Microsoft is investigating a known issue that triggers Outlook errors when opening encrypted emails sent from other organizations. […]
Researchers Expose SVG and PureRAT Phishing Threats Targeting Ukraine and Vietnam
A new campaign has been observed impersonating Ukrainian government agencies in phishing attacks to deliver CountLoader, which is then used to drop Amatera Stealer and PureMiner.
“The phishing emails contain malicious Scalable Vector Graphics (SVG) files designed to trick recipients into opening harmful attachments,” Fortinet FortiGuard Labs researcher Yurren Wan said in a report shared with The
“The phishing emails contain malicious Scalable Vector Graphics (SVG) files designed to trick recipients into opening harmful attachments,” Fortinet FortiGuard Labs researcher Yurren Wan said in a report shared with The
Microsoft Edge to block malicious sideloaded extensions
Microsoft is planning to introduce a new Edge security feature that will protect users against malicious extensions sideloaded into the web browser. […]
In Other News: LockBit 5.0, Department of War Cybersecurity Framework, OnePlus Vulnerability
Other noteworthy stories that might have slipped under the radar: Co-op lost £206 million due to cyberattack, South Korean credit card company hacked, Maryland Transit Administration ransomware attack.
The post In Other News: LockBit 5.0, Department of War Cybersecurity Framework, OnePlus Vulnerability appeared first on SecurityWeek.
Interpol Says 260 Suspects in Online Romance Scams Have Been Arrested in Africa
The operation took place in July and August and focused on scams in which perpetrators build online romantic relationships to extract money from targets or blackmail them with explicit images, Interpol said.
The post Interpol Says 260 Suspects in Online Romance Scams Have Been Arrested in Africa appeared first on SecurityWeek.
The hidden cyber risks of deploying generative AI
Generative AI can boost productivity—but without safeguards, it also opens the door to phishing, fraud & model manipulation. Learn more from Acronis TRU on why AI security must be built in from the start. […]
Maximum severity GoAnywhere MFT flaw exploited as zero day
Hackers are actively exploiting a maximum severity vulnerability (CVE-2025-10035) in Fortra’s GoAnywhere MFT that allows injecting commands remotely without authentication. […]
Microsoft releases the final Windows 10 22H2 preview update
Microsoft has released the final non-security preview update for Windows 10, version 22H2, which includes fixes for the out-of-box experience and SMBv1 protocol connectivity. […]
New COLDRIVER Malware Campaign Joins BO Team and Bearlyfy in Russia-Focused Cyberattacks
The Russian advanced persistent threat (APT) group known as COLDRIVER has been attributed to a fresh round of ClickFix-style attacks designed to deliver two new “lightweight” malware families tracked as BAITSWITCH and SIMPLEFIX.
Zscaler ThreatLabz, which detected the new multi-stage ClickFix campaign earlier this month, described BAITSWITCH as a downloader that ultimately drops SIMPLEFIX, a
Zscaler ThreatLabz, which detected the new multi-stage ClickFix campaign earlier this month, described BAITSWITCH as a downloader that ultimately drops SIMPLEFIX, a
Microsoft Reduces Israel’s Access to Cloud and AI Products Over Reports of Mass Surveillance in Gaza
Microsoft has disabled services to a unit within the Israeli military after a company review had determined its AI and cloud computing products were being used to help carry out mass surveillance of Palestinians.
The post Microsoft Reduces Israel’s Access to Cloud and AI Products Over Reports of Mass Surveillance in Gaza appeared first on SecurityWeek.