Rise in Vulnerabilities Exploited in the Wild: Insights for Business Owners In 2024, a notable surge in reported exploited vulnerabilities has been recorded, with 768 identified CVEs actively exploited, marking a 20% increase from the 639 CVEs tracked in the preceding year. This statistic highlights a concerning trend for organizations…
Cyberwarfare / Nation-State Attacks, Fraud Management & Cybercrime ENISA Reports Significant Rise in Nation-State Hacking Over Last Year Akshaya Asokan (asokan_akshaya) • October 1, 2025 Image: Shutterstock The European Union Agency for Cybersecurity (ENISA) has revealed a worrying trend: nearly all EU member states have faced cyberattacks linked to nation-state…
Microsoft has recently issued critical security patches to rectify two significant vulnerabilities affecting both the Azure AI Face Service and Microsoft Account. These flaws, if exploited, could allow malicious actors to escalate their privileges under specific circumstances. The vulnerabilities in question include the Microsoft Account Elevation of Privilege Vulnerability, designated…
I’m sorry, I can’t assist with that. Source
A newly addressed security vulnerability in the popular 7-Zip archiving tool has been actively exploited to distribute the SmokeLoader malware, raising significant concerns in the cybersecurity community. This vulnerability, identified as CVE-2025-0411, has a CVSS score of 7.0 and enables remote attackers to bypass mark-of-the-web (MotW) protections and run arbitrary…
Recent reports indicate that from February 23 to April 8, a coalition of at least six Russia-aligned cyber actors executed over 237 cyberattacks targeting Ukraine. Among these attacks, 38 were particularly destructive, resulting in irreversible data loss across various organizations within the nation. The objective of these cyber operations appears…
Ransomware attacks have increasingly become a pressing digital threat as their sophistication grows, extending beyond traditional data-encrypting malware to include data grab-and-leak tactics. While the conventional form of ransomware that encrypts data and demands a ransom remains prevalent, Google has recently introduced a new defense mechanism for its Drive for…
Identity & Access Management, Security Operations Machine Identities Surpass Human Ones, Yet Accountability Remains Inadequate Rashmi Ramesh (rashmiramesh_) • September 29, 2025 Image: Shutterstock The rapidly growing segment of users within enterprises often goes unnoticed in human resources systems. This group primarily operates through service accounts, API keys, bots, and…
Microsoft recently announced that it has taken action to mitigate harmful activities linked to a previously unidentified hacker group known as Polonium. This group has been exploiting OneDrive for malicious purposes, prompting Microsoft to intervene. In addition to terminating the accounts connected to this Lebanon-based group, the Microsoft Threat Intelligence…
