Security
Headlines
HeadlinesLatestCVEs

Tag

#microsoft

LinkedIn will use your data to train its AI unless you opt out now

LinkedIn will not be asking for your permission to share your data for AI training. Here's how to opt out before the deadline.

Malwarebytes
Open in Source
#microsoft#git
China-Linked Hackers Hit US Tech Firms with BRICKSTORM Malware

China-backed UNC5221 targets US legal and tech firms by deploying BRICKSTORM malware on neglected VMware and Linux/BSD appliances, Google's Mandiant reports.

CVE-2025-10892: Chromium: CVE-2025-10892 Integer overflow in V8

**What is the version information for this release?** Microsoft Edge Version Date Released Based on Chromium Version 140.0.3485.94 09/25/2025 140.0.7339.208

CVE-2025-10891: Chromium: CVE-2025-10891 Integer overflow in V8

**What is the version information for this release?** Microsoft Edge Version Date Released Based on Chromium Version 140.0.3485.94 09/25/2025 140.0.7339.208

CVE-2025-10890: Chromium: CVE-2025-10890 Side-channel information leakage in V8

**What is the version information for this release?** Microsoft Edge Version Date Released Based on Chromium Version 140.0.3485.94 09/25/2025 140.0.7339.208

CVE-2025-59251: Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability

**What is the version information for this release?** Microsoft Edge Version Date Released Based on Chromium Version 140.0.3485.81 09/19/2025 140.0.7339.186

Chinese Hackers RedNovember Target Global Governments Using Pantegana and Cobalt Strike

A suspected cyber espionage activity cluster that was previously found targeting global government and private sector organizations spanning Africa, Asia, North America, South America, and Oceania has been assessed to be a Chinese state-sponsored threat actor. Recorded Future, which was tracking the activity under the moniker TAG-100, has now graduated it to a hacking group dubbed RedNovember.

Feds Tie ‘Scattered Spider’ Duo to $115M in Ransoms

U.S. prosecutors last week levied criminal hacking charges against 19-year-old U.K. national Thalha Jubair for allegedly being a core member of Scattered Spider, a prolific cybercrime group blamed for extorting at least $115 million in ransom payments from victims. The charges came as Jubair and an alleged co-conspirator appeared in a London court to face accusations of hacking into and extorting several large U.K. retailers, the London transit system, and healthcare providers in the United States.

What happens when you engage Cisco Talos Incident Response?

What happens when you bring in a team of cybersecurity responders? How do we turn chaos into control, and what is the long-term value that Talos IR provides to the organizations we work with?

Microsoft Fixed Entra ID Vulnerability Allowing Global Admin Impersonation

Microsoft patched an Entra ID vulnerability that let attackers impersonate Global Admins across tenants, risking full Microsoft 365 and Azure takeover.