Introducing Sophos Intelix for Microsoft Security Copilot
Elevating threat intelligence for all Security Copilot users.
Similar Posts
Microsoft Silently Patches Windows LNK Flaw After Years of Active Exploitation
Bys sMicrosoft has silently plugged a security flaw that has been exploited by several threat actors since 2017 as part of the company’s November 2025 Patch Tuesday updates, according to ACROS Security’s 0patch. The vulnerability in question is CVE-2025-9491 (CVSS score: 7.8/7.0), which has been described as a Windows Shortcut (LNK) file UI misinterpretation vulnerability that…
Hackers breach Norwegian dam, open valve at full capacity
Bys sCatalin Cimpanu reports: Unidentified hackers have breached the systems of a Norwegian dam and opened its water valve at full capacity in an incident this April. The incident took place at the Lake Risevatnet dam near the city of Svelgen in Southwest Norway. The valve ran at full capacity for four hours before the unauthorized change was…
ModMed revealed they were victims of a cyberattack in July. Then some data showed up for sale.
Bys sModernizing Medicine (“ModMed”) is a healthcare technology firm that provides Electronic Health Records (EHR) and practice management software to many HIPAA-covered entities. ModMed recently announced that on July 29, it discovered unauthorized activity in some of its computer servers. The servers in question contained data from some of ModMed’s podiatry clients, and the data was……
Malicious VS Code AI Extensions with 1.5 Million Installs Steal Developer Source Code
Bys sCybersecurity researchers have discovered two malicious Microsoft Visual Studio Code (VS Code) extensions that are advertised as artificial intelligence (AI)-powered coding assistants, but also harbor covert functionality to siphon developer data to China-based servers. The extensions, which have 1.5 million combined installs and are still available for download from the official Visual Studio
Hackers Exploit Critical WordPress Theme Flaw to Hijack Sites via Remote Plugin Install
Bys sThreat actors are actively exploiting a critical security flaw in “Alone – Charity Multipurpose Non-profit WordPress Theme” to take over susceptible sites. The vulnerability, tracked as CVE-2025-5394, carries a CVSS score of 9.8. Security researcher Thái An has been credited with discovering and reporting the bug. According to Wordfence, the shortcoming relates to an arbitrary…
‘Serious cyberattack’ impacts phones, public safety systems in several Massachusetts towns
Bys sPhil Tenser reports: A cybersecurity attack is affecting several Massachusetts towns that share a regional emergency communications center. The cyberattack affecting the Patriot Regional Emergency Communications Center and associated towns was identified early Tuesday, according to statements from affected towns. The towns of Ashby, Dunstable, Pepperell and Townsend also said their police and fire departments……