Microsoft has fixed a known issue that caused problems with Remote Desktop and RDS connections after installing Windows updates released since January 2025. […]
New Issuance Requirements Improve HTTPS Certificate Validation
HTTPS certificate issuance now requires Multi-Perspective Issuance Corroboration and linting to improve validation.
The post New Issuance Requirements Improve HTTPS Certificate Validation appeared first on SecurityWeek.
Morphing Meerkat Phishing Kits Target Over 100 Brands
A threat actor tracked as Morphing Meerkat abuses DNS mail exchange (MX) records to deliver spoofed login pages.
The post Morphing Meerkat Phishing Kits Target Over 100 Brands appeared first on SecurityWeek.
Fresh Grandoreiro Banking Trojan Campaigns Target Latin America, Europe
The Grandoreiro banking trojan has reemerged in new campaigns targeting users in Latin America and Europe.
The post Fresh Grandoreiro Banking Trojan Campaigns Target Latin America, Europe appeared first on SecurityWeek.
Product Walkthrough: How Datto BCDR Delivers Unstoppable Business Continuity
Long gone are the days when a simple backup in a data center was enough to keep a business secure. While backups store information, they do not guarantee business continuity during a crisis. With IT disasters far too common and downtime burning through budgets, modern IT environments require solutions that go beyond storage and enable instant recovery to minimize downtime and data loss. This is
Firefox Affected by Flaw Similar to Chrome Zero-Day Exploited in Russia
Firefox developers have determined that their browser is affected by a vulnerability similar to the recent Chrome sandbox escape zero-day.
The post Firefox Affected by Flaw Similar to Chrome Zero-Day Exploited in Russia appeared first on SecurityWeek.
PJobRAT Malware Campaign Targeted Taiwanese Users via Fake Chat Apps
An Android malware family previously observed targeting Indian military personnel has been linked to a new campaign likely aimed at users in Taiwan under the guise of chat apps.
“PJobRAT can steal SMS messages, phone contacts, device and app information, documents, and media files from infected Android devices,” Sophos security researcher Pankaj Kohli said in a Thursday analysis.
PJobRAT, first
“PJobRAT can steal SMS messages, phone contacts, device and app information, documents, and media files from infected Android devices,” Sophos security researcher Pankaj Kohli said in a Thursday analysis.
PJobRAT, first
Nine-Year-Old npm Packages Hijacked to Exfiltrate API Keys via Obfuscated Scripts
Cybersecurity researchers have discovered several cryptocurrency packages on the npm registry that have been hijacked to siphon sensitive information such as environment variables from compromised systems.
“Some of these packages have lived on npmjs.com for over 9 years, and provide legitimate functionality to blockchain developers,” Sonatype researcher Ax Sharma said. “However, […] the latest
“Some of these packages have lived on npmjs.com for over 9 years, and provide legitimate functionality to blockchain developers,” Sonatype researcher Ax Sharma said. “However, […] the latest
Mozilla Patches Critical Firefox Bug Similar to Chrome’s Recent Zero-Day Vulnerability
Mozilla has released updates to address a critical security flaw impacting its Firefox browser for Windows, merely days after Google patched a similar flaw in Chrome that came under active exploitation as a zero-day.
The security vulnerability, CVE-2025-2857, has been described as a case of an incorrect handle that could lead to a sandbox escape.
“Following the recent Chrome sandbox escape (
The security vulnerability, CVE-2025-2857, has been described as a case of an incorrect handle that could lead to a sandbox escape.
“Following the recent Chrome sandbox escape (
Hijacked Microsoft Stream classic domain spams SharePoint sites
The legacy domain for Microsoft Stream was hijacked to show a fake Amazon site promoting a Thailand casino, causing all SharePoint sites with old embedded videos to display it as spam. […]