Post SMTP WordPress Plug-in Exploited in Active Attacks — Update Immediately
Post SMTP WordPress Plug-in Exploited in Active Attacks — Update Immediately Threat actors are now exploiting a critical remote attack vulnerability in the popular Post SMTP WordPress plug-in, used[…]
Microsoft Teams Flaws Allowed Message Manipulation and Caller Spoofing
Microsoft Teams Flaws Allowed Message Manipulation and Caller Spoofing Security researchers have revealed four vulnerabilities in Microsoft Teams that could have allowed attackers to impersonate colleagues, modify messages, and[…]
SleepyDuck Malware Hidden in Open VSX Extension Targets Solidity Developers
SleepyDuck Malware Hidden in Open VSX Extension Targets Solidity Developers Researchers have uncovered a malicious Visual Studio Code extension that secretly installs a remote access trojan (RAT) dubbed SleepyDuck,[…]
Microsoft Detects “SesameOp” Backdoor Using OpenAI’s API for Covert Command-and-Control
Microsoft Detects “SesameOp” Backdoor Using OpenAI’s API for Covert Command-and-Control Microsoft security researchers have identified a new backdoor malware that leverages OpenAI’s Assistants API as a command-and-control (C2) channel,[…]
Microsoft Edge Gets New Scareware Sensor for Real-Time Scam Detection
Microsoft Edge Gets New Scareware Sensor for Real-Time Scam Detection Microsoft has announced a new scareware sensor for the Edge browser, enhancing its ability to detect and block tech[…]
Chrome Zero-Day Exploited by Italian Spyware Vendor Memento Labs in Operation ForumTroll
Chrome Zero-Day Exploited by Italian Spyware Vendor Memento Labs in Operation ForumTroll A critical Google Chrome zero-day vulnerability (CVE-2025-2783) exploited earlier this year has been linked to Memento Labs,[…]
Another Azure Front Door Outage — Why You Need a Business Continuity Plan (BCP)
Another Azure Front Door Outage — Why You Need a Business Continuity Plan (BCP) 🕓 On October 29, 2025, Microsoft confirmed an Azure Front Door (AFD) incident triggered by[…]
Google Denies Fake Gmail Breach Reports — 183 Million Credentials Came from Old Data Dumps
Google Denies Fake Gmail Breach Reports — 183 Million Credentials Came from Old Data Dumps Over the weekend, multiple media outlets claimed that Gmail had suffered a massive breach[…]
Qilin Ransomware Uses Linux Payloads to Attack Windows Systems
Qilin Ransomware Uses Linux Payloads to Attack Windows Systems Security researchers have uncovered a cross-platform ransomware campaign where the Qilin group (aka Agenda) deployed Linux-based binaries on Windows hosts,[…]
WSUS RCE (CVE-2025-59287) — Proof-of-Concept Out, Active Scanning Observed
WSUS RCE (CVE-2025-59287) — Proof-of-Concept Out, Active Scanning Observed A critical remote code execution (RCE) vulnerability — CVE-2025-59287 — has been discovered in Windows Server Update Services (WSUS).The flaw[…]