#hyper-v-abuse
#hyper-v-abuse

DevOps

The Security Metric That's Failing You

Information security

Sharing isn't caring if it's an admin password: Pwned

8 hours ago

UNC6692 Impersonates IT Helpdesk via Microsoft Teams to Deploy SNOW Malware

UNC6692 uses social engineering via Microsoft Teams to deploy malware, targeting senior employees with email spam and impersonation tactics.

Hackers Impersonate IT Help Desk on Microsoft Teams to Gain Access, Steal Data

Hackers are increasingly using social engineering on Microsoft Teams to gain unauthorized access by impersonating IT support.

ThreatsDay Bulletin: $290M DeFi Hack, macOS LotL Abuse, ProxySmart SIM Farms +25 New Stories

Supply chain vulnerabilities and AI tools exacerbate ongoing cyber threats, including state-backed crypto heists and active remote code execution exploits.

14 hours ago

Hybrid clouds have two attack surfaces - so watch both

Hybrid cloud management tools present significant security vulnerabilities that users often overlook.

The Security Metric That's Failing You

Measuring patch rates does not equate to a secure environment; real risks often lie in misconfigurations and outdated permissions.

Sharing isn't caring if it's an admin password: Pwned

Prioritizing convenience over security can lead to significant data loss, as demonstrated by a client using a common password and sharing it publicly.

8 hours ago

UNC6692 Impersonates IT Helpdesk via Microsoft Teams to Deploy SNOW Malware

UNC6692 uses social engineering via Microsoft Teams to deploy malware, targeting senior employees with email spam and impersonation tactics.

Hackers Impersonate IT Help Desk on Microsoft Teams to Gain Access, Steal Data

Hackers are increasingly using social engineering on Microsoft Teams to gain unauthorized access by impersonating IT support.

ThreatsDay Bulletin: $290M DeFi Hack, macOS LotL Abuse, ProxySmart SIM Farms +25 New Stories

Supply chain vulnerabilities and AI tools exacerbate ongoing cyber threats, including state-backed crypto heists and active remote code execution exploits.

Microsoft Patch Still Leaves 1,300 SharePoint Servers Exposed

Over 1,300 internet-exposed Microsoft SharePoint servers remain unpatched against a spoofing flaw, CVE-2026-32201, posing significant security risks.

4 tips for remote workers to safeguard data and privacy

Remote work in public spaces offers convenience but poses privacy and security risks that require precautions.

4 tips for remote workers to safeguard data and privacy

Remote work in public spaces offers convenience but poses privacy and security risks that require careful management.

4 tips for remote workers to safeguard data and privacy

Remote work in public spaces offers convenience but poses privacy and security risks that require precautions.

fromWRAL.com

22 hours ago

One Tech Tip: Logging on at a cafe? Privacy and security guidelines for remote workers

Remote work offers flexibility but poses privacy and security risks in public spaces.

4 tips for remote workers to safeguard data and privacy

Remote work in public spaces offers convenience but poses privacy and security risks that require precautions.

4 tips for remote workers to safeguard data and privacy

Remote work in public spaces offers convenience but poses privacy and security risks that require careful management.

4 tips for remote workers to safeguard data and privacy

Remote work in public spaces offers convenience but poses privacy and security risks that require precautions.

fromWRAL.com

22 hours ago

One Tech Tip: Logging on at a cafe? Privacy and security guidelines for remote workers

Remote work offers flexibility but poses privacy and security risks in public spaces.

Agentic AI for Defense: How Checkmarx Turns Security into a Coding Partner - DevOps.com

Agentic AI proactively identifies and addresses security vulnerabilities in real-time during code development, enhancing application security significantly.

Privacy professionals

Another customer of troubled startup Delve suffered a big security incident | TechCrunch

Delve faces multiple allegations and security incidents, leading to loss of customers and damaged reputation.

fromwww.socialmediatoday.com

How to Build an Exchange: Sub Millisecond Response Times and 24/7 Uptimes in the Cloud

Exchanges are a place where you can submit an order to buy something, letting everyone know about the price you want and notifying you when your order gets filled. They serve as financial infrastructure, providing up-to-date prices and facilitating trades.

Cryptocurrency

Tech industry

Meta breaks ground on 28th US data center

Meta is expanding its AI processing capacity with a new $1 billion data center in Tulsa, Oklahoma, as part of a broader infrastructure commitment.

