Description  Researchers from Microsoft have identified phishing campaigns that abuse legitimate OAuth error and redirection mechanisms to bypass emai . . . Read more

Description  The Cybersecurity and Infrastructure Security Agency (CISA) has added a critical vulnerability affecting VMware Aria Operations to its Kn . . . Read more

Description  The Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning that a malware strain known as RESURGE can remain dorman . . . Read more

Description  Researchers have reported a growing trend of cybercriminals bypassing identity verification (IDV) systems using advanced deepfake technol . . . Read more

Description Researchers have observed a coordinated campaign (tracked as TigerJack) that publishes malicious Visual Studio Code (VSCode) extensions to . . . Read more

Description Oracle has released an emergency security update to address a critical, unauthenticated remote-code-execution vulnerability in Oracle E-Bu . . . Read more

Description Discord disclosed that an unauthorized party gained limited access to a third-party customer service/ticketing system used by Discord, exp . . . Read more

Description Microsoft has implemented a security change in Outlook to block the display of inline SVG (Scalable Vector Graphics) images, following rec . . . Read more

Description  A new phishing and malware distribution toolkit called MatrixPDF has been discovered on cybercrime forums, enabling threat actors to tran . . . Read more

Description  Cisco has released emergency security patches for three critical zero-day vulnerabilities in Cisco Adaptive Security Appliance (ASA) and . . . Read more

Description A new iteration of the LockBit ransomware marketed as LockBit 5.0 has been observed in the wild. This variant includes cross-platform bina . . . Read more

Description Microsoft has identified a new phishing campaign targeting organizations that leverages large language models (LLMs) to create obfuscated . . . Read more