Acer is working to address two maximum-severity zero-day vulnerabilities affecting its Wave 7 mesh routers. […]
Tag: working
AI, Global Security News
Microsoft Exchange Online outage causes email delays, failures
Microsoft is working to address a widespread service issue affecting the mail flow pipeline for Exchange Online customers across North America and Germany. […]
Global Security News
Microsoft confirms outage affecting MFA, My Sign-Ins platform
Microsoft is working to address an ongoing incident preventing customers from setting up multi-factor authentication (MFA) or accessing the My Sign-Ins platform. […]
AI, Global Security News, malware
Ukraine identifies infostealer operator tied to 28,000 stolen accounts
The Ukrainian cyberpolice, working in conjunction with U.S. law enforcement, has identified an 18-year-old man from Odesa suspected of running an infostealer malware operation targeting users of an online store in California. […]
Global Security News
OpenAI Is Preparing to File for an IPO Very Soon
The artificial-intelligence giant is working with bankers at Goldman Sachs and Morgan Stanley.
Global Security News
OpenAI Is Preparing to File for an IPO Very Soon
The artificial-intelligence giant is working with bankers at Goldman Sachs and Morgan Stanley.
Exploits, Global Security News
Microsoft provides mitigation for “YellowKey” BitLocker bypass flaw (CVE-2026-45585)
Microsoft is working on a fix for CVE-2026-45585 (aka “Yellowkey”), a vulnerability that can be used by attackers to bypass protections offered by BitLocker, the full-disk encryption feature built into Windows, and access users’ data. In the meantime, the company has provided step-by-step mitigation advice to protect affected Windows devices from exploitation. CVE-2026-45585 and the…
AI, Exploits, Global Security News, Network Security
DirtyDecrypt: PoC Released for yet another Linux flaw
DirtyDecrypt (CVE-2026-31635): working PoC out for a Linux kernel LPE flaw. Missing COW guard in rxgk_decrypt_skb lets local attackers reach root. After Copy Fail, Dirty Frag, and Fragnesia, here comes DirtyDecrypt, another local privilege escalation vulnerability in the kernel, this time with a working proof-of-concept already out in the open. The flaw was discovered and…
AI, Cybersecurity, Global Security News
Global Cyber Agencies Issue New SBOMs for AI Guidance to Tackle AI Supply Chain Risks
The G7 Cybersecurity Working Group releases new SBOM for AI guidance, outlining seven key data clusters to boost transparency and security across AI supply chains
china, Global Security News
Alleged Silk Typhoon hacker extradited to the United States to face charges
A man accused of working as a hacker for China’s Ministry of State Security has been extradited to the USA from Italy, and faces – if found guilty – the prospect of decades behind bars. Read more in my article on the Hot for Security blog.
Global Security News
Microsoft says backend change broke Teams Free chat and calls
Microsoft is working to resolve a known issue that prevents some Microsoft Teams Free users from chatting and calling others. […]
AI, Compliance, Europe, Global Security News, privacy
GDPR works, but only where someone enforces it
A new measurement study of web tracking across ten countries offers a reality check for anyone working on privacy compliance. Researchers crawled the same set of globally popular websites from virtual machines located in Australia, Brazil, Canada, Germany, India, Singapore, South Africa, South Korea, Spain, and California. The results show that European privacy law does…
Global Security News
Former Ransomware Negotiator Pleads Guilty to Working For BlackCat Cyber Gang
A former ransomware negotiator has pleaded guilty to abusing his position by working with noted cybercrime group BlackCat
AI, Apps, Exploits, Global Security News, Risk Management
AI Model Claude Opus turns bugs into exploits for just $2,283
Claude Opus created a working Chrome exploit for $2,283, showing that widely available AI models can already find and weaponize vulnerabilities. Claude Opus managed to produce a functional Chrome exploit for just $2,283, raising concerns about how easily AI can be used to find and exploit vulnerabilities. Below is the cost of the experiment: Model…
Exploits, Global Security News, Network Security
Google makes it harder to exploit Pixel 10 modem firmware
Google is working to improve the security of Pixel phones by focusing on the cellular baseband modem, a part of the device that handles communication with mobile networks and processes external data. In the Pixel 9, the company introduced measures to reduce memory-related vulnerabilities. With the Pixel 10, the approach goes further by integrating a…
AI, Global Security News
Microsoft still working to fix Exchange Online mailbox access issues
Microsoft is investigating and working to resolve Exchange Online mailbox access issues that have intermittently affected Outlook mobile and macOS users for weeks. […]
AI, Global Security News
Nvidia-Backed Startup Seeking to Counter Chinese AI Eyes $25 Billion Valuation
Reflection is one of several startups working alongside Nvidia to build powerful, freely available “open-source” AI models.
