Cyber Security News
Microsoft Telnet Server Flaw Lets Attackers Bypass Guest Login Restrictions
A newly disclosed vulnerability in Microsoft’s Telnet Server component is making headlines after researchers revealed that attackers could exploit the flaw to bypass established guest login restrictions.
Security analysts warn...
Cyber Security News
Windows Server 2025 Gets Hotpatching Support Beginning July 1, 2025
Microsoft announced that hotpatching support for Windows Server 2025 will become generally available as a subscription service starting July 1, 2025.
This move expands a...
Cyber Security News
Windows 11 25H2 Expected to Launch with Minor Changes
Microsoft is quietly preparing the next update to its flagship operating system, Windows 11 25H2, with new evidence pointing toward a September–October 2025 release.
Unlike the...
Cyber Security News
Microsoft Defender XDR False Positive Leaked Massive 1,700+ Sensitive Documents to Publish
An alarming data leak involving Microsoft Defender XDR has exposed more than 1,700 sensitive documents from hundreds of organizations, following a chain reaction triggered...
Cyber Security News
‘SessionShark’ – A New Toolkit Bypasses Microsoft Office 365 MFA Security
Security researchers have uncovered a new and sophisticated threat to Microsoft Office 365 users: a phishing-as-a-service toolkit dubbed “SessionShark O365 2FA/MFA.”
Promoted through cybercriminal marketplaces,...
cyber security
Hackers Exploit MS-SQL Servers to Deploy Ammyy Admin for Remote Access
A sophisticated cyberattack campaign has surfaced, targeting poorly managed Microsoft SQL (MS-SQL) servers to deploy malicious tools like Ammyy Admin and PetitPotato malware.
Cybersecurity...
Cyber Security News
Microsoft’s Patch for Symlink Vulnerability Introduces New Windows Denial-of-Service Flaw
Microsoft’s recent attempt to resolve a critical privilege escalation vulnerability has inadvertently introduced a new denial-of-service (DoS) flaw in Windows systems, leaving organizations vulnerable...
cyber security
New Steganography Campaign Exploits MS Office Vulnerability to Distribute AsyncRAT
A recently uncovered cyberattack campaign has brought steganography back into the spotlight, showcasing the creative and insidious methods attackers employ to deliver malware.
This...
AI
Microsoft Offers $30,000 Bounties for AI Security Flaws
Microsoft has launched a new bounty program that offers up to $30,000 to security researchers who discover vulnerabilities in its AI and machine learning...
cyber security
Russian Hackers Exploit Microsoft OAuth 2.0 to Target Organizations
Cybersecurity firm Volexity has tracked a series of highly targeted attacks by suspected Russian threat actors, identified as UTA0352 and UTA0355.
It exploits Microsoft 365...
cyber security
Hackers Exploit Legitimate Microsoft Utility to Deliver Malicious DLL Payload
Hackers are now exploiting a legitimate Microsoft utility, mavinject.exe, to inject malicious DLLs into unsuspecting systems.
This utility, intended for injecting DLLs in Application Virtualization...