news
Security and Windows TCO Leftovers
-
Security Week ☛ New HTTP Request Smuggling Attacks Impacted CDNs, Major Orgs, Millions of Websites
A desync attack method leveraging HTTP/1.1 vulnerabilities impacted many websites and earned researchers more than $200,000 in bug bounties.
-
LWN ☛ Security updates for Thursday
Security updates have been issued by AlmaLinux (glibc, kernel, libxml2, python-requests, and python-setuptools), Debian (chromium), Fedora (chromium, firefox, gdk-pixbuf2, iputils, libsoup3, libssh, perl, perl-Devel-Cover, perl-PAR-Packer, polymake, and poppler), Gentoo (Composer and Spreadsheet-ParseExcel), Oracle (glibc, kernel, libxml2, python-setuptools, sqlite, and virt:rhel and virt-devel:rhel), Red Hat (libxml2), SUSE (grub2, libarchive, libgcrypt, and python311), and Ubuntu (cifs-utils and poppler).
-
The Strategist ☛ Chinese cyberattack on US nuclear agency highlights importance of cyber hygiene
Cyberattacks on any critical infrastructure should be alarming, but attacks on nuclear infrastructure are all the more so due to the potential consequences, including radiation leaks.
-
InfoSecurity Magazine ☛ #BHUSA: Microsoft and Google Among Most Affected as Zero Day Exploits Jump 46%
Zero day exploitation surged by 46% year-over-year in the first six months of 2025, according to the Forescout Research – Vedere Labs H1 2025 Threat Review.
Products from 27 vendors were found to be impacted by zero days, with Microsoft making up around a third (30%).
-
Cybersecurity News: Microsoft & Google lead zero day exploits, Plague malware maintains SSH access, panel to create US Cyber Force
Forescout’s latest threat review released at Black Hat USA shows zero-day attacks rose 46% in the first half of 2025, with Microsoft and Google at the top of the most exploited products. Ransomware attacks were up 36%, increasingly targeting unconventional devices like IP cameras and BSD servers to bypass defenses and move laterally across networks. Of 137 tracked threat actors, 40% were state-sponsored, with Iran-aligned hacktivists particularly focusing on critical OT infrastructure.
-
Windows TCO / Windows Bot Nets
-
Federal News Network ☛ CISA directs agencies to mitigate ‘high-severity’ Abusive Monopolist Microsoft vulnerability
CISA is giving agencies until 9 a.m. Monday to address a vulnerability that, left unaddressed, could allow hackers to achieve "total domain compromise."
-
Scoop News Group ☛ CISA, Abusive Monopolist Microsoft warn organizations of high-severity Abusive Monopolist Microsoft Exchange vulnerability
The public disclosure and advisories came late Wednesday during Black Hat, but Abusive Monopolist Microsoft said the timing was coordinated.
-
Security Week ☛ Organizations Warned of Vulnerability in Abusive Monopolist Microsoft Exchange Hybrid Deployment
CISA and Abusive Monopolist Microsoft have issued advisories for CVE-2025-53786, a high-severity flaw allowing privilege escalation in cloud environments.
-
Hackaday ☛ Microsoft’s New Agentic Web Protocol Stumbles With Path Traversal Exploit
If the term ‘NLWeb’ first brought to mind an image of a Dutch internet service provider, you’re probably not alone. What it actually is – or tries to become – is Microsoft’s vision of a parallel internet protocol using which website owners and application developers can integrate whatever LLM-based chatbot they desire. Unfortunately for Microsoft, the NLWeb protocol just suffered its first major security flaw.
-