Device Code Phishing Hits 340+ Microsoft 365 Orgs via OAuth Abuse

Published on: March 26, 2026

Overview:A large-scale phishing campaign has been identified targeting Microsoft 365 (O365) users by abusing the OAuth device authentication process. This attack known as Device Code Phishing, tricks users into logging...

Critical Oracle Identity Manager RCE Vulnerability (CVE-2026-21992)

Published on: March 22, 2026

Overview:A critical vulnerability has been identified in Oracle products, specifically Oracle Identity Manager and Oracle Web Services Manager.The vulnerability, tracked as CVE-2026-21992, allows attackers to execute remote code on affected...

Microsoft Azure Monitor Alerts Abused for Callback Phishing Attacks

Published on: March 20, 2026

Overview:A new phishing campaign has been identified where attackers are misusing Microsoft Azure Monitor to send fake security and billing alert emails.These emails appear to come from legitimate Microsoft systems...

Attackers Hijacking Legitimate Websites to Target Microsoft Teams Users

Published on: March 17, 2026

Overview:Security researchers from KnowBe4 Threat Labs have identified a large-scale phishing campaign where attackers compromise legitimate websites and use them to steal user credentials.Instead of using fake domains, attackers inject...

Middle East Conflict-Themed Cyber Campaigns

Published on: March 11, 2026

Overview:Security researchers have observed an increase in cyber threats that use the ongoing Middle East geopolitical conflict as a lure to trick users. Threat actors are creating malicious files, fake news...

Iranian Cyber Retaliation Risk & Increased Cyber Threat Level

Published on: March 3, 2026

Overview:Due to the recent geopolitical escalation involving the U.S., Israel, and Iran, global threat intelligence reports indicate a heightened short-term cyber risk.Historically, during periods of tension involving Iran, there has...

Windows Notepad Vulnerability Allows Attackers to Execute Malicious Code Remotely

Published on: February 23, 2026

OverviewMicrosoft has patched a critical Remote Code Execution (RCE) vulnerability in the modern Windows Notepad application, tracked as CVE?2026?20841, disclosed during the February 10, 2026 Patch Tuesday release. The flaw arises from...

Hackers target Microsoft Entra accounts in device code vishing attacks

Published on: February 22, 2026

OverviewThreat actors are actively targeting organizations using device code phishing combined with vishing (voice phishing) to exploit the OAuth 2.0 Device Authorization flow and compromise Microsoft Entra accounts. These attacks differ from...

Google Patching the First Chrome Zero?Day Exploited in Attacks This Year (CVE?2026?2441)

Published on: February 19, 2026

Overview On February 16, 2026, Google released emergency updates to address CVE?2026?2441, the first actively exploited Chrome zero?day vulnerability discovered this year. This high?severity flaw is a use?after?free vulnerability in the CSS component...

Advisory on Notepad++ Update Servers Hijacked to Redirect Users to Malicious Servers

Published on: February 2, 2026

OverviewNotepad++ disclosed a targeted supply?chain compromise involving its software update infrastructure. Forensic analysis conducted by independent security experts and the former hosting provider confirmed that the incident resulted from an infrastructure?level...

Advisory on Microsoft Office Zero-Day Vulnerability (CVE-2026-21509)

Published on: January 28, 2026

Overview: Microsoft has released an out-of-band emergency security update to address a high-severity zero-day vulnerability in Microsoft Office, tracked as CVE-2026-21509. The vulnerability is actively exploited in the wild and allows attackers...

Google Chrome for Desktop Vulnerability

Published on: January 23, 2026

Overview:A high-severity vulnerability has been identified in Google Chrome for Desktop, which could allow a remote attacker to execute arbitrary code on an affected system. The issue arises from a...

OAuth Device Code Phishing Targeting Microsoft 365

Published on: December 28, 2025

OverviewOrganizations are facing a widespread and actively exploited phishing campaign targeting Microsoft 365 (M365) environments through abuse of the OAuth 2.0 device authorization flow. Commonly known as OAuth device code phishing,...

Active Exploitation of FortiOS SSL VPN 2FA Bypass Vulnerability (CVE-2020-12812)

Published on: December 27, 2025

Overview:Fortinet has issued a new advisory warning about active exploitation of an old vulnerability in FortiOS SSL VPN.The vulnerability allows attackers to bypass Two-Factor Authentication (2FA) under certain configurations.Although this issue was...

Malicious Chrome Extensions Stealing User Credentials

Published on: December 26, 2025

OverviewTwo malicious Google Chrome extensions published under the name “Phantom Shuttle” have been identified in the Chrome Web Store. These extensions masquerade as legitimate proxy and network-testing tools but secretly hijack user...

China-Aligned APT Exploiting Windows Group Policy for Malware Deployment.

Published on: December 22, 2025

OverviewSecurity researchers have identified an emerging China-aligned advanced persistent threat (APT) cluster, tracked as LongNosedGoblin, actively engaging in cyber-espionage against governmental networks in Southeast Asia and Japan. The threat actor has...

Windows Admin Center Flaw CVE-2025-64669 Enables SYSTEM Privilege Escalation

Published on: December 18, 2025

OverviewA high-severity local privilege escalation vulnerability has been identified in Microsoft Windows Admin Center (WAC). Tracked as CVE-2025-64669, the issue arises from insecure directory permissions within the Windows Admin Center data...

Microsoft Outlook Remote Code Execution Vulnerability (CVE-2025-62562)

Published on: December 15, 2025

Overview:Microsoft has released security updates addressing a critical remote code execution (RCE) vulnerability in Microsoft Outlook and related Microsoft Office products. The vulnerability, tracked as CVE-2025-62562, arises from a use-after-free memory...

Cloudflare Discloses Technical Details Behind Massive Outage that Breaks the Internet

Published on: November 21, 2025

OverviewOn November 18, 2025, Cloudflare experienced a global outage affecting a significant portion of internet services. The outage was caused by a configuration change to a ClickHouse database cluster, which...

Active Exploitation of Cisco ISE & Citrix NetScaler Zero-Days by an Advanced Threat Actor

Published on: November 14, 2025

Overview:Amazons threat intelligence team has observed an advanced persistent threat (APT) actor actively exploiting previously undisclosed zero-day vulnerabilities in:Cisco Identity Services Engine (ISE / ISE-PIC) (unauthenticated remote code execution) Citrix NetScaler ADC...