Microsoft

Trojanized SonicWall NetExtender app exfiltrates VPN credentials
Unknown attackers have trojanized SonicWall’s SSL-VPN NetExtender application, the company has warned on Monday, and have been tricking users into downloading it from a …

Microsoft will start removing legacy drivers from Windows Update
Microsoft will start removing legacy drivers from Windows Update to improve driver quality for Windows users but, most importantly, to increase security, the company has …

Stealthy backdoor found hiding in SOHO devices running Linux
SecurityScorecard’s STRIKE team has uncovered a network of compromised small office and home office (SOHO) devices they’re calling LapDogs. The threat is part of a broader …

MDEAutomator: Open-source endpoint management, incident response in MDE
Managing endpoints and responding to security incidents in Microsoft Defender for Endpoint (MDE) can be time-consuming and complex. MDEAutomator is an open-source tool …

Microsoft fixes zero-day exploited for cyber espionage (CVE-2025-33053)
For June 2025 Patch Tuesday, Microsoft has fixed 66 new CVEs, including a zero-day exploited in the wild (CVE-2025-33053). Also, Adobe Commerce and Magento Open Source users …

June 2025 Patch Tuesday forecast: Second time is the charm?
June 2025 Patch Tuesday is now live: Microsoft fixes zero-day exploited for cyber espionage (CVE-2025-33053) Microsoft has been busy releasing more out-of-band (OOB) patches …

Exchange 2016, 2019 support ends soon: What IT should do to stay secure
Microsoft is ending support for Exchange Server 2016, Exchange Server 2019, and Outlook 2016 on October 14, 2025. That date might seem far off, but if you’re managing email …

Microsoft unveils “centralized” software update tool for Windows
Microsoft is looking to streamline the software updating process for IT admins and users by providing a Windows-native update orchestration platform, and to help organizations …

Microsoft, Dutch security agencies lift veil on Laundry Bear cyber espionage group
The Dutch intelligence and security services have identified a new Russia-affiliated threat group that has been breaching government organizations and commercial entities in …

Lumma Stealer Malware-as-a-Service operation disrupted
A coordinated action by US, European and Japanese authorities and tech companies like Microsoft and Cloudflare has disrupted the infrastructure behind Lumma Stealer, the most …

The Windows Subsystem for Linux goes open source
Microsoft has officially open-sourced the Windows Subsystem for Linux (WSL), closing the very first issue ever filed on the Microsoft/WSL GitHub repository: “Will this be open …

Patch Tuesday: Microsoft fixes 5 actively exploited zero-days
On May 2025 Patch Tuesday, Microsoft has released security fixes for 70+ vulnerabilities, among them five actively exploited zero-days and two publicly disclosed (but not …
Featured news
Resources
Don't miss
- Trojanized SonicWall NetExtender app exfiltrates VPN credentials
- High-risk WinRAR RCE vulnerability patched, update quickly! (CVE-2025-6218)
- Why work-life balance in cybersecurity must start with executive support
- Reconmap: Open-source vulnerability assessment, pentesting management platform
- Microsoft will start removing legacy drivers from Windows Update