AI, APAC, Cybersecurity, Global Security News, Network Security, Risk Management, Venture
“It is not the customer’s job to know what they want” rings true in cyber
Ever since I embarked on the founder journey and started working on my own startup, I’ve developed different perspectives and some strong opinions about founder life. In today’s issue, I am going to share one of them – about the fact that there has never been a billion-dollar security company built based on Gartner’s* insight…
AI, Global Security News
Microsoft Exchange Online service change causes email access issues
Microsoft is working to address an ongoing service issue that has intermittently prevented some users from accessing their cloud-based Exchange Online mailboxes via Outlook mobile and Mac desktop clients since Thursday. […]
AI, Global Security News
UK: Regulation Drives Cyber Spending for Critical Infrastructure Orgs
35% of security leaders working in the UK’s critical infrastructure said regulatory requirements are the primary influence on their security programs
Global Security News
Australian startup Hootnotes eyes global opportunity in visual collaboration
Australian startup Hootnotes is tapping into the growing number of employees working remotely with a collaborative workspace platform designed to simplify how teams organise ideas and projects.
Global Security News
Australian startup Hootnotes eyes global opportunity in visual collaboration
Australian startup Hootnotes is tapping into the growing number of employees working remotely with a collaborative workspace platform designed to simplify how teams organise ideas and projects.
AI, Global Security News
Microsoft: Enabling Teams Meeting add-in breaks Outlook Classic
Microsoft is working to address a known issue that renders the classic Outlook email client unusable for users who have enabled the Microsoft Teams Meeting Add-in. […]
AI, Global Security News
Microsoft Exchange Online outage blocks access to mailboxes
Microsoft is working to address an ongoing Exchange Online outage that is preventing customers from accessing their mailboxes and calendars. […]
Global Security News
Iran MOIS Colludes With Criminals to Boost Cyberattacks
Iranian APTs have long pretended to be cybercriminal groups. Now they’re working with actual cybercriminal groups.
Global Security News
Microsoft still working to fix Windows Explorer white flashes
Microsoft has confirmed that it’s still working to fully address a known issue that causes bright white flashes when opening the File Explorer on some Windows 11 systems. […]
AI, Global Security News
North Korean APTs Use AI to Enhance IT Worker Scams
DPRK worker scams are old hat, but they’re still working, thanks to AI tools that help with everything from face swapping to daily emails.
Cybersecurity, Global Security News
Cybersecurity professionals are burning out on extra hours every week
Cybersecurity professionals in the U.S. are working an average of 10.8 extra hours per week beyond their contracted schedules, according to survey data collected from 300 cybersecurity and IT leaders by Sapio Research. That figure effectively adds a sixth working day to the standard week for a large portion of the field. Nearly half of…
AI, Apps, Endpoint, Europe, Global Security News, Network Security, privacy
Windows 11 Insider Previews: What’s in the latest build?
Windows 11 25H2 has been released, but behind the scenes, Microsoft is constantly working to improve the newest version of Windows. The company frequently rolls out public preview builds to members of its Windows Insider Program, allowing them to test out — and help shape — upcoming features. Skip to the latest builds The Windows…
AI, Global Security News, Risk Management
IronCurtain: An open-source, safeguard layer for autonomous AI assistants
Veteran security engineer Niels Provos is working on a new technical approach designed to stop autonomous AI agents from taking actions you haven’t specifically authorized. His open-source software solution, called IronCurtain, aims to neutralize the risk of an LLM-powered agent “going rogue” – whether through prompt injection or the agent gradually deviating from the user’s…
Global Security News
PayPal Confirms Six-Month Data Exposure Linked to Loan System Error
PayPal has confirmed a data leak in its Working Capital loan system that exposed names, dates of birth, and Social Security numbers for six months.
Global Security News
The Hong Kong Investor Putting American Money Into China’s AI Push
Neil Shen has long bridged both countries, from working at Sequoia after Yale to his own firm
AI, Apps, Data Breaches, Global Security News, Network Security, Risk Management
PayPal Flaw Exposed Sensitive Data in Lending App for Six Months
PayPal is notifying customers after a software error in its PayPal Working Capital (PPWC) loan application exposed certain personal information, including social security numbers, for nearly six months in 2025. Although the company said its core systems were not breached, the issue resulted in potential unauthorized access to sensitive customer data. “Upon learning about this…
AI, Global Security News
Microsoft Defender update lets SOC teams manage, vet response tools
Microsoft introduced library management in Microsoft Defender to help security analysts working with live response manage scripts and tools they use to triage, investigate and remediate threats. The library management interface allows analysts to organize their investigation tools and manage everything without waiting for an active session. “This enhancement in Defender’s live response tooling improves…
Global Security News
Microsoft Teams outage affects users in United States, Europe
Microsoft is working to resolve an ongoing outage affecting Microsoft Teams users, causing delays and preventing some from accessing the service. […]
AI, Global Security News
AI Agents ‘Swarm,’ Security Complexity Follows Suit
As AI deployments scale and start to include packs of agents autonomously working in concert, organizations face a naturally amplified attack surface.
