A recent Windows security update intended to mitigate a symlink vulnerability (CVE-2025-21204) has introduced a new weakness: regular users can abuse the newly created inetpub folder to block all future Windows updates, leaving systems exposed to unpatched threats.
All Posts
- A critical zero-day exploit chain (CVE-2025-32432) targeting Craft CMS has been leveraged in active attacks to achieve remote code execution and exfiltrate sensitive data. Organizations using Craft CMS are urged to patch immediately.
- A false positive in Microsoft Defender XDR led hundreds of organizations to upload over 1,700 sensitive Adobe Acrobat files to the public ANY.RUN malware sandbox, exposing proprietary and confidential data.
- Security researchers have discovered SessionShark, a phishing-as-a-service toolkit that can bypass Microsoft Office 365 MFA by stealing session tokens, highlighting new risks for organizations relying on multi-factor authentication.
- ToyMaker, a financially motivated Initial Access Broker, leverages its custom LAGTOY backdoor to compromise organizations and sell access to CACTUS ransomware affiliates, fueling double extortion attacks.