Microsoft has announced the release of security updates addressing 118 vulnerabilities in its software suite, two of which have been identified as actively exploited vulnerabilities in the wild. Among these vulnerabilities, three have been classified as Critical, while 113 are rated Important, and two are deemed Moderate. Notably, this Patch…
Microsoft is set to launch an update for Teams, rolling out targeted releases by early November 2025 and expected to reach a global audience by January 2026. This new feature enables users to initiate chats using only an email address, allowing for communication with recipients who do not have Teams…
On Tuesday, Microsoft publicly acknowledged that the LAPSUS$ hacking group had achieved “limited access” to its systems, coinciding with a revelation from Okta, an identity authentication services provider, indicating that nearly 2.5% of its customer base may have been affected by the breach. Microsoft’s Threat Intelligence Center (MSTIC) confirmed that…
Okta, a prominent provider of authentication services, has identified security firm Sitel as a third-party entity involved in a critical security breach that occurred in late January. This incident permitted the LAPSUS$ extortion gang to gain unauthorized access to an internal account assigned to a customer support engineer. The breach…
Fraud Management & Cybercrime, Government, Industry Specific Statewide Cyber Breach Affects 60 Agencies Before Ransomware Implementation Chris Riotta (@chrisriotta) • November 6, 2025 Image: Shutterstock/ISMG Recent analyses reveal that a ransomware threat actor compromised Nevada’s statewide government systems for several months prior to executing a ransomware attack. An after-action report…
In a recent development reflecting the persistent threat posed by Russian cyber actors, Microsoft has disclosed that the hackers behind the SolarWinds breach have resumed operations utilizing password spraying and brute-force methods to compromise customer accounts. This resurgence serves as a stark reminder that the attackers remain active and adept…
A persistent brute-force attack campaign, believed to be orchestrated by Russian military intelligence, has targeted enterprise cloud environments since mid-2019. This information is detailed in a joint advisory released by intelligence agencies in both the United States and the United Kingdom. The National Security Agency (NSA), Cybersecurity and Infrastructure Security…
Cyberwarfare / Nation-State Attacks , Fraud Management & Cybercrime Chinese Hackers Exploit Windows Vulnerability Against European Diplomats Akshaya Asokan (asokan_akshaya) , David Perera (@daveperera) • November 5, 2025 Image: AR Pictures/Shutterstock Security researchers have reported that Chinese nation-state hackers are actively using a Windows vulnerability to target European…
The campaign of Mamdani did not provide a response to inquiries for comment regarding recent developments. The New York Police Department (NYPD) significantly expanded its mass surveillance programs under Commissioner Raymond Kelly following the September 11 attacks, supported by substantial federal anti-terrorism funding. However, Ferguson highlights that former commissioner William…
