FortiOS CLI Command Bypass Vulnerability
Published on: October 16, 2025
Overview:Fortinet has disclosed a high-severity vulnerability in FortiOS, the operating system powering FortiGate firewalls and VPN devices. Identified as CVE-2025-58325, this flaw allows an authenticated attacker with CLI access to bypass...
September Top Security Vulnerabilities (CVE Report)
Published on: October 10, 2025
Top CVE's report for month of September2025September Top Vulnerabilities OverviewIn September, multiple critical and high?severity vulnerabilities were disclosed, including remote code execution flaws in widely used services, authentication bypass weaknesses, privilege escalation...
Disabling Inline SVG Image Display in Outlook for Web and Windows
Published on: October 7, 2025
OverviewMicrosoft has announced a significant security enhancement for Outlook users. As part of this update, inline SVG (Scalable Vector Graphics) image support will be retired across both Outlook for Web (OWA) and...
Critical Linux sudo Vulnerability (CVE-2025-32463)
Published on: October 3, 2025
Overview:A new critical vulnerability (CVE-2025-32463) has been identified in the Linux sudo utility and is actively being exploited. The flaw arises from the improper handling of the -R (--chroot) option, which could...
Advisory on Zero-Day Vulnerability in Google Chrome – CVE?2025?10585
Published on: September 24, 2025
OverviewGoogle has released an emergency security update to address a high-severity zero-day vulnerability (CVE-2025-10585) in its Chrome web browser. This vulnerability, which is being actively exploited, is related to a...
Microsoft 365 Copilot audit logging vulnerability
Published on: September 21, 2025
Overview:A vulnerability in Microsoft 365 Copilot (M365 Copilot) allowed users to access and summarize sensitive files without generating corresponding audit log entries—creating a significant blind spot for security monitoring. Microsoft...
Windows 10 Support Ending in 30 Days
Published on: September 16, 2025
Overview:This is to inform you that Microsoft has officially announced the end of support for Windows 10 (version 22H2) on October 14, 2025. After this date, Microsoft will no longer provide...
Yurei Ransomware Uses Double-Extortion Tactics to Target Windows Networks
Published on: September 5, 2025
OverviewYurei is a sophisticated ransomware strain that employs a double-extortion model, combining data encryption with data exfiltration. It primarily targets Windows-based networks, leveraging both network and physical vectors for propagation....
Zscaler Confirms Data Breach – Hackers Compromised Salesforce Instance and Stole Customer Data.
Published on: September 2, 2025
OverviewZscaler has confirmed a data breach resulting from a supply-chain attack involving the Salesloft Drift platform, a third-party application integrated with Salesforce. Attackers stole OAuth tokens, enabling unauthorized access to Salesforce instances,...
Hackers Abuse Microsoft Teams to Gain Remote Access on Windows.
Published on: August 31, 2025
OverviewCybercriminals are impersonating IT support on Microsoft Teams, using fake accounts to trick employees into installing remote access tools such as QuickAssist and AnyDesk. Once granted access, attackers deploy malware...
Microsoft 365 Copilot audit logging vulnerability
Published on: August 17, 2025
OverviewA vulnerability in Microsoft 365 Copilot (M365 Copilot) allowed users to access and summarize sensitive files without generating corresponding audit log entries—creating a significant blind spot for security monitoring. Microsoft...