Google patches Chrome zero‑day CVE‑2025‑10585 — active V8 exploit; update now
Critical zero‑day
Google patches Chrome zero‑day CVE‑2025‑10585 — active V8 exploit; update now
Published: September 19, 2025 • Last updated: September 23…
DNS delegation architectures for multi-forest environments
September 5, 2025
Architecture • DNS • Active Directory
If you run more than one Active Directory forest, DNS is the fabric that lets users, apps, and domain controllers in one forest reliably find resources in another. The right DNS delegation architecture makes cross-forest name resolution fast, secure, and predictable—even in hybrid cloud.
Guide + Comparison
Updated: 5 Sep 2025
Reading time: ~16–18…
FIDO Downgrade Attack Hits Microsoft Entra ID
September 2, 2025
Researchers show how spoofing unsupported browsers can force users off passkeys, exposing Entra ID accounts to phishing and session hijack.
Who/What/When: On August 13, 2025, security researchers detailed a FIDO downgrade attack against Microsoft Entra ID that manipulates login flows to sidestep passkeys.
Where/Why: By spoofing an unsupported browser, attackers trigger an error that removes…
Storm-0501 Exploits Microsoft Entra ID to Wipe and Ransom Azure Data
September 1, 2025
In August 2025, Microsoft warned that Storm-0501, a financially motivated ransomware group, is abusing Microsoft Entra ID and hybrid Active Directory synchronization accounts to seize control of entire cloud environments. Victims reported that attackers exfiltrated Azure data, deleted backups, and issued ransom demands over Microsoft Teams. For IT admins and security engineers, this marks a…
According to researchers, the China-backed APT named Naikon (also known as ‘Override Panda’) has shown up again. The group masterminded a recent phishing campaign that was carried out to steal confidential information assets.
Also known as Hellsing, and Bronze Geneva, Naikon is a known nation-state actor that has been working on behalf of China since 2005. The group was first…
Bumblebee: A new malware loader on the prowl
April 28, 2022
A latest report by Proofpoint has uncovered that attackers are using a new malware loader named Bumblebee. These threat actors were previously known for delivering BazaLoader and IcedID loaders.
According to the write-up, Bumblebee, a sophisticated malware loader, has been active in the cyberspace since March 2022, post the absence of BazaLoader. It must be noted that Bumblebee is capable of…
The FBI has issued a warning on the lethal Blackcat/ALPHV ransomware as a service (RaaS), which is currently on prowl. The malware family was responsible for compromising accounts spanning over sixty organizations, with attacks spanning from November 2021 till March this year.
In their flash report, the FBI detailed the indicators of compromise (IOC) and tactics, techniques and procedures…
Israel's Pegasus spyware finds a new target
April 13, 2022
A new report from Reuters suggests that EU officials were allegedly targeted by the NSO group’s Pegasus spyware.
The report stated that atleast five individuals were spied upon by unknown entities using the infamous malware. In addition to two unnamed EU officials, the list of victims also include Didier Reynders,a senior Belgian official who has served as the European Justice…
With data breaches and information stealing becoming a prevalent sight in cyberspace, researchers have now warned the looming presence of two info-stealers, namely FFDroider and Lightning Stealer, which are capable of stealing sensitive information while launching further attacks.
An official statement released by ZScaler based cybersecurity researchers Avinash Kumar and Niraj Shivtarkar…
On Tuesday, the German federal criminal police department, known as Bundeskriminalamt, announced that they have dismantled servers belonging to the Russia-based darknet market Hydra. Additionally, the forces have also confiscated bitcoin resources worth 25 million euros ($25 million).
In the official statement, the authorities revealed that the joint operation that dates back to August 2021…
