Security
Headlines
HeadlinesLatestCVEs

Tag

#microsoft

Trump’s Aggression Sours Europe on US Cloud Giants

Companies in the EU are starting to look for ways to ditch Amazon, Google, and Microsoft cloud services amid fears of rising security risks from the US. But cutting ties won’t be easy.

Wired
Open in Source
#web#google#microsoft#amazon#ddos#perl#aws#auth
New Phishing Scam Uses Fake Instagram Chatbot to Hijack Accounts

New phishing scam targets Instagram business accounts using fake chatbots and support emails, tricking users into handing over login credentials.

How to Avoid US-Based Digital Services—and Why You Might Want To

Amid growing concerns over Big Tech firms aligning with Trump administration policies, people are starting to move their digital lives to services based overseas. Here's what you need to know.

CVE-2025-2476: Chromium: CVE-2025-2476 Use after free in Lens

**What is the version information for this release?** Microsoft Edge Version Date Released Based on Chromium Version 134.0.3124.83 3/21/2025 134.0.6998.117/.118

CVE-2025-29806: Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability

**What is the version information for this release?** Microsoft Edge Channel Microsoft Edge Version Based on Chromium Version Date Released Stable CVE-2024-8904, 129.0.6668.58/.59 9/19/2024

CVE-2025-29795: Microsoft Edge (Chromium-based) Update Elevation of Privilege Vulnerability

Improper link resolution before file access ('link following') in Microsoft Edge (Chromium-based) allows an authorized attacker to elevate privileges locally.

Tomorrow, and tomorrow, and tomorrow: Information security and the Baseball Hall of Fame

In this week’s Threat Source newsletter, William pitches a fun comparison between baseball legend Ichiro Suzuki and the unsung heroes of information security, highlights newly released UAT-5918 research, and shares an exciting new Talos video.

How to Protect Your Business from Cyber Threats: Mastering the Shared Responsibility Model

Cybersecurity isn't just another checkbox on your business agenda. It's a fundamental pillar of survival. As organizations increasingly migrate their operations to the cloud, understanding how to protect your digital assets becomes crucial. The shared responsibility model, exemplified through Microsoft 365's approach, offers a framework for comprehending and implementing effective cybersecurity

UAT-5918 targets critical infrastructure entities in Taiwan

UAT-5918, a threat actor believed to be motivated by establishing long-term access for information theft, uses a combination of web shells and open-sourced tooling to conduct post-compromise activities to establish persistence in victim environments for information theft and credential harvesting.

CVE-2025-29814: Microsoft Partner Center Elevation of Privilege Vulnerability

**Why are there no links to an update or instructions with steps that must be taken to protect from this vulnerability?** This vulnerability has already been fully mitigated by Microsoft. There is no action for users of this service to take. The purpose of this CVE is to provide further transparency. Please see Toward greater transparency: Unveiling Cloud Service CVEs for more information.