Prison communication service Pay Tel exposed hundreds of thousands of driver's licenses
Cybersecurity firm UpGuard discovered an unprotected Microsoft Azure server managed by Pay Tel containing at least 300,000 driver's license scans and other g...
20 articles
Cybersecurity firm UpGuard discovered an unprotected Microsoft Azure server managed by Pay Tel containing at least 300,000 driver's license scans and other g...
Each vulnerability was published with working proof-of-concept code to the Microsoft-owned code repository GitHub, making them immediately available to both ...
A newly analyzed ransomware strain, “The Gentlemen,” is raising concern among security researchers due to its ability to combine strong encryption with aggre...
A researcher dropped 6 Windows zero-days with no warning. Three are now exploited in the wild.
Two arbitrary code execution vulnerabilities in Notepad++ let local attackers run commands of their choice on Windows machines by tampering with the editor’s...
Microsoft 365 Copilot, an AI assistant that helps people write, summarize, analyze information, and complete work tasks, has been redesigned. It now serves a...
Ransomware operators have spent years refining the art of locking files. Now, some are working harder to get those lockers to every reachable system first.
A sophisticated supply chain attack targeting the npm ecosystem has been uncovered, involving a malicious package named js-logger-pack that evolved into a po...
TotalAV Mobile Security helps protect devices from malicious websites, SMS scams, unsafe public Wi-Fi networks, and exposed credentials. The app is available...
A malicious fake RVTools installer is abusing a legitimately issued Sectigo code‑signing certificate to slip past Microsoft Defender SmartScreen and many end...
The Mini Shai-Hulud campaign used malicious npm packages to target cloud and CI/CD credentials across developer environments. This report details the attack ...
Microsoft - NTLMv2 Hash Capture
Microsoft and Resecurity disrupted Fox Tempest, a malware-signing service that used fake Microsoft certificates to make malware look legitimate. Resecurity s...
Microsoft Threat Intelligence presents a comprehensive analysis of The Gentlemen, a Go-based ransomware deployed by affiliates of Storm-2697 that combines pe...
Microsoft has come out strongly in favor of Coordinated Vulnerability Disclosure (CVD), urging the research community to share their findings and give affect...
Microsoft 365 Copilot and Copilot Chat (Copilot) have been recertified under ISO/IEC 42001:2023 by an independent auditor for the second consecutive year. Co...
Every time you think the industry has finally stopped doing some reckless, low-effort crap, somebody spins up a fresh box full of sketchy loaders, fake insta...
U.S.
Microsoft warned the disclosure of several unpatched vulnerabilities without notice has put “customers at unnecessary risk”
Microsoft’s Windows 365 for Agents, a cloud PC platform for agentic workloads, runs AI agents in secure environments. Organizations can direct agents with na...