatically detects and displays a user’s physical work location based on…
Microsoft has unveiled the public preview of WinApp CLI (winapp), a new open-source command-line tool designed to simplify Windows app development for developers using diverse…
Microsoft Defender researchers have exposed a sophisticated adversary-in-the-middle (AiTM) phishing campaign targeting energy sector organizations through SharePoint file-sharing abuse. The multi-stage attack compromised multiple user…
Microsoft has unveiled the public preview of WinApp CLI (winapp), a new open-source command-line tool designed to simplify Windows app development for developers using diverse…
Active exploitation of a critical authentication bypass vulnerability in the GNU InetUtils telnetd server (CVE-2026-24061) has been observed in the wild, allowing unauthenticated attackers to…
