-
Microsoft has disclosed a critical SQL injection vulnerability in SQL Server that could allow authenticated attackers to escalate their privileges over a network. Tracked as CVE-2025-59499 and assigned an Important severity rating, the vulnerability st…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
KnowBe4 Threat Labs has uncovered a sophisticated phishing campaign that marks a turning point in cybercriminal capabilities. The threat landscape is shifting dramatically with the emergence of Quantum Route Redirect. This powerful automation tool tran…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The xHunt advanced persistent threat group continues to pose a significant cybersecurity risk through sophisticated attacks targeting Microsoft Exchange and IIS web servers with custom-built backdoors. This highly focused cyber-espionage operation has …
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Microsoft is poised to roll out a significant update to Teams, enabling users to initiate chats with anyone using just an email address—even if the recipient isn’t a Teams user. While the feature, launching in targeted releases by early November 2025 a…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Microsoft has issued an urgent advisory for Windows users, confirming that a recent set of security updates released after October 14, 2025 may cause certain systems to boot into the BitLocker recovery screen upon restart. The issue, currently under ac…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A sophisticated attack technique that exploits Microsoft’s OneDrive application through DLL sideloading, allowing threat actors to execute malicious code while evading detection mechanisms. The attack leverages a weaponized version.dll file to hijack legitimate Windows processes and maintain persistence on compromised systems. DLL sideloading exploits Windows’ library-loading mechanism by tricking legitimate applications into loading malicious Dynamic […] The post Hackers Exploit OneDrive.exe Through DLL Sideloading to Execute Arbitrary Code appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Check Point Research uncovered four critical vulnerabilities in Microsoft Teams that could allow attackers to impersonate executives, manipulate messages, alter notifications, and forge identities during video and audio calls. The research team discove…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Microsoft is implementing a significant security enhancement to its Authenticator app, introducing automatic detection of jailbroken and rooted devices for Microsoft Entra credentials. Beginning in February 2026, the company will automatically delete all Microsoft Entra credentials stored on jailbroken iOS devices and rooted Android devices to prevent unauthorized access and strengthen the organization’s security posture. […] The post Microsoft Entra Credentials in the Authenticator App on Jail-Broken Devices to be Wiped Out appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Microsoft is rolling out a significant security enhancement for its Authenticator app starting February 2026, introducing jailbreak and root detection capabilities that will automatically wipe Microsoft Entra credentials from compromised devices. This …
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Microsoft has acknowledged a critical issue affecting Windows Server 2025 systems enrolled in the Hotpatch program. A recent Windows Server Update Services (WSUS) patch was inadvertently distributed to machines configured to receive Hotpatch updates, c…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
