Thursday April 24, 2025

Details

For the second month in a row, Microsoft’s Patch Tuesday updates landed with warnings that a half-dozen Windows security defects have already been exploited in the wild.

Redmond’s security response team slapped “exploitation detected” tags on six of the 57 security vulnerabilities patched this month and pushed Windows admins to prioritize another large batch of code execution flaws. Read More……..

 

Details

Microsoft announced that it will drop support for the Remote Desktop app (available via the Microsoft Store) on May 27 and replace it with its new Windows App. Read More……..

 

Details

A new ransomware operator named 'Mora_001' is exploiting two Fortinet vulnerabilities to gain unauthorized access to firewall appliances and deploy a custom ransomware strain dubbed SuperBlack.

The two vulnerabilities, both authentication bypasses, are CVE-2024-55591 and CVE-2025-24472, which Fortinet disclosed in January and February, respectively. Read More……..

Details

A leading US security agency has ordered federal government bodies to patch five vulnerabilities it claims are being actively exploited by threat actors. Read More……..

Details

Chinese hackers have successfully breached numerous telecommunications companies worldwide. This cyberattack, dubbed Salt Typhoon by Microsoft cybersecurity researchers, has granted the attackers unprecedented access. Beyond merely identifying who has been texting or calling whom and when the breach extends to intercepting the content of some messages a significantly more advanced and sophisticated achievement in the realm of cyberattacks. Read More..

  1. Microsoft Edge Multiple Vulnerabilities
  2. Cisco Products Multiple Vulnerabilities
  3. Google Warns of Samsung Zero-Day Exploited in the Wild
  4. Lazarus Group Exploits Google Chrome Vulnerability to Control Infected Devices
  5. Chrome Introduces One-Time Permissions and Enhanced Safety Check for Safer Browsing

Page 1 of 31