All articles tagged with #security flaws
Microsoft released security patches for 63 vulnerabilities, including a actively exploited Windows Kernel zero-day (CVE-2025-62215) that could allow privilege escalation, along with other critical flaws in graphics, Linux subsystem, and Kerberos, emphasizing ongoing threats and the importance of timely updates.
Microsoft's November 2025 Patch Tuesday addresses 63 security flaws, including one actively exploited zero-day in the Windows Kernel, with critical updates for various vulnerabilities across Microsoft products. The update emphasizes the importance of upgrading from unsupported Windows 10 to Windows 11 and highlights recent security patches from other vendors. A webinar on modern patch management is also promoted.
The Louvre experienced a major art theft where criminals used a low-tech approach, exploiting serious security flaws including a password of 'Louvre' for its surveillance system, which was easily hacked, highlighting significant vulnerabilities in the museum's security infrastructure. Despite the high-profile nature of the theft, the actual break-in was facilitated by outdated security systems and poor management, with suspects identified as petty criminals rather than organized crime.
Cybersecurity researchers revealed four security vulnerabilities in Microsoft Teams that could allow attackers to impersonate colleagues, manipulate messages without detection, and exploit notifications, posing significant social engineering risks. Some issues have been patched, but the flaws highlight the importance of securing collaboration tools against trust-based attacks, especially as threat actors increasingly target enterprise communication platforms.
Microsoft's October 2025 Patch Tuesday addresses 172 security flaws, including six zero-day vulnerabilities, with critical fixes for remote code execution and privilege escalation. Notably, it marks the end of free support for Windows 10, which can now only receive extended security updates. The update also patches publicly disclosed zero-days in Windows SMB Server and SQL Server, and removes a vulnerable Agere Modem driver, warning that hardware functionality may be affected. The patches cover a wide range of Microsoft products, emphasizing ongoing efforts to improve security across their ecosystem.
Palantir Technologies and Anduril have dismissed reports claiming security flaws in their systems as inaccurate, defending their security measures against the allegations.
Palantir and Anduril dismissed recent reports of security flaws in their battlefield communication systems, asserting issues have been addressed and the reports are outdated, leading to a temporary 7.5% drop in Palantir's stock.
Palantir (PLTR) has publicly denied allegations of security vulnerabilities in its communication system used by the Army, asserting the integrity and security of its technology.
A former WhatsApp security head filed a lawsuit against Meta, accusing the company of ignoring major security vulnerabilities that risked billions of users' data, and retaliating against him for raising concerns. Meta denies the claims, asserting ongoing efforts to protect user privacy and security.
Microsoft's August 2025 Patch Tuesday addresses 107 security flaws, including one publicly disclosed zero-day vulnerability in Windows Kerberos, with fixes for critical remote code execution and privilege escalation vulnerabilities across various Microsoft products.
A security researcher revealed that Lovense, a major maker of internet-connected sex toys, failed to fully fix two security vulnerabilities that expose users' email addresses and allow account takeovers, posing significant privacy and security risks for its over 20 million users.
Microsoft's July 2025 Patch Tuesday addresses 137 security flaws, including one publicly disclosed zero-day in SQL Server, fixing critical remote code execution vulnerabilities across various products like Office, SharePoint, and Windows, with detailed updates available in the full report.
Researchers discovered vulnerabilities in Bluetooth chipsets affecting over 29 audio devices from multiple brands, which could allow hackers to eavesdrop, hijack calls, or steal sensitive information, though practical exploitation requires high skill and proximity. Device manufacturers are working on patches, but many devices remain unpatched, posing potential privacy risks for high-value targets.
Microsoft's June 2025 Patch Tuesday addresses 66 security flaws, including one actively exploited zero-day (CVE-2025-33053 in WebDAV) and another publicly disclosed (CVE-2025-33073 in SMB), fixing critical remote code execution and privilege escalation vulnerabilities across various Windows components and Microsoft Office products.
A cellphone video from a Trump rally in Butler, Pennsylvania, reveals security lapses as attendees pointed out the shooter, Thomas Matthew Crooks, on a roof two minutes before he fired at former President Donald Trump, killing one and injuring three others. The Secret Service and local law enforcement are under scrutiny for not clearing the roof. An independent investigation is set to begin, and Trump's security has been tightened. Trump made his first public appearance since the incident at the Republican National Convention, where he announced Ohio Sen. JD Vance as his running mate.