DocuSign's Envelopes API abused to send realistic fake invoices
Threat actors are abusing DocuSign's Envelopes API to create and mass-distribute fake invoices that appear genuine, ...
Schneider Electric confirms dev platform breach after hacker steals data
Schneider Electric has confirmed a developer platform was breached after a threat actor claimed to steal 40GB of data from ...
Windows Server 2025 released—here are the new features
Microsoft has announced that Windows Server 2025, the latest version of its server operating system, is generally available ...
Windows infected with backdoored Linux VMs in new phishing attacks
A new phishing campaign dubbed 'CRON#TRAP' infects Windows with a Linux virtual machine that contains a built-in backdoor to ...
City of Columbus: Data of 500,000 stolen in July ransomware attack
The City of Columbus, Ohio, notified 500,000 individuals that a ransomware gang stole their personal and financial ...
Cisco says DevHub site leak won’t enable future breaches
Cisco says that non-public files recently downloaded by a threat actor from a misconfigured public-facing DevHub portal don't ...
Custom "Pygmy Goat" malware used in Sophos Firewall hack on govt network
UK's National Cyber Security Centre (NCSC) has published an analysis of a Linux malware named "Pigmy Goat" created to backdoor Sophos XG firewall devices as part of recently disclosed attacks by ...
Microsoft confirms Windows Server 2025 blue screen, install issues
Microsoft has confirmed several bugs causing install and Blue Screen of Death (BSOD) issues impacting Windows Server 2025 systems with more than 256 logical processors.
Meet Interlock — The new ransomware targeting FreeBSD servers
A relatively new ransomware operation named Interlock attacks organizations worldwide, taking the unusual approach of ...
Solving the painful password problem with better policies
Weak and reused credentials continue to plague users and organizations. Learn from Specops software about why passwords are so easy to hack and how organizations can fortify their security efforts.
ChatGPT-4o can be used for autonomous voice-based scams
Researchers have shown that it's possible to abuse OpenAI's real-time voice API for ChatGPT-4o, an advanced LLM chatbot, to ...
Microsoft SharePoint RCE bug exploited to breach corporate network
A recently disclosed Microsoft SharePoint remote code execution (RCE) vulnerability tracked as CVE-2024-38094 is being ...