In 2022, a total of 55 zero-day vulnerabilities were actively exploited in the wild, primarily affecting software developed by major tech companies including Microsoft, Google, and Apple. This figure shows a decrease from the previous year’s alarming count of 81 zero-day exploits, yet it highlights an ongoing trend where threat…
Microsoft recently released important guidance for its users following the discovery of a significant vulnerability in Outlook, designated as CVE-2023-23397, which carries a high CVSS score of 9.8. This critical flaw primarily involves privilege escalation, enabling attackers to exploit it for the theft of NT LAN Manager (NTLM) hashes, potentially…
Chinese Cybercrime Group Targets Database Servers Globally Recent investigations by security firm GuardiCore Labs have uncovered a series of extensive cyber-attack campaigns spearheaded by a prominent Chinese criminal organization. These attacks, which utilize multiple innovative techniques, are primarily aimed at database servers for the illicit purposes of mining cryptocurrencies, extracting…
Microsoft’s February 2026 Patch Tuesday Addresses 54 Vulnerabilities, Including Six Zero-Day Flaws In a significant update, Microsoft has rolled out its February 2026 Patch Tuesday, which addresses 54 vulnerabilities across its software ecosystem, six of which qualify as critical zero-day vulnerabilities. This timely intervention is vital for organizations that rely…
Endpoint Security Microsoft Introduces Two New Desktop Security Initiatives Greg Sirico • February 10, 2026 Image: Shutterstock Microsoft has announced significant updates to its Windows operating system aiming to bolster runtime security and enhance user awareness regarding app permissions on sensitive desktop resources, such as files, cameras, and microphones. As…
On Friday, Google issued urgent updates to its Chrome web browser, addressing an actively exploited zero-day vulnerability. This critical security flaw, identified as CVE-2023-2033, marks the first major bug fix of the year. The vulnerability, classified as a high-severity type confusion issue within the V8 JavaScript engine, poses significant risks…
In a significant development for cybersecurity, two critical vulnerabilities in processor architecture—dubbed Meltdown and Spectre—have come to light, prompting urgent responses from technology vendors aimed at mitigating the associated risks. These vulnerabilities affect a vast range of modern processors and pose threats to virtually all operating systems, including Windows, Linux,…
Assessing Secure Boot Certificates for Enhanced Cybersecurity As organizations continue to navigate the complexities of cybersecurity, the integrity of their systems takes center stage. An essential component in ensuring that integrity is the management of Secure Boot certificates. These certificates, embedded within a computer’s firmware, authenticate the operating system at…
Governance & Risk Management: Embracing Zero Trust Presented by Microsoft Duration: 60 minutes As federal agencies progress through their Zero Trust implementations, many encounter challenges in translating strategic goals into actionable, measurable outcomes. This webinar aims to shed light on how artificial intelligence (AI) can support security teams in refining…
