Google’s TAG (Threat Intelligence Group) has reported identification of malware actively querying AI language models during attacks to generate code on the fly and evade detection. The discovery marks a shift from attackers using AI as a productivity tool to deploying malware with built-in AI capabilities that adapt in real time. Google identified five new

Continue Reading

Four security flaws allowed message manipulation and caller ID spoofing; all issues resolved after responsible disclosureFour security flaws in Microsoft Teams has that allowed attackers to impersonate executives, manipulate messages, and forge identities in video calls have been patched. Disclosed by Check Point Research, the flaws, affecting the platform’s 320+ million monthly users, have been

Continue Reading

Google has recently pushed out an urgent Chrome security update, patching five vulnerabilities that could leave users exposed to attacks while browsing. Three of the flaws are rated high-severity, prompting security experts to urge immediate updates. The rollout of Chrome 142 began yesterday and will reach users gradually over the coming weeks across Windows, Mac,

Continue Reading

Microsoft has released an important security update for its Edge browser, addressing a remote code execution vulnerability that could allow attackers to run malicious code on users’ systems. Here’s what you need to know about this latest security patch. Last week, Microsoft disclosed CVE-2025-60711, a remote code execution vulnerability affecting Chromium-based versions of Microsoft Edge.

Continue Reading

Over 4,500 exploitation attempts already blocked as attackers target critical flaw allowing password reset hijackingA severe security vulnerability in the Post SMTP WordPress plugin has left more than 400,000 websites exposed to potential account takeover attacks. The flaw, discovered in mid-October 2025, allows unauthenticated attackers to access password reset emails and gain administrative control of

Continue Reading

Ubiquiti Networks has disclosed and patched a critical security vulnerability in its UniFi Access application that could have allowed attackers to bypass authentication and gain unauthorized control over door access systems. If you’re running UniFi Access for physical security management, this is one update you don’t want to skip. In the Security Advisory Bulletin 056,

Continue Reading

The Dovecot team has issued a security advisory for a vulnerability affecting versions 2.4.0 and 2.4.1 of the popular open-source IMAP server. The flaw, identified as CVE-2025-30189, could allow unauthorized access to user accounts under specific configurations. The vulnerability, rated at 7.4 out of 10 on the Common Vulnerability Scoring System (CVSS), is categorized as

Continue Reading