Insights

12/5/2025

Apple on Monday pushed out patches for security vulnerabilities across the macOS, iPhone and iPad software stack, warning that code-execution bugs that could be triggered simply by opening a rigged image, video or website.

19/5/2025

Threat actors have been distributing trojanized versions of the KeePass password manager for at least eight months to install Cobalt Strike beacons, steal credentials, and ultimately, deploy ransomware on the breached network. WithSecure's Threat Intelligence team discovered the campaign after they were brought in to investigate a ransomware attack. The researchers found that the attack started with a malicious KeePass installer promoted through Bing advertisements that promoted fake software sites.

23/5/2025

Microsoft is now testing a new feature in Notepad that can generate text for you using AI. It’s part of a Windows 11 update being released to Windows Insiders in the Canary and Dev channels with Copilot Plus PCs.

14/4/2025

Cybersecurity researchers are calling attention to a new type of credential phishing scheme that ensures that the stolen information is associated with valid online accounts. The technique has been codenamed precision-validating phishing by Cofense, which it said employs real-time email validation so that only a select set of high-value targets are served the fake login screens.

23/4/2025

The recent DeepSeek security breach has once again highlighted the significant vulnerabilities in artificial intelligence (AI) systems and raises alarming questions about where the exposed data may have ended up. Shortly after DeepSeek's release, security researchers uncovered extensive vulnerabilities in the system's infrastructure. Publicly exposed sensitive user data and proprietary information like this often makes its way to the Dark Web — a thriving underground market where stolen data is routinely traded, sold, and exploited.

2/5/2025

After supporting passwordless Windows logins for years and even allowing users to delete passwords from their accounts, Microsoft is making its biggest move yet toward a future with no passwords. Now it will ask people signing up for new accounts to only use more secure methods like passkeys, push notifications, and security keys instead, by default.

20/11/2024

The CrowdStrike catastrophe that took down 8.5 million Windows PCs and servers in July has left many of Microsoft’s biggest customers looking for answers to make sure that such an event never happens again. Now, Microsoft has some answers in the form of a new Windows Resiliency Initiative that’s designed to improve Windows security and reliability.

11/11/2024

Cybersecurity researchers have discovered a new phishing campaign that spreads a new fileless variant of known commercial malware called Remcos RAT. Remcos RAT "provides purchases with a wide range of advanced features to remotely control computers belonging to the buyer," Fortinet FortiGuard Labs researcher Xiaopeng Zhang said in an analysis published last week.

8/11/2024

End-to-End Encryption (E2EE) is a method of transferring data securely from your device to another person’s device while protecting information from any third parties. Continue reading to learn more about what E2EE does, how it works and the benefits of using E2EE to secure your data.