access ai android api apple attack authentication backdoor breach browser business ceo china cisa cisco ciso cloud compliance control credentials crypto cve cyber cyberattack cybercrime cybersecurity data data-breach defense detection email exploit finance flaw framework fraud google governance government group hacker hacking healthcare identity infrastructure intelligence Internet jobs law leak linux malicious malware microsoft monitoring network open-source password phishing privacy ransomware remote-code-execution resilience risk russia scam service software strategy supply-chain technology theft threat tool unclassified update usa vulnerability windows zero-day
-
A Majority of European Lawmakers Voted Against Letting Big Tech Read Our Messages. They’re Going to Anyway
Tags: emailCompanies will once again be allowed to scan citizens’ personal texts, emails, and social media messages via the “Chat Control” bill to find child abuse material online. First seen on wired.com Jump to article: www.wired.com/story/a-majority-of-european-lawmakers-voted-against-letting-big-tech-read-our-messages-theyre-going-to-anyway/ also interesting: How Google’s and Yahoo’s shift to stricter email standards proved a windfall for this Armenian startup MSP Case…
-
Ransomware ecosystem grows, but ‘four-headed monster’ dominates
AI is helping hackers, a new report finds, but mostly by automating very human behaviors. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/ransomware-concentrated-ai-guidepoint/824828/ also interesting: Privilegierte Zugänge werden zum Sicherheitsrisiko Hackers Use AI-Generated Summaries to Deliver Ransomware Payloads The Changing Threat Landscape for Retailers: Why is data security working harder than last year? Why outsourced…
-
Data breach hits car insurance provider
Hackers gained access to more than 6.9 million records at AssuranceAmerica by targeting a company employee. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/data-breach-car-insurance-provider/824835/ also interesting: Cybersecurity Snapshot: Study Raises Open Source Security Red Flags, as Cyber Agencies Offer Prevention Tips Against Telecom Spying Attacks Pressure on CISOs to stay silent about security incidents growing…
-
Advens Threat Status Report 2025/2026 – So organisieren sich Ransomware-Gruppen
First seen on security-insider.de Jump to article: www.security-insider.de/ransomware-gruppen-allianzen-advens-report-2025-2026-a-87658a8cd400e3b7102f7f489fedf60d/ also interesting: North Korean Nation State Threat Actor Using Play Ransomware Ransomware Group Jumps on PHP Vulnerability Critical Veeam Vulnerability Exploited to Spread Akira and Fog Ransomware RedCurl Shifts from Espionage to Ransomware with First-Ever QWCrypt Deployment
-
Vibe-Coded Malware Caught in Active Directory Attack
Huntress found a threat actor using vibe-coded PowerShell to map an Active Directory network First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/vibe-coded-malware-ai-powershell/ also interesting: Microsoft Teams vishing attacks trick employees into handing over remote access The most notorious and damaging ransomware of all time Zscaler Threat Hunting Discovers and Reconstructs a Sophisticated Water Gamayun APT…
-
As Global Conflicts Go Digital, Businesses Need Wartime Gameplans
The fate of a Ukrainian tax software company shows how modern cyberwarfare can claim casualties far beyond the battlefield, and how businesses across the ocean still need to protect themselves. First seen on darkreading.com Jump to article: www.darkreading.com/cybersecurity-operations/businesses-wartime-cybersecurity-gameplans also interesting: Rising ClickFix malware distribution trick puts PowerShell IT policies on notice Russian APT RomCom combines…
-
The Hidden Security Risks of Reduced Summer IT Coverage
