Two New Jersey men sentenced in DPRK laptop farm case that infiltrated 100+ U.S. companies
Two U.S. nationals have been sentenced to federal prison for helping North Korean remote IT workers pose as U.S.-based hires and land jobs at more…
Microsoft investigates Chrome 147 issue that disrupts Microsoft 365 web sign-ins
Microsoft is investigating a Microsoft 365 web access issue tied to Google Chrome version 147. Publicly mirrored service health notices say the problem affects authentication…
SpankRAT hides inside Windows Explorer to dodge detection, researchers warn
A newly analyzed remote access trojan called SpankRAT uses a simple but effective trick to stay hidden. It injects its malicious payload into explorer.exe, which…
Microsoft releases KB5083769 for Windows 11 25H2 and 24H2 with security fixes and reset bug repair
Microsoft has released KB5083769 for Windows 11 versions 25H2 and 24H2 as the April 2026 Patch Tuesday cumulative update. The release raises systems to build…
New audit says Google, Microsoft, and Meta still track users after privacy opt-outs
A new California privacy audit says many major ad-tech services still set tracking cookies even after users send a legally recognized opt-out signal. The research,…
Adobe patches Acrobat and Reader flaws that can lead to code execution and file reads
Adobe has released security updates for Acrobat and Reader on Windows and macOS to fix two vulnerabilities that can let attackers execute code or read…
Composer fixes two command injection bugs that can hit even systems without Perforce installed
Composer has released security updates for two high-severity command injection vulnerabilities in its Perforce VCS driver. The project says developers should update to Composer 2.9.6…
Microsoft warns SharePoint Server zero-day CVE-2026-32201 is under active attack
Microsoft has confirmed active exploitation of CVE-2026-32201, a SharePoint Server spoofing vulnerability affecting on-premises SharePoint deployments. The flaw carries a CVSS 3.1 base score of…
OpenAI expands Trusted Access for Cyber with GPT-5.4-Cyber for vetted defenders
OpenAI has expanded its Trusted Access for Cyber program and introduced GPT-5.4-Cyber, a more cyber-permissive variant of GPT-5.4 built for vetted defenders. The model is…
Dragon Boss Solutions update flaw exposed 23,000+ endpoints to possible supply chain abuse
A signed software operation tied to Dragon Boss Solutions LLC left more than 23,000 infected systems exposed after an update domain in its infrastructure was…
November 21, 2025
1 comment 
