Week in review: Public MS Word RCE PoC, API exploitation, Patch Tuesday forecast
Microsoft to boost protection against malicious OneNote documents Microsoft has announced that, starting in April 2023, they will be adding enhanced protection when users open …
Microsoft to boost protection against malicious OneNote documents
Microsoft has announced that, starting in April 2023, they will be adding enhanced protection when users open or download a file embedded in a OneNote document – a known …
Alleged seller of NetWire RAT arrested in Croatia
This week, as part of a global law enforcement operation, federal authorities in Los Angeles successfully confiscated www.worldwiredlabs.com, a domain utilized by …
Internet crime in 2022: Over $3 billion lost to investment scammers
“In 2022, investment scam losses were the most (common or dollar amount) scheme reported to the Internet Crime Complaint Center (IC3),” the FBI shared in its 2022 …
March 2023 Patch Tuesday forecast: It’s not about luck
Every month I touch on a few hot topics related to security around patching and some important updates to look out for on the upcoming Patch Tuesday. Diligence to this ongoing …
Veeam Backup & Replication admins, get patching! (CVE-2023-27532)
Veeam Software has patched CVE-2023-27532, a high-severity security hole in its widely-used Veeam Backup & Replication solution, and is urging customer to implement the …
New infosec products of the week: March 10, 2023
Here’s a look at the most interesting products from the past week, featuring releases from 1Password, GrammaTech, Kensington, Palo Alto Networks, and Persona. New Kensington …
Young government workers show poor password management habits
Hybrid work has exposed another area of vulnerability, with 70% of government workers reporting they work virtually at least some of the time, according to Ivanti. The …
GitHub to introduce mandatory 2FA authentication starting March 13
Starting March 13, GitHub will gradually introduce the 2FA enrollment requirement to groups of developers and administrators, beginning with smaller groups. This measured …
Fake ChatGPT Chrome extension targeted Facebook Ad accounts
ChatGPT has garnered a lot of questions about its security and capacity for manipulation, partly because it is a new software that has seen unprecedented growth (hosting 100 …
Fortinet plugs critical RCE hole in FortiOS, FortiProxy (CVE-2023-25610)
Fortinet has patched 15 vulnerabilities in a variety of its products, including CVE-2023-25610, a critical flaw affecting devices running FortiOS and FortiProxy. None of the …
Google One expands security features to all plans with dark web report, VPN access
Google One unveiled two exciting additions to its range of features. Firstly, VPN by Google One will now be available to all plans, offering additional security while carrying …
Featured news
Resources
Don't miss
- State-backed phishing attacks targeting military officials and journalists on Signal
- Poland’s energy control systems were breached through exposed VPN access
- CISA orders US federal agencies to replace unsupported edge devices
- Ransomware attackers are exploiting critical SmarterMail vulnerability (CVE-2026-24423)
- February 2026 Patch Tuesday forecast: Lots of OOB love this month