Security operations don’t slow down when IT teams take vacation, but staffing levels often do. Kaseya explains how AI-driven automation can help organizations maintain consistent security operations and reduce reliance on manual processes year-round. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/the-hidden-security-risks-of-reduced-summer-it-coverage/ also interesting: Beyond silos: How DDI-AI integration is redefining cyber resilience Polymorphic AI…
-
New Forg365 phishing platform uses AI to target Microsoft 365 accounts
A new phishing-as-a-service (PhaaS) operation called Forg365 focuses on stealing Microsoft 365 accounts by combining adversary-in-the-middle (AiTM) and device code methods with AI-assisted lure generation. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/new-forg365-phishing-platform-uses-ai-to-target-microsoft-365-accounts/ also interesting: 8 Cyber Predictions for 2025: A CSO’s Perspective Patch Tuesday for May: Five zero day vulnerabilities CISOs should focus on…
-
Extortion crew hijacks Microsoft 365 accounts via fake passkey setup
The Pink cyber extortion crew is tricking employees into giving them access to their Microsoft 365 accounts by faking Entra passkey enrollment requests. The attack The attack … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/07/09/microsoft-365-fake-passkey-setup-enrollment/ also interesting: 7 biggest cybersecurity stories of 2024 8 Cyber Predictions for 2025: A CSO’s Perspective Cybersecurity Snapshot: New…
-
Invited to a >>job interview<< with Netflix or OpenAI? Beware! Your Google password could be at risk
Have you received an email from a recruiter at Adobe, Netflix, or OpenAI offering you an exciting new marketing role? Well, before you start brushing up your interview technique, take a closer look at who is really behind it. First seen on bitdefender.com Jump to article: www.bitdefender.com/en-us/blog/hotforsecurity/invited-job-interview-netflix-openai-beware-google-password also interesting: 2025 Year of Browser Bugs Recap:…
-
764 splinter group leader sentenced to 40 years in jail
Tags: groupAlexis Chavez coerced multiple girls to commit self harm and produce child sexual abuse material for notoriety in a sprawling violent extremist collective affiliated with the Com. First seen on cyberscoop.com Jump to article: cyberscoop.com/764-splinter-group-leader-sentenced-alexis-chavez/ also interesting: Underground Ransomware Continues to Attack Industries Of Various Sizes Faraway Russian hackers breached US organization via Wi-Fi Chinese…
-
Latvian forestry company still restoring systems weeks after ransomware attack
A foreign, financially motivated group was responsible for a cyberattack on state-owned forestry company Latvijas Valsts Mezi (LVM), officials said. First seen on therecord.media Jump to article: therecord.media/latvia-state-owned-foresty-company-lvm-ransomware also interesting: Cyberattacks Wreaking Physical Disruption on the Rise BianLian ransomware claims attack on Boston Children’s Health Physicians 8 Cyber Predictions for 2025: A CSO’s Perspective APT…
-
AI Gateways Offer Attackers the Keys to the Kingdom
A cryptomining incident highlights how AI gateways can provide access to AI models, cloud infrastructure, and identity and access management (IAM) data. First seen on darkreading.com Jump to article: www.darkreading.com/cyber-risk/ai-gateways-keys-kingdom also interesting: CIO POV: Building trust in cyberspace How cybersecurity leaders can defend against the spur of AI-driven NHI Cybersecurity Snapshot: Global Agencies Target Criminal…
-
GodDamn Ransomware Attack Uses PsExec Lateral Movement and NirSoft Toolkit for Credential Theft
A targeted GodDamn ransomware incident shows the payload is not entirely new but the latest rebrand of a long-running family. Analysis reveals strong code overlap with Beast (the 2024 rebrand of Monster), and the operational playbook mirrors earlier Hyadina campaigns. Stealthy foothold, credential harvesting using NirSoft utilities, kernel-level defense subversion, remote-access tooling, and PsExec-driven lateral…
-
A Majority of European Lawmakers Voted Against Letting Big Tech Read Our Messages. They’re Going to Anyway.
