Critical FortiSwitch flaw lets hackers change admin passwords remotely
SkyNet Automation Fortinet has released security patches for a critical vulnerability in its FortiSwitch devices that can be exploited to…
April 2025
CentreStack RCE exploited as zero-day to breach file sharing servers
Hackers exploited a vulnerability in Gladinet CentreStack’s secure file-sharing software as a zero-day since March to breach storage…
Microsoft investigates global Exchange Admin Center outage
Microsoft is investigating an ongoing outage that is blocking admins worldwide from accessing the Exchange Admin Center (EAC).
Who’s calling? The threat of AI-powered vishing attacks
AI is making voice phishing (vishing) more dangerous than ever, with scammers cloning voices in seconds to trick…
Microsoft: April 2025 updates break Windows Hello on some PCs
Microsoft says some Windows users might be unable to log into their accounts via Windows Hello after installing…
Phishing kits now vet victims in real-time before stealing credentials
Phishing actors are employing a new evasion tactic called ‘Precision-Validated Phishing’ that only shows fake login forms when…
Police detains Smokeloader malware customers, seizes servers
In follow-up activity for Operation Endgame, law enforcement tracked down Smokeloader botnet’s customers and detained at least five…
Fake Microsoft Office add-in tools push malware via SourceForge
Threat actors are abusing SourceForge to distribute fake Microsoft add-ins that install malware on victims’ computers to both…
Microsoft fixes auth issues on Windows Server, Windows 11 24H2
Microsoft has fixed a known issue causing authentication problems when Credential Guard is enabled on systems using the…
Microsoft: Windows CLFS zero-day exploited by ransomware gang
Microsoft says the RansomEXX ransomware gang has been exploiting a high-severity zero-day flaw in the Windows Common Log…