Security and Windows TCO
Security Week ☛ In Other News: Hackers Not Behind Blackout, CISO Docuseries, Dior Data Breach
A summary of noteworthy stories that might have slipped under the radar this week.
Security Week ☛ Hackers Win $260,000 on First Day of Pwn2Own Berlin 2025
Pwn2Own participants have earned tens of thousands of dollars for Red Hat, Windows, Oracle VirtualBox, Docker Desktop, and Hey Hi (AI) exploits.
Windows TCO / Windows Bot Nets
The Conversation ☛ 2025-05-14 [Older] M&S cyberattacks used a little-known but dangerous technique – and anyone could be vulnerable
Pen Test Partners ☛ VNC. RDP for all to see
TL;DR VNC still remains in some legacy environments due to legacy deployments and ease of use.
Qt ☛ Security advisory: Improper Link Resolution Before File Access in QFileSystemEngine in the Qt corelib module on backdoored Windows impacts Qt
Improper Link Resolution Before File Access ('Link Following') vulnerability in QFileSystemEngine in the Qt corelib module on backdoored Windows potentially allows Symlink Attacks and the use of Malicious Files. This vulnerability has been discovered and assigned the CVE ID CVE-2025-4211.