Tags: emailCompanies will once again be allowed to scan citizens’ personal texts, emails, and social media messages via the “chat control” bill to find child abuse material online. First seen on wired.com Jump to article: www.wired.com/story/a-majority-of-european-lawmakers-voted-against-letting-big-tech-read-our-messages-theyre-going-to-anyway/ also interesting: US-Cert Warns DKIM Email Open To Spoofing Samsung’s image library flaw opens a zero-click backdoor AI is driving…
-
Cyber field doubts promise of Cyber Shield
The NCSC has shared more details of its national AI Cyber Shield initiative, but experts say the project faces serious delivery challenges First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366645655/Cyber-field-doubts-promise-of-Cyber-Shield also interesting: The New Frontier of Cyber Threats: Unpacking Prompt Injection, Model Poisoning and Adversarial Attacks in AI Security Shai-Hulud & Co.: The software supply…
-
AssuranceAmerica Breach Exposes 7 Million Driver’s Licenses After Employee Account Hack
AssuranceAmerica confirmed a breach exposing nearly 7 million driver’s licenses after hackers compromised an employee account and stole customer data. U.S. auto insurer AssuranceAmerica has confirmed a data breach affecting nearly 7 million people, making it the largest known theft of Americans’ driver’s license information in 2026. >>In a data breach notice sent to customers…
-
ESET-Warnung: Schadhafte AI Skills bieten KI-Agenten neue Angriffsflächen
First seen on datensicherheit.de Jump to article: www.datensicherheit.de/eset-warnung-schadhaft-ai-skills-ki-agenten-neu-angriffsflaechen also interesting: Quantum supremacy: Cybersecurity’s ultimate arms race has China way in front Defending digital identity from computer-using agents (CUAs) 4 Probleme, die CISOs behindern What CISOs need to know about the OpenClaw security nightmare
-
EU takes member states to court over unimplemented cybersecurity law
Ireland, Spain, France and the Netherlands are more than 20 months late in transposing the NIS2 Directive for the cybersecurity of critical infrastructure. First seen on therecord.media Jump to article: therecord.media/eu-cyber-filing-ireland-spain-france-netherlands-nis2 also interesting: Understanding NIS2: Essential and Important Entities 21% of CISOs pressured to not report compliance issues CIOs and CISOs grapple with DORA: Key…
-
NSA revives ‘Tailored Access Operations’ name for elite hacking unit
NSA last week changed the moniker of its Office of Computer Network Operations (CNO) back to Tailored Access Operations (TAO), a name that is sure to elicit nostalgia among the broader digital community for a group with roots in the early 1990s. First seen on therecord.media Jump to article: therecord.media/nsa-revives-tao-name-for-elite-hacking-unit also interesting: International effort erases…
-
Software-Fertigung im Fadenkreuz
Am 18. Mai 2026 injizierte eine automatisierte Angriffskampagne innerhalb von nur sechs Stunden 5.718 bösartige Commits in 5.561 GitHub Repositories. First seen on it-daily.net Jump to article: www.it-daily.net/it-sicherheit/cloud-security/software-fertigung-im-fadenkreuz also interesting: GitHub says internal repositories were impacted in poisoned VS Code extension attack GitHub Confirms Breach, 4K Internal Repos Stolen A Hacker Group Is Poisoning Open…
-
SECARDEO certEntra v2 automatisiert S/MIME- und CBA-Zertifikate für Microsoft Entra ID
Tags: microsoftFür Unternehmen bedeutet das: Zertifikatsmanagement wird nicht nur zur Frage der heutigen IT-Sicherheit, sondern auch zur Vorbereitung auf kommende kryptografische Anforderungen. First seen on infopoint-security.de Jump to article: www.infopoint-security.de/secardeo-certentra-v2-automatisiert-s-mime-und-cba-zertifikate-fuer-microsoft-entra-id/a45714/ also interesting: Microsoft Broadens Zero Trust Training to Address Network and SecOps Domains What to look for in a data protection platform for hybrid clouds CISA,…
-
SECARDEO certEntra v2 automatisiert S/MIME- und CBA-Zertifikate für Microsoft Entra ID
Tags: microsoftFür Unternehmen bedeutet das: Zertifikatsmanagement wird nicht nur zur Frage der heutigen IT-Sicherheit, sondern auch zur Vorbereitung auf kommende kryptografische Anforderungen. First seen on infopoint-security.de Jump to article: www.infopoint-security.de/secardeo-certentra-v2-automatisiert-s-mime-und-cba-zertifikate-fuer-microsoft-entra-id/a45714/ also interesting: 7 Reasons Why You Need To Replace Your Microsoft CA Microsoft shares more details on Windows 11 admin protection Microsoft to enforce MFA for…
-
Certification Authority – Was ist eine CA?
