Microsoft just built an AI that reverse-engineers malware by itself. No hints. No human help — and 90%+ accuracy. It could change how threats are found—before they even spread. Here’s what Project Ire can do ↓ thehackernews.com/2025/08/micros…

Our latest disclosures for CVE-2025-8355 and CVE-2025-8356 - discovering a critical RCE in Xerox FreeFlow Core horizon3.ai/attack-researc…

I’m excited to announce two major upgrades in our free product line: 📦 Archive scanning is now unlocked in THOR Lite - including docx, xlsx, jar, war, and more 🧠 YARA Forge (my own project) is now integrated – extends the detection coverage with open source rules 🔍 Also

New downgrade attack can bypass FIDO auth in Microsoft Entra ID - Bill Toulas bleepingcomputer.com/news/security/… bleepingcomputer.com/news/security/…

Xbow raised $117M to build AI hacker agents, in Alias Robotics open-sourced it and made it completely free. Github: github.com/aliasrobotics/… Paper: arxiv.org/abs/2504.06017

Today I have a more serious topic than usual, please consider reposting for reach: My wife and I are urgently looking for a specialist in neuropediatrics or a similar field for our autistic child with a diagnosed, but not further specified, movement disorder [1/3]

New pre-auth RCE vulnerabilities in Commvault have been disclosed (see write-up below). A friend started scanning and already found 185 vulnerable instances worldwide – and while that number alone is concerning, the German subset stands out: The vast majority of those are run

77 seconds. That's how quickly NodeZero became Domain Admin in a production network. If your SOC can't detect and stop NodeZero in 76 seconds, it's game over. The future of cyber warfare is AI vs. AI with humans by exception, but it isn’t just about “who has the smarter brain.”

Even though Microsoft provided a PowerShell command in April 2025 to disable the SMTP DirectSend feature in Exchange Online, we are still seeing attackers successfully reach the inbox for organizations that do not have their DMARC DNS Record set to Reject or Quarantine. According

🚨 𝗪𝗲'𝘃𝗲 𝘂𝗻𝗰𝗼𝘃𝗲𝗿𝗲𝗱 𝘁𝗵𝗲 𝗳𝗶𝗿𝘀𝘁 𝗺𝗮𝗹𝗶𝗰𝗶𝗼𝘂𝘀 𝗠𝗖𝗣 𝘀𝗲𝗿𝘃𝗲𝗿 𝗶𝗻 𝘁𝗵𝗲 𝘄𝗶𝗹𝗱. It was only a matter of time. The postmark-mcp npm package (1,500+ weekly downloads) has been backdoored since v1.0.16 - silently BCCing every email to the attacker's

We detected a new somewhat sophisticated campaign abusing spoofed Microsoft Teams installer. The malware is hosted on a legitimate looking website, which seems to be part of redirect chain. Each new download produces a unique file hash - so that is not reliable indicator. The

We did it: 🇩🇪Germany will OPPOSE Chat Control! 🥳 Thanks everyone for writing to the ministers. 🫶 #ChatControl will not get a majority in the EU Council - at least for now.

Azure Security Firmware analysis has shipped!! Scan Routers, Edge Devices, IoT, and any embedded device to identity vulnerabilities and generate SBOMs and reports. Free tier so have with it scanning your home stuff too! techcommunity.microsoft.com/blog/IoTBlog/f…

Did you encounter the Supabase? Might wanna try my newest tooling or have a read about quickwins? There you go: blog.m1tz.com/posts/2025/10/…

Intune now has dedicated security recommendations docs just like Entra 🔥 The Entra security docs are extremely popular, and I love seeing other teams publishing this kind of guidance Thanks to my collegaue (Josh Gatewood) for pointing this out! learn.microsoft.com/en-us/intune/i…

OK, Rocket Software believes that the likelihood of my unauthenticated RCE "being exploited is rare"...🤦‍♂️ docs.rocketsoftware.com/bundle/trufusi… #security

CVE-2025-59287 - 9.8, WSUS Remote Code Execution Write-up and PoC hawktrace.com/blog/CVE-2025-…

𝗨𝗿𝗴𝗲𝗻𝘁 𝗰𝗮𝗹𝗹 𝗳𝗼𝗿 𝗮𝗹𝗹 𝗖𝗜𝗦𝗢𝘀 𝗮𝗻𝗱 𝗘𝗺𝗽𝗹𝗼𝘆𝗲𝗲𝘀 𝗪𝗵𝗼 𝗨𝘀𝗲 𝗠𝗶𝗰𝗿𝗼𝘀𝗼𝗳𝘁 𝗧𝗼𝗼𝗹𝘀 I read about a newly identified 𝗣𝗵𝗶𝘀𝗵𝗶𝗻𝗴 𝘁𝗲𝗰𝗵𝗻𝗶𝗾𝘂𝗲 called "𝗖𝗼𝗣𝗵𝗶𝘀𝗵" and I thought to share. This attack exploits Microsoft’s Copilot

Quick reminder: you can activate the full YARA-Forge rule sets in our free products THOR Lite and THOR Cloud Lite Use the options shown below to select or download the rule package: In THOR Cloud Lite: select Yara Forge → core under Global Settings In THOR Lite: run

The new Microsoft Teams feature allowing chat with anyone via email—even non-Teams users—introduces several security risks, including an expanded attack surface for phishing and malware and increased potential for data leakage. To disable the feature, set the