SecurityWeek

New Paper and Tool Help Security Teams Move Beyond Blind Reliance on CISA’s KEV Catalog

The cybersecurity of business is not the function of CISA. CISA’s remit is to raise the security of FECB agencies, and KEV is ...

Microsoft says hackers are exploiting critical zero-day bugs to target Windows and Office users

Critical security flaws targeting Windows and Office users allow hackers to take complete control of a victim's computer by ...

DOJ says Trenchant boss sold exploits to Russian broker capable of accessing ‘millions of computers and devices’

The former boss of the L3Harris-owned hacking and surveillance tools maker Trenchant faces nine years in prison for selling several exploits to a Russian broker, which counts the Russian government ...

Microsoft fixes Notepad flaw that could trick users into clicking malicious Markdown links

Microsoft has fixed a serious security vulnerability affecting Markdown files in Notepad. In the company’s Tuesday patch ...
MIT Technology Review

AI is already making online crimes easier. It could get much worse.

Some cybersecurity researchers say it’s too early to worry about AI-orchestrated cyberattacks. Others say it could already be happening.

Once-hobbled Lumma Stealer is back with lures that are hard to resist

“LummaStealer is back at scale, despite a major 2025 law-enforcement takedown that disrupted thousands of its command-and-control domains,” researchers from security firm Bitdefender wrote. “The ...

Microsoft’s February Patch Tuesday Fixes 6 Zero-Days Under Attack

Microsoft patches 58 vulnerabilities, including six actively exploited zero-days across Windows, Office, and RDP, as CISA sets a March 3 deadline.