Microsoft’s April 2025 Patch Tuesday updates are strangely creating an empty “inetpub” folder in the root of the C: drive, even on systems that do not have Internet Information Services (IIS) installed. […]
Google Targets SOC Overload With Automated AI Alert and Malware Analysis Tools
Google plans to unleash automated AI agents into overtaxed SOCs to reduce the manual workload for cybersecurity investigators.
The post Google Targets SOC Overload With Automated AI Alert and Malware Analysis Tools appeared first on SecurityWeek.
Groucho’s Wit, Cloud Complexity, and the Case for Consistent Security Policy
The greatest security policies in the world are useless if enterprises don’t have a reasonable, consistent, and reliable way to implement them.
The post Groucho’s Wit, Cloud Complexity, and the Case for Consistent Security Policy appeared first on SecurityWeek.
AI Now Outsmarts Humans in Spear Phishing, Analysis Shows
Agentic AI has improved spear phishing effectiveness by 55% since 2023, research shows.
The post AI Now Outsmarts Humans in Spear Phishing, Analysis Shows appeared first on SecurityWeek.
Critical FortiSwitch flaw lets hackers change admin passwords remotely
Fortinet has released security patches for a critical vulnerability in its FortiSwitch devices that can be exploited to change administrator passwords remotely. […]
CentreStack RCE exploited as zero-day to breach file sharing servers
Hackers exploited a vulnerability in Gladinet CentreStack’s secure file-sharing software as a zero-day since March to breach storage servers […]
Microsoft investigates global Exchange Admin Center outage
Microsoft is investigating an ongoing outage that is blocking admins worldwide from accessing the Exchange Admin Center (EAC). […]
Lovable AI Found Most Vulnerable to VibeScamming — Enabling Anyone to Build Live Scam Pages
Lovable, a generative artificial intelligence (AI) powered platform that allows for creating full-stack web applications using text-based prompts, has been found to be the most susceptible to jailbreak attacks, allowing novice and aspiring cybercrooks to set up lookalike credential harvesting pages.
“As a purpose-built tool for creating and deploying web apps, its capabilities line up perfectly
“As a purpose-built tool for creating and deploying web apps, its capabilities line up perfectly
Who’s calling? The threat of AI-powered vishing attacks
AI is making voice phishing (vishing) more dangerous than ever, with scammers cloning voices in seconds to trick employees into handing over their credentials. Learn how to defend your organization with Specops Secure Service Desk. […]
Microsoft: April 2025 updates break Windows Hello on some PCs
Microsoft says some Windows users might be unable to log into their accounts via Windows Hello after installing the April 2025 security updates. […]