Tags: unclassifiedFirst seen on security-insider.de Jump to article: www.security-insider.de/was-ist-eine-ca-a-5f0714fc725667f756442f8d1cee02ad/ also interesting: Dotnet Source Generators in 2024 Part 1: Getting Started Auftritt auf dem Balkon: Assange fordert Ende der Hexenjagd auf WikiLeaks… Manning expected to testify at pretrial hearing: Bradley Manning, the U.S. soldier accused of leaking thousands … Hamburg als Vorreiter: Bürgerschaft beschloss Lobby-Registergesetz
-
75% CISOs Fear Executives Don’t Understand Cybersecurity Risks Employees Face
Survey of cybersecurity leaders by MetaCompliance finds that many feel boards are uninterested in ever-evolving cyber risks First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/cisos-fear-execs-dont-understand/ also interesting: 71% of CISOs hit with third-party security incident this year 15 years in, zero trust remains elusive, with AI rising to complicate the challenge Skills CISOs need to…
-
AI Attacks Move in Minutes. Join This Webinar on Building a Defense That Keeps Up
AI has changed how fast attacks move. Work that once took an attacker days now takes minutes. Using models like Mythos, attackers write tailored bait, pick targets, test what lands, and jump to the next host before your team clears the first alert.That is the gap, and it is not your fault. The tools and…
-
Attackers Exploit WordPress Plugin Vulnerabilities for Remote Code Execution and Webshell Access
A large-scale exploitation campaign is actively weaponising known vulnerabilities across multiple content management systems, with WordPress plugins forming the primary attack surface. Cyber actors are scanning the internet for vulnerable sites and chaining unauthenticated file upload, remote code execution (RCE), server-side request forgery (SSRF) and deserialization vulnerabilities to deploy webshells that grant persistent remote access.…
-
Microsoft releases fix for RoguePlanet Defender flaw (CVE-2026-50656)
Microsoft has finally released a security update for its Microsoft Malware Protection Engine, which fixes CVE-2026-50656, the Windows Defender local privilege escalation … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/07/09/microsoft-releases-fix-for-rogueplanet-defender-flaw-cve-2026-50656/ also interesting: Cybersecurity Snapshot: AI Will Take Center Stage in Cyber in 2026, Google Says, as MITRE Revamps ATTCK Framework Cybersecurity Snapshot: Global Agencies…
-
Fast die Hälfte des Datenverkehrs auf Reise-Websites stammt von bösartigen Bots
Reiseunternehmen stehen unter Druck, das Vertrauen und die Treue ihrer Kunden vor Cyberkriminellen zu schützen. Ausgeklügelte KI-gestützte Bots nehmen zunehmend Buchungssysteme, Treuekonten und kritische Reise-APIs ins Visier. Die Ergebnisse des ‘Thales Bad Bot Reports 2026″ zeigen, dass mittlerweile 49 Prozent des gesamten Datenverkehrs auf Reise-Portalen von bösartigen Bots generiert werden. Dadurch gehört die Reisebranche zu…
-
Kritische Adobe-Sicherheitslücke aktiv ausgenutzt
Eine kritische Sicherheitslücke in Adobe ColdFusion mit dem maximalen CVSS-Wert 10 wird aktiv ausgenutzt. Angreifer reagierten innerhalb von zwei Stunden. First seen on it-daily.net Jump to article: www.it-daily.net/it-sicherheit/cybercrime/adobe-sicherheitsluecke-ausgenutzt also interesting: Aktive Ausnutzung! – Kritische Sicherheitslücke in Adobe Coldfusion Ransomware-Attacken stoßen in Windows-Lücke Gefährliche Lücke in Brother-Druckern Ivantis EPM-Systeme anfällig für Angriffe
-
(g+) Open Source, Zero Knowledge: So gelingt Passwortmanagement mit Bitwarden
Bitwarden soll Kontrolle über Passwörter, Identitäten und Zugänge geben. Die wichtigste Entscheidung ist jedoch nicht, ob dieser Passworttresor läuft, sondern wo. First seen on golem.de Jump to article: www.golem.de/news/open-source-zero-knowledge-so-gelingt-passwortmanagement-mit-bitwarden-2607-210563.html also interesting: Russian APT28 compromised Western logistics and IT firms to track aid to Ukraine When AI nukes your database: The dark side of vibe coding…
-
GhostApproval Flaw Hits Six Major AI Coding Assistants
Wiz discovered GhostApproval, a symlink flaw in six major AI coding assistants that bypasses approval First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/ghostapproval-flaw-ai-coding/ also interesting: Shadow Escape 0-Click Attack in AI Assistants Puts Trillions of Records at Risk Researcher Uncovers 30+ Flaws in AI Coding Tools Enabling Data Theft and RCE Attacks Software supply chain…
