Microsoft today released updates to plug at least 121 security holes in its Windows operating systems and software, including one vulnerability that is already being exploited in the wild. Eleven of those flaws earned Microsoft's most-dire "critical" rating, meaning malware or malcontents could exploit them with little to no interaction from Windows users. The zero-day flaw already seeing exploitation is CVE-2025-29824, a local elevation of privilege bug in the Windows Common Log File System driver. READ MORE...
WK Kellogg Co. confirmed that at least one employee was affected in a December hack related to a vulnerability in Cleo file-transfer software, according to a regulatory filing with the Maine Attorney General's office. The Michigan-based breakfast cereal company said Cleo servers, which were used to transfer employee files, were hacked on Dec. 7. WK Kellogg said it first learned of the hacking incident on Feb. 27. READ MORE...
The pressure of the looming tax filing deadline (April 15th in the US) can make anyone rush online tasks. Cybercriminals are acutely aware of this increased activity and are exploiting trusted platforms like Google to target Intuit QuickBooks users. By purchasing prominent Google Ads, they are creating highly convincing fake login pages designed to pilfer sensitive information, including usernames, passwords, and even one-time passcodes. READ MORE...
Several industrial giants have released their ICS security advisories for the March 2025 Patch Tuesday. Siemens has published nine new advisories. One advisory urges customers to replace the Sentron 7KT PAC1260 Data Manager with the newer PAC1261. The former is affected by critical vulnerabilities that can allow an attacker to access files and execute arbitrary code, but it will not receive any patches. READ MORE...
Fortinet on Tuesday announced patches for 10 vulnerabilities across its products, including a critical-severity bug in FortiSwitch. Tracked as CVE-2024-48887 (CVSS score of 9.3), the FortiSwitch issue could allow an attacker to modify administrative passwords, the company warns. "An unverified password change vulnerability in FortiSwitch GUI may allow a remote unauthenticated attacker to modify admin passwords via a specially crafted request," reads Fortinet's advisory. READ MORE...
On Tuesday, Ivanti, VMware, and Zoom announced fixes for dozens of vulnerabilities across their products, including numerous high-severity bugs. Ivanti released security updates that resolve six vulnerabilities in Endpoint Manager, including a high-severity security defect (CVE-2025-22466) that allows unauthenticated attackers to perform XSS attacks to obtain admin privileges. Ivanti says it has no evidence of any of these vulnerabilities being exploited in the wild. READ MORE...
A dangerous remote access Trojan (RAT) that can surreptitiously hijack Windows devices and steal credentials from more than 270 applications is spreading via various social media channels, posing a significant threat to organizations, researchers warn - even though its creators insist it's aimed at legitimate use. Those creators have released a free, open source version of Neptune on GitHub and are also advertising its availability via Telegram and YouTube. READ MORE...
A significant spike in exploitation attempts targeting TVT NVMS9000 DVRs has been detected, peaking on April 3, 2025, with over 2,500 unique IPs scanning for vulnerable devices. The attacks attempt to exploit an information disclosure vulnerability first disclosed by an SSD Advisory in May 2024, which published the full exploitation details on retrieving admin credentials in cleartext using a single TCP payload. READ MORE...
Bad vibes are big news in privacy right now, with the public feeling isolated in securing their sensitive information from companies, governments, AI models, and scammers. That's the latest from Malwarebytes research conducted this month, which revealed that the vast majority of people are concerned about wrongful data access from nearly every corner of their lives. The anxieties are easy to trace. READ MORE...
Google has patched 62 vulnerabilities in Android, including two zero-days that are actively being exploited in attacks, tracked as CVE-2024-53197 and CVE-2024-53150. CVE-2024-53197 is a privilege escalation flaw found in the USB audio sub-component of the Linux Kernel. Local attackers are able to exploit the bug to access sensitive information on devices without any user interaction. According to researchers at Malwarebytes Labs, this was the link between two other vulnerabilities. READ MORE...
WhatsApp users are urged to update the Windows client app to plug a serious security vulnerability (CVE-2025-30401) that may allow attackers to trick users into running malicious code. Meta classifies the vulnerability as a spoofing issue that makes all WhatsApp for Windows versions prior to v2.2450.6 display sent attachments according to their MIME (media) type - i.e., the metadata that says what kind of file it is. READ MORE...