Why the cloud still runs on coal and gas

Data centers in the U.S. are straining energy grids, leading to increased reliance on fossil fuels and delaying renewable energy goals.

Environment

fromwww.dw.com

Why cloud computing still runs on coal and gas

Data centers' energy demands are straining U.S. power grids, leading to reliance on fossil fuels and delaying renewable energy goals.

Environment

fromwww.dw.com

Why the cloud still runs on coal and gas

Data centers in the U.S. are straining energy grids, leading to increased reliance on fossil fuels and delaying renewable energy goals.

Environment

fromwww.dw.com

Why cloud computing still runs on coal and gas

Data centers' energy demands are straining U.S. power grids, leading to reliance on fossil fuels and delaying renewable energy goals.

The European cloud of the future is built using actual, physical containers

Cloud workloads increasingly utilize physical containers through initiatives like the Modular Integrated Sustainable Datacenter (MISD) project.

When a Cloud Region Fails: Rethinking High Availability in a Geopolitically Unstable World

Cloud regions are influenced by geopolitical events, necessitating multi-region strategies for resilience against disruptions.

When cloud giants neglect resilience

Cloud outages highlight reliability issues as providers prioritize cost-cutting over service stability, raising questions about acceptable levels of unreliability.

European startups

The European cloud of the future is built using actual, physical containers

Cloud workloads increasingly utilize physical containers through initiatives like the Modular Integrated Sustainable Datacenter (MISD) project.

When a Cloud Region Fails: Rethinking High Availability in a Geopolitically Unstable World

Cloud regions are influenced by geopolitical events, necessitating multi-region strategies for resilience against disruptions.

When cloud giants neglect resilience

Cloud outages highlight reliability issues as providers prioritize cost-cutting over service stability, raising questions about acceptable levels of unreliability.

Forget Nvidia: Why HPE Could Be the Overlooked AI Infrastructure Play of 2026

Hewlett Packard Enterprise is an overlooked investment opportunity in AI infrastructure with strong financial growth and expanding margins.

Artificial intelligence

The MCP Disclosure Is the AI Era's 'Open Redirect' Moment

The Model Context Protocol has a design flaw that enables AI supply chain attacks, posing a significant security risk to enterprise AI systems.

Recent Microsoft Defender Vulnerability Exploited as Zero-Day

A zero-day vulnerability in Microsoft Defender, tracked as CVE-2026-33825, allows privilege escalation through a flaw named BlueHammer.

Microsoft Defender Flaws Exploited on Windows, Two Left Unpatched

Three new security flaws in Microsoft Defender are actively exploited, with only one patched, allowing full SYSTEM-level access to attackers.

Three Microsoft Defender Zero-Days Actively Exploited; Two Still Unpatched

Threat actors are exploiting three vulnerabilities in Microsoft Defender for elevated privileges, with one flaw already addressed by Microsoft.

18 hours ago

Recent Microsoft Defender Vulnerability Exploited as Zero-Day

A zero-day vulnerability in Microsoft Defender, tracked as CVE-2026-33825, allows privilege escalation through a flaw named BlueHammer.

Microsoft Defender Flaws Exploited on Windows, Two Left Unpatched

Three new security flaws in Microsoft Defender are actively exploited, with only one patched, allowing full SYSTEM-level access to attackers.

Three Microsoft Defender Zero-Days Actively Exploited; Two Still Unpatched

Threat actors are exploiting three vulnerabilities in Microsoft Defender for elevated privileges, with one flaw already addressed by Microsoft.

more#microsoft-defender

WSL9x hacks Linux into ancient Windows 9x systems

The VxD driver does a lot of the heavy lifting and is responsible for initializing WSL9x as well as handling userspace events that have to be relayed to the kernel (i.e., page faults and syscalls), which it does in a rather interesting way due to limitations in the Win9x architecture.