-
Chinese-Funded Interpol Cybercrime Crackdown Leads to 5,800 Arrests
Operation First Light 2026, coordinated by Interpol and funded by the Chinese government, has led to 5,811 arrests First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/china-interpol-cybercrime-crackdown/ also interesting: Cybersecurity Snapshot: Study Raises Open Source Security Red Flags, as Cyber Agencies Offer Prevention Tips Against Telecom Spying Attacks 7 biggest cybersecurity stories of 2024 UK Cybersecurity…
-
GodDamn Ransomware Uses PoisonX Driver to Disable Endpoint Defenses
Cybersecurity researchers have flagged a new ransomware family called GodDamn that employs the PoisonX kernel driver to neutralize security software as part of its defense evasion strategy.According to a new report published by the Threat Hunter Team from Symantec, the ransomware was first publicly spotted in the wild on May 21, 2026. It’s assessed to…
-
Summer of Clearinghouses
Tags: unclassifiedEveryone seems to have announced a clearinghouse over the past few weeks. We did too. Ours is called Athena, and the main thing that sets it apart is that it was already real and running when we announced it, built quietly months earlier, heads down, taking findings and shipping fixes, because customers kept asking us…
-
RedHook Abuses Accessibility Service to Enable Developer Options and Wireless Debugging
RedHook, an Android Remote Access Trojan (RAT) first profiled in July 2025, has resurfaced with a markedly more dangerous capability: autonomous abuse of Android’s ADB Wireless Debugging to acquire shell-level privileges (uid 2000). While its baseline toolkit screen streaming, keylogging, Accessibility-driven UI manipulation and credential theft remains intact, the latest RedHook builds demonstrate a deliberate…
-
RedHook Abuses Accessibility Service to Enable Developer Options and Wireless Debugging
RedHook, an Android Remote Access Trojan (RAT) first profiled in July 2025, has resurfaced with a markedly more dangerous capability: autonomous abuse of Android’s ADB Wireless Debugging to acquire shell-level privileges (uid 2000). While its baseline toolkit screen streaming, keylogging, Accessibility-driven UI manipulation and credential theft remains intact, the latest RedHook builds demonstrate a deliberate…
-
AssuranceAmerica Confirms Massive Data Breach Exposing Driver’s License and Insurance Data
AssuranceAmerica, a U.S. provider of auto and renters insurance, has confirmed a significant data breach that exposed the personal information and driver’s license data of approximately 6.99 million people. This incident marks the largest known leak of Americans’ driver’s license information this year. Founded in 1998, the Atlanta-based insurer operates in more than a dozen…
-
HP Linux Imaging and Printing Software Flaw Enables Privilege Escalation Attacks
A critical vulnerability has been discovered in HP Linux Imaging and Printing Software (HPLIP), which exposes Linux systems to potential privilege escalation and remote code execution attacks. This vulnerability, tracked as CVE-2026-14544, has a CVSS v3 score of 9.8, indicating maximum severity due to its potential for network exploitation, low attack complexity, and lack of…
-
Microsoft to retire the OWA Light client in Exchange Server
Microsoft has announced plans to disable Outlook Web Access (OWA) Light, the lightweight version of the Outlook Web App email client, in a future Exchange Server update. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/microsoft-announces-owa-light-retirement-in-exchange-server/ also interesting: OAuth Identity Attack”Š”, “ŠAre your Extensions Affected? Despite Recent Security Hardening, Entra ID Synchronization Feature Remains Open for…
-
Microsoft fixed Defender flaw RoguePlanet (CVE-2026-50656)
Microsoft fixed RoguePlanet (CVE-2026-50656), a Defender flaw allowing local attackers to gain higher privileges through the Malware Protection Engine. Microsoft released security updates for RoguePlanet, a vulnerability tracked as CVE-2026-50656 (CVSS score of 7.8) affecting the Malware Protection Engine used by Defender. The Microsoft Malware Protection Engine (mpengine.dll) powers Defender’s malware scanning, detection, and removal…
