OpenSSH has released security updates addressing two vulnerabilities, a machine-in-the-middle (MitM) and a denial of service flaw, with one of the flaws introduced over a decade ago. […]
Monthly Archives: February 2025
Juniper Networks has patched a critical vulnerability that allows attackers to bypass authentication and take over Session Smart Router (SSR) devices. […]
18
Feb
Feb
The Microsoft Store on Windows is the best place to discover AI experiences for your PC from Microsoft and our rich developer ecosystem. In 2023, we launched the AI Hub in Store to help our users find great AI-powered apps. In the last two years, we’ve seen hundreds of new AI-capable apps join the Microsoft […]
18
Feb
Feb
Deep Research, your personal AI research assistant, is now available in the Gemini mobile app for all Gemini Advanced users. You can access it across Android and iOS to …
Microsoft Edge is racing into the new year with faster and more responsive features than ever before. Starting with Microsoft Edge 132, many of the browser’s most important features, such as Downloads, Drop, History, and the inPrivate new tab experience are now a lot faster. In fact, no less than 14 different areas of the […]
Think you’re safe because you’re compliant? Think again. Recent studies continue to highlight the concerning trend that compliance with major security frameworks does not necessarily prevent data breaches. Learn more from Pentera on how automated security validation bridges the security gaps. […]
Two security vulnerabilities have been discovered in the OpenSSH secure networking utility suite that, if successfully exploited, could result in an active machine-in-the-middle (MitM) and a denial-of-service (DoS) attack, respectively, under certain conditions. The vulnerabilities, detailed by the Qualys Threat Research Unit (TRU), are listed below – CVE-2025-26465 – The OpenSSH client
The Chinese state-sponsored threat actor known as Mustang Panda has been observed employing a novel technique to evade detection and maintain control over infected systems. This involves the use of a legitimate Microsoft Windows utility called Microsoft Application Virtualization Injector (MAVInject.exe) to inject the threat actor’s malicious payload into an external process, waitfor.exe,
Cybersecurity researchers are alerting to a new campaign that leverages web injects to deliver a new Apple macOS malware known as FrigidStealer. The activity has been attributed to a previously undocumented threat actor known as TA2727, with the information stealers for other platforms such as Windows (Lumma Stealer or DeerStealer) and Android (Marcher). TA2727 is […]
Newspaper publishing giant Lee Enterprises has confirmed that a ransomware attack is behind ongoing disruptions impacting the group’s operations for over two weeks. […]