Security
Headlines
HeadlinesLatestCVEs

Tag

#intel

CVE-2025-30387: Document Intelligence Studio On-Prem Elevation of Privilege Vulnerability

**What actions does a valid user have to take to be protected against this vulnerability?** Update the image to the latest tag. User data and setting will not be affected by upgrading to the latest tag.

Microsoft Security Response Center
Open in Source
#vulnerability#intel#Azure#Security Vulnerability
Türkiye Hackers Exploited Output Messenger Zero-Day to Drop Golang Backdoors on Kurdish Servers

A Türkiye-affiliated threat actor exploited a zero-day security flaw in an Indian enterprise communication platform called Output Messenger as part of a cyber espionage attack campaign since April 2024. "These exploits have resulted in a collection of related user data from targets in Iraq," the Microsoft Threat Intelligence team said. "The targets of the attack are associated with the Kurdish

Deepfakes, Scams, and the Age of Paranoia

As AI-driven fraud becomes increasingly common, more people feel the need to verify every interaction they have online.

New SEO Poisoning Campaign Targeting IT Admins With Malware

Varonis reveals attackers are using SEO poisoning to trick IT admins into downloading malware, alongside a critical root…

Fake AI Tools Used to Spread Noodlophile Malware, Targeting 62,000+ via Facebook Lures

Threat actors have been observed leveraging fake artificial intelligence (AI)-powered tools as a lure to entice users into downloading an information stealer malware dubbed Noodlophile. "Instead of relying on traditional phishing or cracked software sites, they build convincing AI-themed platforms – often advertised via legitimate-looking Facebook groups and viral social media campaigns,"

ICE’s Deportation Airline Hack Reveals Man ‘Disappeared’ to El Salvador

Plus: A DOGE operative’s laptop reportedly gets infected with malware, Grok AI is used to “undress” women on X, a school software company’s ransomware nightmare returns, and more.

Google Chrome will use AI to block tech support scam websites

Google announced it will equip Chrome with an AI driven method to detect and block Tech Support Scam websites

Phishing Attack Uses Blob URIs to Show Fake Login Pages in Your Browser

Cofense Intelligence reveals a novel phishing technique using blob URIs to create local fake login pages, bypassing email…

Malicious npm Packages Infect 3,200+ Cursor Users With Backdoor, Steal Credentials

Cybersecurity researchers have flagged three malicious npm packages that are designed to target the Apple macOS version of Cursor, a popular artificial intelligence (AI)-powered source code editor. "Disguised as developer tools offering 'the cheapest Cursor API,' these packages steal user credentials, fetch an encrypted payload from threat actor-controlled infrastructure, overwrite Cursor's

Google Rolls Out On-Device AI Protections to Detect Scams in Chrome and Android

Google on Thursday announced it's rolling out new artificial intelligence (AI)-powered countermeasures to combat scams across Chrome, Search, and Android. The tech giant said it will begin using Gemini Nano, its on-device large language model (LLM), to improve Safe Browsing in Chrome 137 on desktops. "The on-device approach provides instant insight on risky websites and allows us to offer