Apple on Tuesday released a security update to address a zero-day flaw that it said has been exploited in “extremely sophisticated” attacks. The vulnerability has been assigned the CVE identifier CVE-2025-24201 and is rooted in the WebKit web browser engine component. It has been described as an out-of-bounds write issue that could allow an attacker […]
11
Mar
Mar
Microsoft today issued more than 50 security updates for its various Windows operating systems, including fixes for a whopping six zero-day vulnerabilities that are already seeing active exploitation. Two of the zero-day flaws include CVE-2025-24991 and CVE-2025-24993, both vulnerabilities in NTFS, the default file system for Windows and Windows Server. Both require the attacker to […]
Six malicious packages have been identified on npm (Node package manager) linked to the notorious North Korean hacking group Lazarus. […]
Apple has released emergency security updates to patch a zero-day bug the company describes as exploited in “extremely sophisticated” attacks. […]
Microsoft has released the KB5053606 cumulative update for Windows 10 22H2 and Windows 10 21H2, which fixes numerous bugs, including one preventing SSH connections. […]
Today is Microsoft’s March 2025 Patch Tuesday, which includes security updates for 57 flaws, including six actively exploited zero-day vulnerabilities. […]
Microsoft has released Windows 11 KB5053598 and KB5053602 cumulative updates for versions 24H2 and 23H2 to fix security vulnerabilities and issues. […]
11
Mar
Mar
Authorities in India today arrested the alleged co-founder of Garantex, a cryptocurrency exchange sanctioned by the U.S. government in 2022 for facilitating tens of billions of dollars in money laundering by transnational criminal and cybercriminal organizations. Sources close to the investigation told KrebsOnSecurity the Lithuanian national Aleksej Besciokov, 46, was apprehended while vacationing on the […]
Microsoft announced that it will drop support for the Remote Desktop app (available via the Microsoft Store) on May 27 and replace it with its new Windows App. […]
A newly discovered clipboard hijacking operation dubbed ‘MassJacker’ uses at least 778,531 cryptocurrency wallet addresses to steal digital assets from compromised computers. […]