News

Active Directory Sprawl: The Risks And What You Can Do
Most breaches don’t start with a clever hack—they start with a login. And when Active Directory (AD) is cluttered and ...
The Hacker News2d
Critical Golden dMSA Attack in Windows Server 2025 Enables Cross-Domain Attacks and Persistent Access
Researchers expose critical flaw in Windows Server 2025’s dMSA, enabling enterprise-wide access and lateral movement across ...
SourceSecurity.com1d
Semperis unveils critical design flaw in Windows 2025
Semperis, a provider of AI-powered identity security and cyber resilience, released new research detailing Golden dMSA, a ...
Silverfort uncovers critical Netlogon flaw affecting Windows domain controllers
A new report out today from unified identity security company Silverfort Inc. details a previously undisclosed ...
Pen Test Partners10d
How to conduct a Password Audit in Active Directory (AD)
With the rights tools, and practice it’s possible for SMEs to do their own AD password audits without the expense of ...
DataBreachToday1d
Golden dMSA Flaw Exposes Firms to Major Credential Theft
A critical cryptographic flaw in Windows Server 2025's delegated Managed Service Accounts, or dMSAs, allows attackers to ...
Patch Tuesday: Microsoft Addresses 137 Vulnerabilities, Including High-Severity SQL Server RCE
Patch Tuesday fixes 137 vulnerabilities, including critical flaws in SQL Server, Netlogon, Office, and the .NET Framework.
CSO Online8h
Novel malware from Russia’s APT28 prompts LLMs to create malicious Windows commands
Recent attacks by the state-run cyberespionage group against Ukrainian government targets included malware capable of ...
Turbulence at Air Serbia, the latest airline under cyber siege
Exclusive: Attack enters day 11 and still no public disclosure of what insider claims to be 'deep breach' of Active Directory ...
National CERT Issues High Alert Over Critical Veeam Backup Vulnerability
The National Computer Emergency Response Team (CERT) has issued a high-level security advisory warning organizations of a ...
The Hacker News8d
ServiceNow Flaw CVE-2025-3648 Could Lead to Data Exposure via Misconfigured ACLs
ServiceNow's CVE-2025-3648 flaw exposes sensitive data across multiple tables, impacting all users with misconfigured ACLs.
Computer Weekly10d
July Patch Tuesday brings over 130 new flaws to address
Microsoft patched well over 100 new common vulnerabilities and exposures on the second Tuesday of the month, but its latest update is mercifully light on zero-days.