Microsoft December 2025 Patch Tuesday fixes 3 zero-days, 57 flaws

Microsoft' 2025 Patch Tuesday fixes 57 flaws, including one actively exploited and two publicly disclosed zero-day ...

Ivanti warns of critical Endpoint Manager code execution flaw

American IT software company Ivanti warned customers today to patch a newly disclosed vulnerability in its Endpoint Manager ...

Microsoft investigates Copilot outage affecting users in Europe

Microsoft is working to mitigate an ongoing incident that has been blocking users in Europe from accessing the company's ...

Windows 11 KB5072033 & KB5071417 cumulative updates released

Microsoft has released Windows 11 KB5072033 and KB5071417 cumulative updates for versions 25H2/24H2 and 23H2 to fix security ...

Microsoft releases Windows 10 KB5071546 extended security update

Microsoft has released the KB5071546 extended security update to resolve 57 security vulnerabilities, including three ...

SAP fixes three critical vulnerabilities across multiple products

SAP has released its December security updates addressing 14 vulnerabilities across a range of products, including three ...

Windows PowerShell now warns when running Invoke-WebRequest scripts

Microsoft says Windows PowerShell now warns when running scripts that use the Invoke-WebRequest cmdlet to download web ...

Maintaining enterprise IT hygiene using Wazuh SIEM/XDR

Poor IT hygiene, such as unused accounts, outdated software, and risky extensions, creates hidden exposure in your ...

Spain arrests teen who stole 64 million personal data records

The National Police in Spain have arrested a suspected 19-year-old hacker in Barcelona, for allegedly stealing and attempting ...

Ransomware IAB abuses EDR for stealthy malware execution

An initial access broker tracked as Storm-0249 is abusing endpoint detection and response solutions and trusted Microsoft ...

North Korean hackers exploit React2Shell flaw in EtherRAT malware attacks

A new malware implant called EtherRAT, deployed in a recent React2Shell attack, runs five separate Linux persistence ...

Fortinet warns of critical FortiCloud SSO login auth bypass flaws

Fortinet has released security updates to address two critical vulnerabilities in FortiOS, FortiWeb, FortiProxy, and FortiSwitchManager that could allow attackers to bypass FortiCloud SSO ...