Tag Microsoft

Active Exploit: CVE-2025-24054 Targets NTLM Credentials During File Downloads

On Thursday, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) announced the addition of a medium-severity security vulnerability in Microsoft Windows to its Known Exploited Vulnerabilities (KEV) catalog. This decision follows reports indicating that the flaw is actively being exploited in real-world scenarios. The vulnerability, identified as CVE-2025-24054, received a…

Read MoreActive Exploit: CVE-2025-24054 Targets NTLM Credentials During File Downloads

Chinese Hackers Target South American Diplomats Using ShadowPad

Cyber Espionage Suspected in South American Diplomatic Attacks On Monday, Microsoft announced it has linked a China-based cyber espionage group to a series of attacks targeting diplomatic organizations in South America. The tech conglomerate’s Security Intelligence team is closely monitoring this group under the identifier DEV-0147. They characterized the recent…

Read MoreChinese Hackers Target South American Diplomats Using ShadowPad

Rising Instances of Misissued 1.1.1.1 Certificates: Here’s the Latest Update.

Cloudflare Admits to Security Oversight in TLS Certificate Management On Thursday, Cloudflare officially acknowledged a series of failures concerning its handling of TLS certificates. The company stated that it encountered three primary issues: initially, the mismanagement of IP certificates for 1.1.1.1, followed by inadequate filtering of certificate issuance alerts, and…

Read MoreRising Instances of Misissued 1.1.1.1 Certificates: Here’s the Latest Update.

⚡ This Week’s Leading Cybersecurity News — Cybersecurity Newsletter

Welcome to this week’s edition of the cybersecurity newsletter. Our goal is to arm you with the latest intelligence on cyber threats that could jeopardize your business operations. In this week’s issue, we examine critical updates regarding vulnerabilities affecting Apple devices, the rising threat of ransomware, unprecedented DDoS attacks, and…

Read More⚡ This Week’s Leading Cybersecurity News — Cybersecurity Newsletter

Microsoft Supports Sola’s $35M Investment in Autonomous AI Security

Series A Accelerates AI Development, Integration Expansion, and Product-Led Growth Strategy Michael Novinson (MichaelNovinson) • September 4, 2025 Sola Security CEO Guy Flechter and COO Ron Peled (Image: Sola Security) Sola Security, under the leadership of former Palo Alto Networks’ application security head, has successfully secured $35 million in Series…

Read MoreMicrosoft Supports Sola’s $35M Investment in Autonomous AI Security

Threats to the Internet from Misissued Certificates for 1.1.1.1 DNS Service

Potential Security Breach Due to Misissued TLS Certificates A recent alarming security discovery has raised concerns about the vulnerabilities inherent in the public key infrastructure (PKI) supporting internet trust. The precise details surrounding the organization or individual responsible for acquiring unauthorized credentials remain unclear, as representatives from Fina have not…

Read MoreThreats to the Internet from Misissued Certificates for 1.1.1.1 DNS Service

Google Reveals 75 Zero-Day Exploits in 2024 — 44% Aimed at Enterprise Security Solutions

In a recent report, Google disclosed its findings on the exploitation of 75 zero-day vulnerabilities throughout 2024, a decline from 98 detected in 2023 yet an increase from the previous year’s 63. Notably, 44% of these vulnerabilities primarily targeted enterprise products, with 20 affecting security software and appliances. The Google…

Read MoreGoogle Reveals 75 Zero-Day Exploits in 2024 — 44% Aimed at Enterprise Security Solutions

Silver Fox APT Exploits Windows Driver in Ongoing Campaign

Cyberwarfare / Nation-State Attacks, Fraud Management & Cybercrime Exploitation of Microsoft Blocklist Gap: Silver Fox’s Undetected Operations Pooja Tikekar ( @PoojaTikekar) • September 2, 2025 Image: Jim Cumming/Shutterstock A cyber-espionage campaign attributed to a Chinese nation-state actor, identified as Silver Fox, has successfully exploited a gap in Microsoft’s signed driver…

Read MoreSilver Fox APT Exploits Windows Driver in Ongoing Campaign