Industrial-strength April Patch Tuesday covers 135 CVEs
One actively exploited issue patched; five Critical-severity Office vulns exploitable via Preview Pane
Similar Posts
CL-STA-0969 Installs Covert Malware in Telecom Networks During 10-Month Espionage Campaign
Bys sTelecommunications organizations in Southeast Asia have been targeted by a state-sponsored threat actor known as CL-STA-0969 to facilitate remote control over compromised networks. Palo Alto Networks Unit 42 said it observed multiple incidents in the region, including one aimed at critical telecommunications infrastructure between February and November 2024. The attacks are characterized by the
Future-Proofing Business Continuity: BCDR Trends and Challenges for 2025
Bys sAs IT environments grow more complex, IT professionals are facing unprecedented pressure to secure business-critical data. With hybrid work the new standard and cloud adoption on the rise, data is increasingly distributed across different environments, providers and locations, expanding the attack surface for emerging cyberthreats. While the need for a strong data protection strategy has…
Savannah Best Buy employee says ‘hacker group’ blackmailed him into theft ring scheme
Bys sLydia Blackstone reports: A 20-year-old Best Buy employee is jailed in Savannah after police said he helped a group of suspected shoplifters walk out of the store with more than $40,000 in merchandise, claiming he was pressured by online blackmail threats. Dorian Allen is charged with theft by taking, according to a Savannah Police Department……
The Hidden Risk of Orphan Accounts
Bys sThe Problem: The Identities Left Behind As organizations grow and evolve, employees, contractors, services, and systems come and go – but their accounts often remain. These abandoned or “orphan” accounts sit dormant across applications, platforms, assets, and cloud consoles. The reason they persist isn’t negligence – it’s fragmentation. Traditional IAM and IGA systems are designed
McLaren provides written notice to 743,131 patients after ransomware attack in July 2024
Bys sOn August 5, 2024, McLaren Healthcare became aware of suspicious activity affecting McLaren Health Care and Karmanos Cancer Institute computer systems. In an early statement about the incident, McLaren indicated that the attack affected IT systems across its 13 hospitals, cancer treatment centers, surgery centers, and clinics. In an August 12 update, McLaren reported that…
Device Code Phishing Hits 340+ Microsoft 365 Orgs Across Five Countries via OAuth Abuse
Bys sCybersecurity researchers are calling attention to an active device code phishing campaign that’s targeting Microsoft 365 identities across more than 340 organizations in the U.S., Canada, Australia, New Zealand, and Germany. The activity, per Huntress, was first spotted on February 19, 2026, with subsequent cases appearing at an accelerated pace since then. Notably, the campaign…