Microsoft has reinstated the ‘Material Theme – Free’ and ‘Material Theme Icons – Free’ extensions on the Visual Studio Marketplace after finding that the obfuscated code they contained wasn’t actually malicious. […]
New SuperBlack ransomware exploits Fortinet auth bypass flaws
A new ransomware operator named ‘Mora_001’ is exploiting two Fortinet vulnerabilities to gain unauthorized access to firewall appliances and deploy a custom ransomware strain dubbed SuperBlack. […]
Windows Notepad to get AI text summarization in Windows 11
Microsoft is now testing an AI-powered text summarization feature in Notepad and a Snipping Tool “Draw & Hold” feature that helps draw perfect shapes. […]
Unpatched Edimax Camera Flaw Exploited Since at Least May 2024
A recently disclosed Edimax zero-day vulnerability has been exploited in the wild by Mirai botnets for nearly a year.
The post Unpatched Edimax Camera Flaw Exploited Since at Least May 2024 appeared first on SecurityWeek.
Microsoft says button to restore classic Outlook is broken
Microsoft is investigating a known issue that causes the new Outlook email client to crash when users click the “Go to classic Outlook” button, which should help them switch back to the classic Outlook. […]
FreeType Zero-Day Being Exploited in the Wild
Meta’s Facebook security team warns of live exploitation of a zero-day vulnerability in the open-source FreeType library.
The post FreeType Zero-Day Being Exploited in the Wild appeared first on SecurityWeek.
Juniper patches bug that let Chinese cyberspies backdoor routers
Juniper Networks has released emergency security updates to patch a Junos OS vulnerability exploited by Chinese hackers to backdoor routers for stealthy access. […]
GitLab patches critical authentication bypass vulnerabilities
GitLab released security updates for Community Edition (CE) and Enterprise Edition (EE), fixing nine vulnerabilities, among which two critical severity ruby-saml library authentication bypass flaws. […]
Cisco Patches 10 Vulnerabilities in IOS XR
Cisco has released patches for 10 vulnerabilities in IOS XR, including five denial-of-service (DoS) bugs.
The post Cisco Patches 10 Vulnerabilities in IOS XR appeared first on SecurityWeek.
Microsoft Warns of ClickFix Phishing Campaign Targeting Hospitality Sector via Fake Booking[.]com Emails
Microsoft has shed light on an ongoing phishing campaign that targeted the hospitality sector by impersonating online travel agency Booking.com using an increasingly popular social engineering technique called ClickFix to deliver credential-stealing malware.
The activity, the tech giant said, started in December 2024 and operates with the end goal of conducting financial fraud and theft. It’s
The activity, the tech giant said, started in December 2024 and operates with the end goal of conducting financial fraud and theft. It’s