Microsoft has officially ended support for Exchange Server 2016 and 2019, marking the end of a major on-premises email era.
Enterprises still running these versions now face significant security and compliance risks, as both will receive no further patches or updates.
Researchers have uncovered a new global campaign linked to the TA585 threat group, deploying a malware strain called MonsterV2. The campaign targets enterprise, finance, and industrial sectors, leveraging advanced persistence and evasion techniques to steal data and compromise corporate networks
Cybersecurity researchers have uncovered a massive router-based botnet, dubbed RondoDox, that converts compromised devices into nodes within a global proxy network. The botnet enables cybercriminals to route attacks, anonymize traffic, and monetize access to infected routers worldwide.
Cybersecurity researchers uncovered a North Korean operation that targets software developers by hiding malicious code inside public repositories.
The campaign, linked to Lazarus Group, uses fake developer tools and trojanized libraries to infiltrate development environments worldwide.
Investigators suspect Russian-linked cyber actors may be behind the recent attack on Jaguar Land Rover (JLR) that disrupted operations and compromised corporate data. The findings align with a growing pattern of state-aligned cyber interference targeting the automotive sector in Europe.
Microsoft has restricted Internet Explorer (IE) Mode in Edge after discovering it was exploited in targeted attacks. The vulnerability, now patched, allowed threat actors to bypass modern security controls by abusing legacy IE components embedded within enterprise browsers.
A new tool named RealBlindingEDR disables security agents by exploiting Windows process privileges. It allows attackers to blind endpoint detection systems and execute malware without alerts, raising serious concerns among enterprise defenders.
Security researchers discovered a critical vulnerability in Oracle E-Business Suite (EBS) that enables privilege escalation across enterprise systems. The flaw, tracked under CVE-2025-31245, could allow attackers to execute administrative actions without proper authorization if left unpatched.
Hackers have leaked data stolen from Qantas Airways after the airline missed a ransom deadline. The leak includes customer identifiers, flight data, and communication logs. Authorities are working with ACSC and AFP Cybercrime Operations to contain exposure and verify authenticity.
Spanish authorities have dismantled the notorious GXC Team cybercrime syndicate, arresting its leader and several members in a joint operation with Europol.
The group allegedly ran large-scale credential theft, malware distribution, and financial fraud campaigns targeting victims across Europe and beyond.