Software development

Microsoft trims cloud desktop pricing, even as it boosts AI costs

Microsoft is reducing prices for Windows 365 and AVD while increasing Microsoft 365 costs, aiming to promote cloud-based PCs and AI services.

fromArs Technica

Information security

Microsoft issues emergency update for macOS and Linux ASP.NET threat

Information security

Microsoft Patches Critical ASP.NET Core CVE-2026-40372 Privilege Escalation Bug

fromNextgov.com

Information security

Microsoft to test third-party AI models for incorporation in its security offerings

Information security

Microsoft releases Windows Server update to fix April update

Information security

Microsoft closes book on rogue Windows Server 2025 upgrades

Tech industry

fromComputerworld

Microsoft trims cloud desktop pricing, even as it boosts AI costs

Microsoft is reducing prices for Windows 365 and AVD while increasing Microsoft 365 costs, aiming to promote cloud-based PCs and AI services.

fromArs Technica

Microsoft issues emergency update for macOS and Linux ASP.NET threat

Microsoft released an emergency patch for ASP.NET Core to fix a high-severity vulnerability allowing unauthenticated attackers to gain SYSTEM privileges.

Microsoft Patches Critical ASP.NET Core CVE-2026-40372 Privilege Escalation Bug

Microsoft released updates to fix a critical security vulnerability in ASP.NET Core that allows privilege escalation for unauthorized attackers.

fromNextgov.com

Microsoft to test third-party AI models for incorporation in its security offerings

Microsoft is evaluating third-party AI systems to enhance its cybersecurity measures against AI-driven threats.

Microsoft releases Windows Server update to fix April update

Microsoft released an out-of-band update to fix a restart loop issue affecting Windows Server devices after the April 2026 update.

Microsoft closes book on rogue Windows Server 2025 upgrades

Microsoft has resolved the Windows Server 2025 upgrade issue, but new problems have emerged with the cumulative update KB5082063.

more#microsoft

Privacy professionals

The Privacy-Security Partnership: How We Bend Risk in a Resource Crunch

Fewer privacy practitioners feel confident in meeting laws, while resource shortages and compliance challenges increase stress in the field.

fromZero Day Initiative

Zero Day Initiative - CVE-2026-33824: Remote Code Execution in Windows IKEv2

Detection of attacks exploiting this vulnerability requires monitoring specific UDP ports and correlating IKE packets in sequence.

Software development

Microsoft taps Anthropic's Mythos to strengthen secure software development

Mythos can enhance the security of Microsoft products, benefiting enterprises without direct access.

Blackbox replaces two racks of HPE storage with 8U of Everpure | Computer Weekly

Blackbox Hosting has consolidated storage from two full racks down to just 8U of rack space following migration to Everpure FlashArray hardware, achieving a 10:1 data reduction ratio and an 85% reduction in power utilization.

DevOps

Privacy professionals

Lovable under fire over data breach

Lovable faced criticism for a vulnerability that exposed users' sensitive data, including source code and chat history, due to insufficient access controls.

Tech industry

HP's remote desktop push retreats as Anyware heads for EoL

HP is discontinuing its Teradici-derived remote desktop business, including HP Anyware and zero client hardware, by May 2026.

Operationally Ineffective: Putting CVEs in a Chokehold with Privilege Disruption

A Common Vulnerability Exposure (CVE) that cannot reach the privilege plane is operationally ineffective - even at a CVSS Score of 10. This should be a core philosophy that is embedded into the fabric of software engineering.

Information security

Cloudflare Outlines MCP Architecture as Enterprises Confront Security and Governance Risks

Centralized governance and remote infrastructure are essential for secure Model Context Protocol deployments, addressing risks like prompt injection and supply chain attacks.

Half of the 6 Million Internet-Facing FTP Servers Lack Encryption

Approximately 6 million internet-accessible systems are using FTP today, and almost half of them do not use encryption, exposing enterprises and end users to avoidable risks.

Privacy professionals

#ai

Information security

AI Can Autonomously Hack Cloud Systems With Minimal Oversight: Researchers

Information security

Microsoft is using Mythos to detect vulnerabilities

Brace yourself for a flood of patches in all of your tech gadgets

Mythos, Anthropic's AI model, identifies software vulnerabilities, prompting urgent updates to prevent exploitation by hackers.

AI Can Autonomously Hack Cloud Systems With Minimal Oversight: Researchers

AI systems can autonomously hack cloud environments, demonstrating advanced capabilities in executing sophisticated attacks without specific instructions.

Microsoft is using Mythos to detect vulnerabilities

Microsoft integrates AI into cybersecurity to enhance vulnerability detection and prevention during software development.

Brace yourself for a flood of patches in all of your tech gadgets

Mythos, Anthropic's AI model, identifies software vulnerabilities, prompting urgent updates to prevent exploitation by hackers.

