Microsoft in a recent blog post has announced that it will disable the legacy NTLM authentication protocol by default in upcoming Windows Server and Windows client releases, citing long-standing security weaknesses. NTLM (New Technology LAN Manager) is an authentication protocol that was introduced in 1993 with Windows NT and was the default for domain-joined systems

Continue Reading

As AI tools become easier to run outside of major cloud platforms, a new and largely unseen layer of AI infrastructure is quietly taking shape online. Joint research by SentinelLabs and Censys has revealed that over 170,000 AI systems are now publicly reachable on the open internet and operating without the safeguards, monitoring, or oversight

Continue Reading

Match Group, the parent company behind Tinder, Hinge, OkCupid, Match.com, and Meetic, has reported a cybersecurity incident that resulted in unauthorized access to user data across several of its platforms. According to Bleepingcomputer, Match Group confirmed the attack traces back to a social engineering effort where attackers compromised an Okta single sign-on account through a

Continue Reading

SmarterTools has released SmarterMail Build 9526, the latest version of their enterprise email server platform. SmarterMail is widely used by businesses and service providers worldwide for secure, reliable email, calendaring, and collaboration services. This update focuses on improving security, fixing critical bugs, and enhancing overall system reliability. The release addresses several serious security vulnerabilities that

Continue Reading

Microsoft has released a security update addressing a newly identified vulnerability in Microsoft Office that allows attackers to bypass built-in security protections under specific conditions. Tracked as CVE-2026-21509, Microsoft’s advisory notes that exploitation has been detected, indicating real-world activity, making timely patching especially important for organizations and individual users alike. The security feature bypass vulnerability

Continue Reading

Cybersecurity researchers are warning about a new Android malware campaign that takes advantage of legitimate AI infrastructure to distribute malicious software, highlighting a growing trend where attackers hide in plain sight by abusing trusted platforms. According to a recent analysis by Bitdefender Labs, attackers have been using Hugging Face, a popular hosting platform for machine

Continue Reading

WhatsApp has just rolled out a new feature aimed at providing users with stronger safeguards against sophisticated cyber threats. Called Strict Account Settings, this functionality is designed for individuals who need an extra layer of protection—such as journalists, public-facing figures, or anyone concerned about targeted attacks. At its core, WhatsApp continues to offer default end-to-end

Continue Reading

Cisco has released multiple security updates affecting enterprise communications, contact center, and infrastructure platforms widely deployed in production environments. Among the issues addressed is a critical remote code execution vulnerability that Cisco reports is being actively exploited. The most severe issue is a remote code execution vulnerability affecting multiple Cisco Unified Communications products. Tracked as

Continue Reading