- CISA shares guidance for Microsoft expanded logging capabilities
- MikroTik botnet uses misconfigured SPF DNS records to spread malware
- Label giant Avery says website hacked to steal credit cards
- Hackers use Google Search ads to steal Google Ads accounts
- Microsoft ends support for Office apps on Windows 10 in October
- Over 660,000 Rsync servers exposed to code execution attacks
- CISA: Second BeyondTrust Vulnerability Added to KEV Catalog
- Extension Poisoning Campaign Highlights Gaps in Browser Security
- North Korea's Lazarus APT Evolves Developer-Recruitment Attacks
- Google Ads Users Targeted in Malvertising Scam Stealing Credentials and 2FA Codes
- Windows BitLocker bug triggers warnings on devices with TPMs
- Lazarus Group Targets Web3 Developers with Fake LinkedIn Profiles in Operation 99
- OWASP's New LLM Top 10 Shows Emerging AI Threats
- Higher Fidelity Investigations with Actionable Search, TQL Generator, and More in TI Ops 7.8
- The great Google Ads heist: criminals ransack advertiser accounts via fake Google ads
- North Korean IT Worker Fraud Linked to 2016 Crowdfunding Scam and Fake Domains
- Slew of WavLink vulnerabilities
- Google Cloud Researchers Uncover Flaws in Rsync File Synchronization Tool
- The High-Stakes Disconnect For ICS/OT Security
- FBI Deletes PlugX Malware from 4,250 Hacked Computers in Multi-Month Operation
- 3 Actively Exploited Zero-Day Flaws Patched in Microsoft's Latest Security Update
- Critical SimpleHelp Flaws Allow File Theft, Privilege Escalation, and RCE Attacks
- As Tensions Mount With China, Taiwan Sees Surge in Cyberattacks
- Microsoft Rings in 2025 With Record Security Update
- January Windows updates may fail if Citrix SRA is installed
- 1Password's Trelica Buy Part of Broader Shadow IT Play
- Apple Bug Allows Root Protections Bypass Without Physical Access
- Allstate car insurer sued for tracking drivers without permission
- FBI Wraps Up Eradication Effort of Chinese 'PlugX' Malware
- Microsoft Patch Tuesday for January 2025 — Snort rules and prominent vulnerabilities
- WP3.XYZ malware attacks add rogue admins to 5,000+ WordPress sites
- US govt says North Korea stole over $659 million in crypto last year
- Windows 10 KB5049981 update released with new BYOVD blocklist
- Microsoft January 2025 Patch Tuesday fixes 8 zero-days, 159 flaws
- Windows 11 KB5050009 & KB5050021 cumulative updates released
- Zero-Day Security Bug Likely Fueling Fortinet Firewall Attacks
- Google OAuth flaw lets attackers gain access to abandoned accounts
- Microsoft Uncovers macOS Vulnerability CVE-2024-44243 Allowing Rootkit Installation
- Google OAuth Vulnerability Exposes Millions via Failed Startup Domains
- FBI wipes Chinese PlugX malware from over 4,000 US computers