Zero-Click AI Vulnerability Exposes Microsoft 365 Copilot Data Without User Interaction
A novel attack technique named EchoLeak has been characterized as a “zero-click” artificial intelligence (AI) vulnerability that allows bad actors...
Read more →Category: TheHackerNews
ConnectWise to Rotate ScreenConnect Code Signing Certificates Due to Security Risks
Jun 12, 2025Ravie LakshmananVulnerability / Software Security ConnectWise has disclosed that it’s planning to rotate the digital code signing certificates...
Read more →
Over 80,000 Microsoft Entra ID Accounts Targeted Using Open-Source TeamFiltration Tool
Jun 12, 2025Ravie LakshmananEnterprise Security / Active Directory Cybersecurity researchers have uncovered a new account takeover (ATO) campaign that leverages...
Read more →
Former Black Basta Members Use Microsoft Teams and Python Scripts in 2025 Attacks
Jun 11, 2025Ravie LakshmananRansomware / Cybercrime Former members tied to the Black Basta ransomware operation have been observed sticking to...
Read more →
295 Malicious IPs Launch Coordinated Brute-Force Attacks on Apache Tomcat Manager
Jun 11, 2025Ravie LakshmananNetwork Security / Threat Intelligence Threat intelligence firm GreyNoise has warned of a “coordinated brute-force activity” targeting...
Read more →
Why DNS Security Is Your First Defense Against Cyber Attacks?
In today’s cybersecurity landscape, much of the focus is placed on firewalls, antivirus software, and endpoint detection. While these tools...
Read more →
INTERPOL Dismantles 20,000+ Malicious IPs Linked to 69 Malware Variants in Operation Secure
Jun 11, 2025Ravie LakshmananCybercrime / Malware INTERPOL on Wednesday announced the dismantling of more than 20,000 malicious IP addresses or...
Read more →
5 Lessons from River Island
In today’s security landscape, budgets are tight, attack surfaces are sprawling, and new threats emerge daily. Maintaining a strong security...
Read more →
SinoTrack GPS Devices Vulnerable to Remote Vehicle Control via Default Passwords
Jun 11, 2025Ravie LakshmananIoT Security / Vulnerability Two security vulnerabilities have been disclosed in SinoTrack GPS devices that could be...
Read more →
Microsoft Patches 67 Vulnerabilities Including WEBDAV Zero-Day Exploited in the Wild
Microsoft has released patches to fix 67 security flaws, including one zero-day bug in Web Distributed Authoring and Versioning (WEBDAV)...
Read more →
Researchers Uncover 20+ Configuration Risks, Including Five CVEs, in Salesforce Industry Cloud
Jun 10, 2025Ravie LakshmananVulnerability / SaaS Security Cybersecurity researchers have uncovered over 20 configuration-related risks affecting Salesforce Industry Cloud (aka...
Read more →
Adobe Releases Patch Fixing 254 Vulnerabilities, Closing High-Severity Security Gaps
Jun 10, 2025Ravie LakshmananVulnerability / Cloud Security Adobe on Tuesday pushed security updates to address a total of 254 security...
Read more →