Scale sets edge platform's software ever more free from hardware constraints

Scale Computing is reducing hardware requirements for its software, allowing more flexibility for partners and customers in choosing hardware platforms.

SUSE seeks to make VMware migrations a "non-event"

SUSE partners with Cloudbase to integrate Coriolis for seamless migration of virtual machines from VMware and public clouds.

Storage implications of a modern IT architecture | Computer Weekly

Organizations are increasingly using containers to modernize applications and manage both cloud-native and traditional workloads with Kubernetes.

Microsoft issues out-of-band patch for critical security flaw in update to ASP.NET Core

Long-lived tokens in applications can be exploited by attackers to gain unauthorized access and issue legitimate tokens.

Cohere AI Terrarium Sandbox Flaw Enables Root Code Execution, Container Escape

A critical vulnerability in the Terrarium Python sandbox allows arbitrary code execution with root privileges, rated 9.3 on the CVSS scale.

Microsoft issues out-of-band patch for critical security flaw in update to ASP.NET Core

Long-lived tokens in applications can be exploited by attackers to gain unauthorized access and issue legitimate tokens.

Cohere AI Terrarium Sandbox Flaw Enables Root Code Execution, Container Escape

A critical vulnerability in the Terrarium Python sandbox allows arbitrary code execution with root privileges, rated 9.3 on the CVSS scale.

Emergency Update for Windows Server Following Reboot Issues

Microsoft released emergency updates for Windows Server to address LSASS crashes and installation issues following the April 2026 Patch Tuesday updates.

fromArs Technica

6 hours ago

Now, even ransomware is using post-quantum cryptography

Kyber's use of PQC key-exchange algorithms serves more as a marketing tactic than a practical security measure against imminent quantum threats.

4 days ago

Engineering Stable, Secure and Scalable Platforms: A Conversation with Matthew Liste

I was always a tinkerer, I guess. I grew up in the age where computers were not ubiquitous or common. An experience as a kid was instrumental in how my career happened.

DevOps

fromIT Brew

6 hours ago

Asking around: When does ransomware threat intelligence become noise?

Effective threat intelligence requires filtering information relevant to specific market segments to avoid overwhelming alerts.

#data-breach

Information security

Vercel says some of its customers' data was stolen prior to its recent hack | TechCrunch

Security Leaders Discuss the Vercel Breach

The Vercel data breach highlights the risks of targeted account takeovers and the importance of effective communication during security incidents.

Vercel says some of its customers' data was stolen prior to its recent hack | TechCrunch

Vercel experienced a data breach affecting customer accounts, with evidence of prior compromises suggesting broader security implications.

Security Leaders Discuss the Vercel Breach

The Vercel data breach highlights the risks of targeted account takeovers and the importance of effective communication during security incidents.

The Role of Dedicated Servers in Scaling Modern Businesses

Infrastructure investment is crucial for SMEs to ensure reliability, performance, and user experience in a competitive digital landscape.

Bitwarden CLI Compromised in Ongoing Checkmarx Supply Chain Campaign

Bitwarden CLI was compromised in the Checkmarx supply chain campaign, with malicious code stealing sensitive data from users.

fromFortune

Former national cyber director: Anthropic's 'Mythos' AI can hack nearly anything and we aren't ready | Fortune

Mythos, Anthropic's advanced AI model, poses significant risks to critical infrastructure, necessitating urgent investment and collaboration to enhance cybersecurity.

Interview: Critical local infrastructure is missing link in UK cyber resilience | Computer Weekly

Local infrastructure in the UK is vulnerable to cyber attacks, risking severe disruption to essential services and public safety.

Malicious pgserve, automagik developer tools found in npm registry

Malicious npm packages aim to steal sensitive data and credentials, potentially leading to complete organizational takeovers.

fromSitePoint Forums | Web Development & Design Community

Why Your OpenClaw Setup is a "Malicious Insider" in Waiting

OpenClaw's capabilities pose significant security risks, revealing vulnerabilities that can be exploited by malicious insiders.

Microsoft: Most Windows 11 Users Don't Need Third-Party Antivirus

Windows 11's built-in security features may eliminate the need for third-party antivirus software for most users.

Oracle Patches 450 Vulnerabilities With April 2026 CPU

Oracle released 481 new security patches in April 2026, addressing vulnerabilities across 28 product families, with many remotely exploitable without authentication.

Hackers Abuse QEMU for Defense Evasion

Threat actors are exploiting QEMU for ransomware and remote access tool deployment, with increased activity observed since late 2025.

