Microsoft SharePoint zero-day exploited in remote code execution attacks around the world.
Posted inCybersecurity News

Microsoft SharePoint zero-day exploited in remote code execution attacks around the world.

Categorized as a remote code execution (RCE) flaw, this vulnerability is currently being exploited on a large scale, allowing attackers to take complete control of exposed on-premises SharePoint servers. As government agencies, educational institutions, energy sector, and major enterprises scramble to secure their infrastructure, understanding the mechanics, impact, and mitigations for this attack has become paramount.
A novel phishing technique uses QR codes presented during MFA authentication to bypass FIDO-based protections.
Posted inCybersecurity News

A novel phishing technique uses QR codes presented during MFA authentication to bypass FIDO-based protections.

Security researchers have identified a novel phishing technique that leverages QR codes presented during simulated multifactor authentication (MFA) processes to bypass FIDO-based protections. The method exploits legitimate cross-device sign-in flows — without compromising the underlying FIDO standard — by manipulating user behavior and undermining core assumptions of phishing-resistant authentication.
WebAuthn PRF Encryption: Passkeys and WebAuthn – the next frontier for secure file encryption.
Posted inEncryption

WebAuthn PRF Encryption: Passkeys and WebAuthn – the next frontier for secure file encryption.

The evolution of passkeys and WebAuthn is not only advancing passwordless authentication—it is also unlocking new capabilities in the realm of data security. Among the most significant recent developments is the ability to use passkeys, in conjunction with the WebAuthn PRF (Pseudo-Random Function) extension, to securely encrypt and decrypt files. This represents a powerful new use case for passkeys, offering users phishing-resistant, hardware-backed, and password-free file encryption.
Russia’s state-sponsored APT28 threat actors are employing a previously unknown software called Authentic Antics against email systems.
Posted inCybersecurity News

Russia’s state-sponsored APT28 threat actors are employing a previously unknown software called Authentic Antics against email systems.

The UK’s National Cyber Security Centre (NCSC) has identified a new cyber espionage campaign attributed to Russian military intelligence operatives. According to a recent report, threat actors associated with the GRU—specifically the well-known group APT28—have been actively utilizing a previously unknown malicious software known as “Authentic Antics” to carry out targeted cyber operations against email systems.
Critical vulnerability in NVIDIA Container Toolkit, widely used in AI environments, presents significant security risk to cloud infrastructures.
Posted inCybersecurity News

Critical vulnerability in NVIDIA Container Toolkit, widely used in AI environments, presents significant security risk to cloud infrastructures.

A recently disclosed critical vulnerability in the NVIDIA Container Toolkit, widely used in AI and high-performance computing environments, presents a significant security risk to cloud infrastructures running GPU-accelerated workloads. Tracked as CVE-2025-23266, the vulnerability enables privilege escalation from within containers, allowing attackers to gain root-level access to the host system. With a CVSS score of 9.0 (Critical), the flaw affects a substantial portion of GPU-enabled cloud environments, including those offering multi-tenant AI services.