Microsoft Patches Critical Entra ID Flaw Enabling Global Admin Impersonation Across Tenants
Read More A critical token validation failure in Microsoft Entra ID (previously Azure Active Directory) could have allowed attackers to impersonate any user, including Global Administrators, across any tenant. The vulnerability, tracked as CVE-2025-55241, has been...
DPRK Hackers Use ClickFix to Deliver BeaverTail Malware in Crypto Job Scams
Read More Threat actors with ties to the Democratic People’s Republic of Korea (aka DPRK or North Korea) have been observed leveraging ClickFix-style lures to deliver a known malware called BeaverTail and InvisibleFerret. “The threat actor used ClickFix...
LastPass Warns of Fake Repositories Infecting macOS with Atomic Infostealer
Read More LastPass is warning of an ongoing, widespread information stealer campaign targeting Apple macOS users through fake GitHub repositories that distribute malware-laced programs masquerading as legitimate tools. “In the case of LastPass, the fraudulent...