A tsunami of flaws: When frontier AI and Patch Tuesday collide | Computer Weekly

April 2025 Patch Tuesday update was the second-largest in history, addressing over 160 vulnerabilities, with AI tools potentially driving the increase.

Organizations Warned of Exploited Cisco, Kentico, Zimbra Vulnerabilities

CISA expanded its Known Exploited Vulnerabilities catalog with eight new flaws, including high-severity bugs in Cisco and Kentico products.

Progress Patches Multiple Vulnerabilities in MOVEit WAF, LoadMaster

Progress Software released patches for multiple vulnerabilities in MOVEit WAF and LoadMaster that could lead to remote code execution and command injection.

Serial-to-IP Converter Flaws Expose OT and Healthcare Systems to Hacking

Serial-to-IP converters have serious vulnerabilities that can expose critical systems to remote attacks.

Progress Patches Multiple Vulnerabilities in MOVEit WAF, LoadMaster

Progress Software released patches for multiple vulnerabilities in MOVEit WAF and LoadMaster that could lead to remote code execution and command injection.

Serial-to-IP Converter Flaws Expose OT and Healthcare Systems to Hacking

Serial-to-IP converters have serious vulnerabilities that can expose critical systems to remote attacks.

Google Cloud and Wiz build multi-cloud platform on top of Security Graph

Wiz is essential for Google Cloud's security strategy in multi-cloud environments post-acquisition.

Google Antigravity in Crosshairs of Security Researchers, Cybercriminals

Google Antigravity's vulnerabilities have attracted both security researchers and cybercriminals, leading to risks of remote code execution and malware delivery.

Unsecured Perforce Servers Expose Sensitive Data From Major Orgs

Many internet-facing Perforce P4 servers are misconfigured, exposing sensitive information and allowing unauthorized access.

fromTNW | Next-Featured

Lovable security crisis: 48 days of exposed projects, closed bug reports, & the structural failure of vibe coding security

Lovable's security incidents expose vulnerabilities in AI-generated code and highlight a market focus on growth over security.

The cookbook for safe, powerful agents

Capability without control in AI agents creates vulnerabilities, necessitating a structured control architecture for safe deployment.

Kubernetes attack surface explodes: number of threats quadruples

Kubernetes faces a surge in cyberattacks, with a 282% increase in attempts, particularly targeting the IT sector and crypto exchanges.

Cloud development platform Vercel was hacked

Vercel experienced a security breach due to a compromised third-party AI tool, leading to the exposure of customer data.

App host Vercel confirms security incident, says customer data was stolen via breach at Context AI | TechCrunch

Vercel experienced a data breach due to a compromised employee account linked to Context AI, exposing customer credentials.

fromThe Verge

4 days ago

Cloud development platform Vercel was hacked

Vercel experienced a security breach due to a compromised third-party AI tool, leading to the exposure of customer data.

App host Vercel confirms security incident, says customer data was stolen via breach at Context AI | TechCrunch

Vercel experienced a data breach due to a compromised employee account linked to Context AI, exposing customer credentials.

58% of Organizations Spend Over 10 Hours a Month Securing AI-generated Code

31% of organizations using AI-generated code spend 10 hours or less per month on validation and auditing, raising security concerns.

Broadcom brings secure AI agent environment to VMware Tanzu

Broadcom's VMware Tanzu Platform Agent Foundations provides a secure environment for autonomous AI applications with zero-trust networking and automated management.

1 week ago

Ancient Excel bug comes out of retirement for active attacks

A 17-year-old critical Excel vulnerability is actively being exploited, prompting CISA to issue a patch deadline for federal agencies.

#vmware-vcenter

Information security

Critical VMware vCenter Server bug under attack

Information security

2024 VMware Flaw Now in Attackers' Crosshairs

Information security

Critical VMware vCenter Server bug under attack

Information security

2024 VMware Flaw Now in Attackers' Crosshairs

more#vmware-vcenter

Old Windows quirks help punch through new admin defenses

The issue focuses on how Windows handles these directories for specific user sessions. Because the kernel creates a DOS device object directory on demand, rather than at login, it cannot check whether the user is an admin during the creation process. Unlike UAC, Administrator Protection uses a hidden shadow admin account whose token handle can be returned by the system when calling the NtQueryInformationToken API function.

Information security