Microsoft says it’s rolling out a revamped Windows Insider Program experience as part of the broader plans to address reliability concerns in Windows 11. For those unaware, the Windows Insider Program is a beta testing program that allows you to test early Windows releases and provide your feedback to Microsoft. Until now, Microsoft has not […]
A threat group tracked as UNC6692 uses social engineering to deploy a new, custom malware suite named âSnow,â which includes a browser extension, a tunneler, and a backdoor. Their goal is to steal sensitive data after deep network compromise through credential theft and domain takeover. According to Googleâs Mandiant researchers, the attacker uses âemail bombingâ tactics to […]
Home security giant ADT has confirmed a data breach after the ShinyHunters extortion group threatened to leak stolen data unless a ransom is paid. In a statement shared today, the company said it detected unauthorized access to customer and prospective customer data on April 20, after which it terminated the intrusion and launched an investigation. […]
Cybersecurity agencies in the U.S. and U.K. are warning about a custom malware called Firestarter persisting on Cisco Firepower and Secure Firewall devices running Adaptive Security Appliance (ASA) or Firepower Threat Defense (FTD) software. The backdoor has been attributed to a threat actor that Cisco Talos tracks internally as UAT-4356, known for cyberespionage campaigns, including ArcaneDoor. […]
Microsoft is rolling out Windows Update improvements that give users more control over how updates are installed while reducing disruption from frequent or poorly timed restarts. The company says the improvements are now rolling out to Windows Insiders, following user feedback that highlighted two key issues: updates are disrupting workflows, and there is a lack of […]
A new financially motivated hacking group tracked as BlackFile has been linked to a wave of data theft and extortion attacks against retail and hospitality organizations since February 2026. The group, also tracked as CL-CRI-1116, UNC6671, and Cordial Spider, is impersonating corporate IT helpdesk staff to steal employee credentials and demand seven-figure ransoms, according to information shared […]
Microsoft will roll out passkey support for phishing-resistant passwordless authentication to Microsoft Entraâprotected resources from Windows devices starting late April. The feature is expected to reach general availability by mid-June 2026 and will also extend passwordless sign-in to unmanaged Windows devices. Microsoft says that Entra passkeys on Windows will support corporate, personal, and shared devices, […]
A new vulnerability dubbed Pack2TheRoot could be exploited in the PackageKit daemon to allow local Linux users to install or remove system packages and gain root permissions. The flaw is identified as CVE-2026-41651 and received a high-severity rating of 8.8 out of 10. It has persisted for almost 12 years in the PackageKit daemon, a background service that manages software installation, […]
Over 10,000 Zimbra Collaboration Suite (ZCS) instances exposed online are vulnerable to ongoing attacks exploiting a cross-site scripting (XSS) security flaw, according to nonprofit security organization Shadowserver. Zimbra is a popular email and collaboration software suite used by hundreds of millions of people worldwide, including hundreds of government agencies and thousands of businesses. The vulnerability (tracked as CVE-2025-48700) […]
Microsoft says IT administrators can now uninstall the AI-powered Copilot digital assistant from enterprise devices using a new policy setting, which has become broadly available after the April 2026 Patch Tuesday. RemoveMicrosoftCopilotApp is available as a Policy CSP and Group Policy after deploying this month’s Windows security updates on endpoints managed via Microsoft Intune or System Center […]
