On July 8, 2025, Microsoft and CVE.org disclosed a critical security flaw, CVE-2025-47981, affecting the SPNEGO Extended Negotiation (NEGOEX) security mechanism—a core component in Microsoft Windows authentication protocols.
Rated an alarming 9.8 on the CVSS severity scale, this vulnerability enables attackers to execute arbitrary code remotely,...
Recent research by Silent Push Threat Analysts, in partnership with Brian Krebs, has brought a sharp focus to the sprawling criminal infrastructure of the so-called Triad Nexus, which is operated through the FUNNULL Content Delivery Network (CDN).
This network, run by its administrator Lizhi...
Houston, July 9, 2025 — In a landmark operation, the U.S. Justice Department announced the arrest of Xu Zewei, a 33-year-old Chinese national and alleged cybercriminal mastermind behind the infamous “HAFNIUM” hacking campaign.
Xu, detained in Milan, Italy on July 3 at the US’s behest,...
Microsoft has announced a significant change for Windows 11 Insiders, with the deprecation and removal of Windows PowerShell 2.0 in the latest Insider Preview Build 27891, released to the Canary Channel.
The move aims to address longstanding architectural and security vulnerabilities associated with the...
In a field often dominated by seasoned professionals, 13-year-old Dylan has turned heads by becoming the youngest researcher to collaborate with the Microsoft Security Response Center (MSRC).
His journey combines early curiosity, technical prowess, and a drive to enhance digital safety for millions, providing...
A recent spike in phishing campaigns has seen attackers exploit the PDF file format to impersonate leading brands, including Microsoft, DocuSign, and Dropbox.
According to Cisco Talos, the security research arm of Cisco, threat actors are leveraging the popularity and trust associated with these...