-
GhostApproval Flaws Let Top AI Coding Tools Write Outside Workspaces
Wiz found GhostApproval symlink flaws in major AI coding assistants that could hide sensitive file targets, bypass approval checks and enable system access too. First seen on hackread.com Jump to article: hackread.com/ghostapproval-flaws-ai-coding-tools-outside-workspace/ also interesting: Black Hat 2025: Latest news and insights Security researchers caution app developers about risks in using Google Antigravity The Silent Threat…
-
Warum ManagedProvider beim Manufacturing 4.0 IT und OT gemeinsam denken müssen
Die Konvergenz von IT und OT schreitet mit hoher Geschwindigkeit voran und sorgt für grundlegende Veränderungen in industriellen Infrastrukturen. Immer öfter sind Produktionsanlagen, Sensorik, Edge-Geräte, IoT-Sensoren und industrielle Steuerungssysteme (ICS) eng mit klassischen IT-Infrastrukturen vernetzt. Auch für Managed-Service-Provider (MSPs) bedeutet das einen tiefgreifenden Wandel ihrer Rolle. Denn anstelle von getrennten Silos erwarten Kunden von MSPs…
-
Sovereign-Acceleration-Program von Bitdefender zur Förderung europäischer Initiativen zur Datensouveränität
Tags: cyersecurityDer europäische Anbieter für Cybersicherheit Bitdefender hat den Start seines <> bekannt gegeben. Dadurch sind europäische Organisationen in der Lage, auf eine vollständig in Europa stationierte Lösung für Datensicherheit und Hosting zu wechseln. Diese stellt sicher, dass Daten zu Kunden, Konfigurationen, Sicherheitsereignissen, Telemetrie sowie Informationen für den Kundensupport niemals außerhalb der Europäischen Union […] First…
-
Warum preemptive Security kein Trend ist
Die klassische Sicherheitslogik beruhte lange auf einer stillschweigenden Annahme: Ein Angriff wird entdeckt, analysiert und dann in Regeln, Signaturen und Playbooks übersetzt. Was gestern noch ein vernünftiges Prinzip war, wirkt unter den Bedingungen des KI-Zeitalters wie ein Modell aus einer langsameren Epoche. First seen on it-daily.net Jump to article: www.it-daily.net/it-sicherheit/cybercrime/preemptive-security-kein-trend also interesting: KI für Cyberattacken:…
-
Behörden greifen durch: Großer Schlag gegen Onlinebetrug mit über 5.800 Festnahmen
Tags: unclassifiedEinsatzkräfte aus 97 Ländern haben im Kampf gegen Cyberbetrug Tausende Verdächtige verhaftet und gestohlene Vermögenswerte beschlagnahmt. First seen on golem.de Jump to article: www.golem.de/news/behoerden-greifen-durch-grosser-schlag-gegen-onlinebetrug-mit-ueber-5-800-festnahmen-2607-210691.html also interesting: Der Nachfolger für SHA-2 Forschungsprojekt: Spionage-App fotografiert Büro-Panoramen… Webinar: How to build relationships with developers Dual-hat NSA, Cybercom arrangement continues to have bipartisan support
-
Kommentar von Mathias Widler, Netskope – Agentic AI warum Netzwerksicherheit neu gedacht werden muss
Tags: aiFirst seen on security-insider.de Jump to article: www.security-insider.de/autonome-ki-agenten-sicherheitsrisiken-machine-to-machine-kommunikation-a-f35970d7976116f39cfa9688fce3d055/ also interesting: Further Adventures With CMPivot”Š”, “ŠClient Coercion If Businesses Can’t Afford a Chief AI Officer? Here’s the Alternative Way The Code to Survival: Taiwan’s Cybersecurity Pivot Explained RSA 2025: AI’s Promise vs. Security’s Past”Š”, “ŠA Reality Check”
-
Microsoft Patches RoguePlanet Defender Flaw That Can Grant SYSTEM Privileges
Microsoft has released security updates for a Defender vulnerability known as RoguePlanet, nearly a month after details of the flaw became public.The vulnerability, tracked as CVE-2026-50656 (CVSS score: 7.8), is a privilege escalation issue in the Microsoft Malware Protection Engine (“mpengine.dll”), which provides scanning, detection, and cleaning capabilities for its antivirus and First seen on…
-
‘GodDamn’ Ransomware Uses BYOVD to Smite US Companies
Microsoft co-signed a malicious kernel driver, and now it’s being used to kill security software in ransomware attacks. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/goddamn-ransomware-byovd-smite-companies also interesting: Microsoft revokes 200 certs used to sign malicious Teams installers 10 promising cybersecurity startups CISOs should know about Top techniques attackers use to infiltrate your systems today…

