Microsoft today released updates to fix at least 137 security vulnerabilities in its Windows operating systems and supported software. None of the weaknesses addressed this month are known to be actively exploited, but 14 of the flaws earned Microsoft's most-dire "critical" rating, meaning they could be exploited to seize control over vulnerable Windows PCs with little or no help from users. READ MORE...
Ingram Micro says it is gradually reactivating customer's ordering capabilities across the world, region by region, now its ransomware attack is thought to be "contained". The distie's update on Tuesday confirmed that three days after pulling systems offline to handle its ransomware attack: "we believe the unauthorized access to our systems in connection with the incident is contained and the affected systems remediated." READ MORE...
Japan-based Nippon Steel Solutions on Tuesday disclosed a data breach that resulted from the exploitation of a zero-day vulnerability. Nippon Steel Solutions, also called NS Solutions, offers cloud, cybersecurity and other IT solutions. The company is a subsidiary of Japanese steel giant Nippon Steel, which recently acquired US Steel in a controversial deal. Nippon Steel Solutions said in a statement posted on its website that it detected suspicious activity on some servers on March 7. READ MORE...
Italian authorities and FBI agents have arrested a Chinese man who allegedly helped Beijing's Hafnium group conduct a series of high-profile cyberattacks in 2020 and 2021. Xu Zewei, 33, faces charges of hacking into the computers of U.S. researchers studying the COVID-19 virus and exploiting vulnerabilities in Microsoft Exchange servers that kicked off a global attack spree. The Justice Department announced his indictment and arrest on Tuesday. READ MORE...
Ivanti, Fortinet, and Splunk on Tuesday announced patches for dozens of vulnerabilities across their product portfolios, including critical- and high-severity flaws. Security updates released for Ivanti Connect Secure (ICS) and Policy Secure (IPS), Endpoint Manager Mobile (EPMM), and Endpoint Manager (EPM) resolve a total of 11 bugs that require authentication to be exploited. READ MORE...
Samsung has announced multiple data security and privacy enhancements for its upcoming Galaxy smartphones running One UI 8, its custom user interface on top of Android. Key highlights include the introduction of a system-level architecture named Knox Enhanced Encrypted Protection (KEEP), upgrades to Knox Matrix, and the addition of quantum resistance to WiFi connectivity. With AI tools taking an increasing role in day-to-day smartphone use, protecting user inputs has become more crucial. READ MORE...
Attackers are abusing a commercial evasion framework for red teamers as a delivery system for post-exploit payloads in a number of financially motivated infostealer campaigns. Researchers from Elastic Security Labs first observed threat actors using an "illicitly acquired" version of Shellter Elite version 11.0, a commercial anti-virus/endpoint detection and response (AV/EDR) evasion framework, to package payloads in late April 2025. READ MORE...
Congress must reauthorize a cybersecurity threat information sharing law before it expires in October, a group of leading technology companies told lawmakers on Monday. The 2015 Cybersecurity Information Sharing Act "has enabled rapid dissemination of actionable threat intelligence to protect networks before an incident occurs, more coordinated responses to cyber incidents, and improved situational awareness across multiple sectors," the Hacking Policy Council said. READ MORE...
Google's new Gemini Pro 2.5 ranks as the most trustworthy artificial intelligence (AI) modeling platform, with OpenAI's GPT 4o-mini coming in at a close second, according to an assessment of the leading large language model (LLM) environments published by startup vendor Tumeryk. Platforms with the lowest AI trust scores were DeepSeek R1 and Alibaba's Qwen, based on the company's latest AI Trust Score. READ MORE...
A critical vulnerability allowing hackers to bypass multifactor authentication in network management devices made by Citrix has been actively exploited for more than a month, researchers said. The finding is at odds with advisories from the vendor saying there is no evidence of in-the-wild exploitation. Tracked as CVE-2025-5777, the vulnerability shares similarities with CVE-2023-4966, a security flaw nicknamed CitrixBleed, which led to the compromise of 20,000 Citrix devices two years ago. READ MORE...