Follow on Google News
Microsoft Starts Rolling Out a Simpler Windows Insider Program With Experimental and Beta Channels
Microsoft has started rolling out its revamped Windows Insider Program, replacing the older channel structure with a simpler setup built around two main channels: Experimental…
Microsoft Teams Phishing Campaign Deploys New “Snow” Malware Suite
A newly tracked threat group called UNC6692 is using Microsoft Teams chats to trick employees into installing a custom malware suite named Snow. The campaign…
New BlackFile Extortion Group Uses Vishing Calls to Target Retail and Hospitality Firms
A new extortion group known as BlackFile is using phone calls, fake IT support messages, and stolen login codes to break into corporate systems. The…
Pack2TheRoot Flaw Gives Local Linux Users a Path to Root Access
A newly disclosed Linux vulnerability called Pack2TheRoot can let a local unprivileged user gain root access through PackageKit, the system service used by many Linux…
DORA Turns Credential Management Into a Financial Risk Control
The EU’s Digital Operational Resilience Act has changed how financial institutions need to treat passwords, privileged access, and authentication. Under DORA, weak credential management is…
Over 10,000 Zimbra Servers Remain Exposed to Ongoing XSS Attacks
More than 10,000 internet-exposed Zimbra Collaboration Suite servers remain vulnerable to an actively exploited cross-site scripting flaw, according to Shadowserver. The vulnerability, tracked as CVE-2025-48700,…
Hackers Exploit Critical File Upload Flaw in Breeze Cache WordPress Plugin
Hackers are actively exploiting a critical vulnerability in the Breeze Cache WordPress plugin that can let unauthenticated attackers upload arbitrary files to vulnerable websites. The…
Bitwarden CLI npm Package Compromised in Developer Credential Theft Attack
Bitwarden has confirmed that a malicious version of its @bitwarden/cli npm package was briefly distributed through npm on April 22, 2026. The affected release, @bitwarden/[email protected],…
Rituals Discloses Data Breach Affecting My Rituals Customers
Rituals has confirmed a data breach involving its My Rituals membership database after an unauthorized party downloaded part of its members’ data in April 2026.…
Regular Password Resets Are Becoming a Help Desk Security Risk
Password resets are no longer just a routine IT task. Attackers now target help desks because a successful reset can give them legitimate access without…
November 21, 2025
1 comment 