Global Security News
Three Ways the Right Software Will Increase Team Productivity
Does your team feel like it’s working hard, but it isn’t moving fast? The problem might not be the effort here. It could actually be the tools.
AI, Apps, Blog, CVE, CVE-2025-15467, CVEs, Cybersecurity, Exploits, Global Security News, privacy, Risk Management, vulnerability
CVE-2025-15467: OpenSSL Vulnerability Leads to Denial-of-Service, Remote Code Execution
Just as organizations were working to patch the Microsoft Office zero-day (CVE-2026-21509), the cybersecurity world is confronted with another serious threat. OpenSSL disclosed a high-severity stack buffer overflow issue that can trigger denial-of-service (DoS) conditions and, under specific circumstances, enable remote code execution (RCE). Tracked as CVE-2025-15467, the vulnerability was promptly patched by the vendor…
AI, Apps, Blog, CVE, CVE-2025-15467, CVEs, Cybersecurity, Exploits, Global Security News, privacy, Risk Management, vulnerability
CVE-2025-15467: OpenSSL Vulnerability Leads to Denial-of-Service, Remote Code Execution
Just as organizations were working to patch the Microsoft Office zero-day (CVE-2026-21509), the cybersecurity world is confronted with another serious threat. OpenSSL disclosed a high-severity stack buffer overflow issue that can trigger denial-of-service (DoS) conditions and, under specific circumstances, enable remote code execution (RCE). Tracked as CVE-2025-15467, the vulnerability was promptly patched by the vendor…
AI, Apps, Blog, CVE, CVE-2025-15467, CVEs, Cybersecurity, Exploits, Global Security News, privacy, Risk Management, vulnerability
CVE-2025-15467: OpenSSL Vulnerability Leads to Denial-of-Service, Remote Code Execution
Just as organizations were working to patch the Microsoft Office zero-day (CVE-2026-21509), the cybersecurity world is confronted with another serious threat. OpenSSL disclosed a high-severity stack buffer overflow issue that can trigger denial-of-service (DoS) conditions and, under specific circumstances, enable remote code execution (RCE). Tracked as CVE-2025-15467, the vulnerability was promptly patched by the vendor…
AI, Apps, Blog, CVE, CVE-2025-15467, CVEs, Cybersecurity, Exploits, Global Security News, privacy, Risk Management, vulnerability
CVE-2025-15467: OpenSSL Vulnerability Leads to Denial-of-Service, Remote Code Execution
Just as organizations were working to patch the Microsoft Office zero-day (CVE-2026-21509), the cybersecurity world is confronted with another serious threat. OpenSSL disclosed a high-severity stack buffer overflow issue that can trigger denial-of-service (DoS) conditions and, under specific circumstances, enable remote code execution (RCE). Tracked as CVE-2025-15467, the vulnerability was promptly patched by the vendor…
AI, Apps, Blog, CVE, CVE-2025-15467, CVEs, Cybersecurity, Exploits, Global Security News, privacy, Risk Management, vulnerability
CVE-2025-15467: OpenSSL Vulnerability Leads to Denial-of-Service, Remote Code Execution
Just as organizations were working to patch the Microsoft Office zero-day (CVE-2026-21509), the cybersecurity world is confronted with another serious threat. OpenSSL disclosed a high-severity stack buffer overflow issue that can trigger denial-of-service (DoS) conditions and, under specific circumstances, enable remote code execution (RCE). Tracked as CVE-2025-15467, the vulnerability was promptly patched by the vendor…
AI, Apps, Blog, CVE, CVE-2025-15467, CVEs, Cybersecurity, Exploits, Global Security News, privacy, Risk Management, vulnerability
CVE-2025-15467: OpenSSL Vulnerability Leads to Denial-of-Service, Remote Code Execution
Just as organizations were working to patch the Microsoft Office zero-day (CVE-2026-21509), the cybersecurity world is confronted with another serious threat. OpenSSL disclosed a high-severity stack buffer overflow issue that can trigger denial-of-service (DoS) conditions and, under specific circumstances, enable remote code execution (RCE). Tracked as CVE-2025-15467, the vulnerability was promptly patched by the vendor…
AI, Apps, Blog, CVE, CVE-2025-15467, CVEs, Cybersecurity, Exploits, Global Security News, privacy, Risk Management, vulnerability
CVE-2025-15467: OpenSSL Vulnerability Leads to Denial-of-Service, Remote Code Execution
Just as organizations were working to patch the Microsoft Office zero-day (CVE-2026-21509), the cybersecurity world is confronted with another serious threat. OpenSSL disclosed a high-severity stack buffer overflow issue that can trigger denial-of-service (DoS) conditions and, under specific circumstances, enable remote code execution (RCE). Tracked as CVE-2025-15467, the vulnerability was promptly patched by the vendor…