Microsoft has introduced a new Windows 11 24H2 upgrade block for systems with AutoCAD 2022, addressing compatibility issues that prevent the program from launching. […]
CISA Adds Microsoft and Zimbra Flaws to KEV Catalog Amid Active Exploitation
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday placed two security flaws impacting Microsoft Partner Center and Synacor Zimbra Collaboration Suite (ZCS) to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation.
The vulnerabilities in question are as follows –
The vulnerabilities in question are as follows –
CVE-2024-49035 (CVSS score: 8.7) – An improper access control
Have I Been Pwned adds 284M accounts stolen by infostealer malware
The Have I Been Pwned data breach notification service has added over 284 million accounts stolen by information stealer malware and found on a Telegram channel. […]
Firefox continues Manifest V2 support as Chrome disables MV2 ad-blockers
Mozilla has renewed its promise to continue supporting Manifest V2 extensions alongside Manifest V3, giving users the freedom to use the extensions they want in their browser. […]
Microsoft fixes Entra ID authentication issue caused by DNS change
Microsoft has fixed an issue that caused Entra ID DNS authentication failures when using the company’s Seamless SSO and Microsoft Entra Connect Sync. […]
GitVenom attacks abuse hundreds of GitHub repos to steal crypto
A malware campaign dubbed GitVenom uses hundreds of GitHub repositories to trick users into downloading info-stealers, remote access trojans (RATs), and clipboard hijackers to steal crypto and credentials. […]
Windows 10 KB5052077 update fixes broken SSH connections
Microsoft has released the optional KB5052077 preview cumulative update for Windows 10 22H2 with nine bug fixes and changes, including a fix for a longstanding known issue that breaks SSH connections. […]
New Auto-Color Linux backdoor targets North American govts, universities
A previously undocumented Linux backdoor dubbed ‘Auto-Color’ was observed in attacks between November and December 2024, targeting universities and government organizations in North America and Asia. […]
Chinese Botnet Powered by 130,000 Devices Targets Microsoft 365 Accounts
A China-linked botnet powered by 130,000 hacked devices has targeted Microsoft 365 accounts with password spraying attacks.
The post Chinese Botnet Powered by 130,000 Devices Targets Microsoft 365 Accounts appeared first on SecurityWeek.
Offensive AI Startup Dreadnode Secures $14M to Stress-Test AI Systems
Dreadnode is building “offensive machine learning” tools to safely simulate how AI models might be exploited in the wild.
The post Offensive AI Startup Dreadnode Secures $14M to Stress-Test AI Systems appeared first on SecurityWeek.