Microsoft Store Adds Multi-App Install Support for Easier Windows 11 Deployments
November 6, 2025
Microsoft has added a new web-based feature to the Microsoft Store that lets users create a single installer for multiple
Application Security
Microsoft Store Adds Multi-App Install Support for Easier Windows 11 Deployments
Microsoft has added a new web-based feature to the Microsoft Store that lets users create a single installer for multiple apps. The enhancement simplifies deployments, ...
SonicWall Traces 2023 Breach to State-Linked Threat Group Targeting Firewalls
SonicWall has attributed its 2023 security breach to a suspected state-sponsored APT group that accessed firewall configuration backups. While no personal data was exposed, the ...
Attackers Exploit Critical Plugin Flaw to Hijack Admin Access on 400,000+ WordPress Sites
A zero-day flaw in the Post SMTP WordPress plugin—installed on over 400,000 sites—is under active exploitation, allowing attackers to hijack admin accounts via a misconfigured ...
Malicious Android Apps Garner 40 Million Downloads on Google Play, Zscaler Finds
Zscaler has uncovered a massive Android malware campaign distributing malicious apps through Google Play, amassing over 40 million downloads. The apps, posing as legitimate tools, ...
Google’s November 2025 Android Security Update Fixes Critical Remote Code Execution Flaw
Google’s November 2025 Android security bulletin fixes a critical remote code execution flaw in the Android System component that could allow network-based compromise without user ...
Microsoft Plans to Retire Defender Application Guard for Office by 2027
Microsoft will retire Defender Application Guard for Office beginning February 2026, with full end-of-support by December 2027. The move marks a strategic shift toward cloud-based ...
Emergency WSUS Patch Breaks Hotpatching Function for Windows Server 2025 Systems
A rushed out-of-band patch for a critical WSUS vulnerability has unintentionally broken hotpatching on Windows Server 2025, disabling one of its key uptime features. Administrators ...
SleepyDuck Malware Poses Supply Chain Threat Through Fake VS Code Extension
A new remote access trojan dubbed SleepyDuck is disguising itself as a legitimate Visual Studio Code extension to infect developers’ systems. The malware uniquely uses ...
OpenAI Assistants API Abused in New Malware Campaign Leveraging Covert C2 Channel
Microsoft has uncovered a new backdoor malware strain using OpenAI’s Assistants API as a covert command-and-control channel. The discovery marks one of the first cases ...
Indian Government Issues High-Severity Warning for Google Chrome Users
CERT-In warns Chrome users in India to update immediately after multiple high-severity vulnerabilities were discovered that allow remote attackers to hijack systems via malicious webpages.
SonicWall Traces 2023 Breach to State-Linked Threat Group Targeting Firewalls
November 6, 2025
SonicWall has attributed its 2023 security breach to a suspected state-sponsored APT group that accessed firewall configuration backups. While no
Attackers Exploit Critical Plugin Flaw to Hijack Admin Access on 400,000+ WordPress Sites
November 5, 2025
A zero-day flaw in the Post SMTP WordPress plugin—installed on over 400,000 sites—is under active exploitation, allowing attackers to hijack
Malicious Android Apps Garner 40 Million Downloads on Google Play, Zscaler Finds
November 4, 2025
Zscaler has uncovered a massive Android malware campaign distributing malicious apps through Google Play, amassing over 40 million downloads. The
Google’s November 2025 Android Security Update Fixes Critical Remote Code Execution Flaw
November 4, 2025
Google’s November 2025 Android security bulletin fixes a critical remote code execution flaw in the Android System component that could
Microsoft Plans to Retire Defender Application Guard for Office by 2027
November 4, 2025
Microsoft will retire Defender Application Guard for Office beginning February 2026, with full end-of-support by December 2027. The move marks
Emergency WSUS Patch Breaks Hotpatching Function for Windows Server 2025 Systems
November 4, 2025
A rushed out-of-band patch for a critical WSUS vulnerability has unintentionally broken hotpatching on Windows Server 2025, disabling one of
SleepyDuck Malware Poses Supply Chain Threat Through Fake VS Code Extension
November 4, 2025
A new remote access trojan dubbed SleepyDuck is disguising itself as a legitimate Visual Studio Code extension to infect developers’
OpenAI Assistants API Abused in New Malware Campaign Leveraging Covert C2 Channel
November 3, 2025
Microsoft has uncovered a new backdoor malware strain using OpenAI’s Assistants API as a covert command-and-control channel. The discovery marks
Indian Government Issues High-Severity Warning for Google Chrome Users
November 3, 2025
CERT-In warns Chrome users in India to update immediately after multiple high-severity vulnerabilities were discovered that allow remote attackers to
Trending
Daily Briefing Newsletter
Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.