Researchers have identified a significant vulnerability in the Credential Security Support Provider protocol (CredSSP), impacting all current versions of Windows. This flaw could empower remote attackers to exploit both Remote Desktop Protocol (RDP) and Windows Remote Management (WinRM) to gain unauthorized access to sensitive data and execute malicious code on…
Recent reports highlight a concerning vulnerability found in Microsoft’s Windows Remote Assistance (Quick Assist) feature, affecting all versions of Windows up to the latest. This flaw opens the door for remote attackers to potentially steal sensitive files from affected systems, posing significant risks for users who rely on this functionality…
Recent findings have unveiled a significant vulnerability in Apple’s macOS that poses serious security risks, especially to organizations relying on these systems. Identified as CVE-2023-32369 and referred to as “Migraine,” this flaw allows malicious actors with root access to circumvent critical security features, enabling unauthorized actions across affected devices. The…
Data Breach Exposes Minecraft Accounts: Over 1,800 Credentials Compromised In a concerning incident for the gaming community, a data breach has recently come to light that compromises more than 1,800 Minecraft account credentials. German media sources revealed that these details, including usernames and passwords, were made available online via Pastebin.…
Cybersecurity Alert: CCleaner Faces Major Supply-Chain Malware Attack Last year, the widely utilized system optimization tool CCleaner fell victim to a significant supply-chain malware attack, marking one of the most severe cybersecurity breaches to date. Hackers infiltrated the servers of Piriform, the software’s parent company acquired by Avast in 2017,…
Recent disclosures highlight a critical and now-patched security vulnerability affecting Microsoft Windows, which has been actively exploited by threat actors. This exploit allows unauthorized users to gain elevated privileges on compromised systems. Identified as CVE-2023-29336, this flaw has been classified with a severity rating of 7.8, focusing on an elevation…
Cybercrime, Fraud Management & Cybercrime, Incident & Breach Response SmarterMail Vulnerability, Nike Data Breach Investigation, Empire Market Co-Creator Pleads Guilty Pooja Tikekar (@PoojaTikekar) • January 29, 2026 Image: Shutterstock/ISMG This week’s cybersecurity roundup covers research identifying an Android remote access Trojan (RAT) that utilizes Hugging Face’s infrastructure, alongside revelations regarding…
Microsoft has recently released critical security updates aimed at addressing significant vulnerabilities in its Windows operating system and associated software. This rollout is part of the scheduled Patch Tuesday updates for June 2023. The update addresses a total of 73 vulnerabilities, categorized by severity as follows: six are marked as…
Recent findings from security researchers indicate that some hacking groups have discovered a method to circumvent a critical security feature within Microsoft Office 365, aimed at safeguarding users from phishing and malware threats. Known as Safe Links, this feature is bundled with Microsoft’s Advanced Threat Protection (ATP) and operates by…
