Fixing 63 Flaws Including 1 Active Zero-Day You will find below my hot take on this historic Microsoft Patch Tuesday, following the official end of support for Windows 10… I hope you find it useful. Executive Summary Overview of the November 2025 Patch Tuesday On November 11, 2025, Microsoft released its monthly batch of security…
In this article, I present a summary of the security best practices for Microsoft Exchange Server, directly inspired by the recommendations published by the NSA and CISA. These guidelines aim to strengthen the resilience of Exchange environments hosted in data centers — whether on-premises or hybrid — against current threats, including email account compromises and…
Since the second half of September 2025, the National Cybersecurity Response Team of Ukraine (CERT-UA) has observed a new wave of targeted cyberattacks against Ukrainian defense forces and local government institutions.These attacks have been attributed to the UAC-0239 group, believed to be operating on behalf of or in cooperation with Russian threat actors. The attackers…
I hesitated for a long time before writing an article on this subject, as it seems both delicate and inevitable given the transformational impact of AI for all of us. While corporate management celebrates the productivity gains brought by ChatGPT and its competitors, security teams face a far more concerning reality: generative AI has become,…
Executive summary On 2 October 2025, the extortion group Crimson Collective announced on Telegram that it had compromised Red Hat Consulting’s private Git repositories. Reports indicate that the attackers stole approximately 570 GB of compressed data from around 28 000 internal repositories. Among the stolen files were Customer Engagement Reports (CERs), which contain architecture diagrams, configuration details, authentication tokens and network maps. The leak…
Executive Summary The U.S. Secret Service dismantled a network of electronic devices across the New York tristate area used to conduct telecommunications-related threats targeting senior U.S. government officials, which posed an imminent risk to protective operations. The investigation uncovered more than 300 co-located SIM servers and 100,000 SIM cards at multiple sites. The devices were…
On September 12, 2025, the Federal Bureau of Investigation (FBI) issued a FLASH alert detailing the operations of two cybercriminal groups, UNC6040 and UNC6395, which are targeting Salesforce instances to exfiltrate data and extort organizations. This alert, intended for cybersecurity professionals (CERTs, SOC analysts, CISOs), outlines the initial access vectors, data exfiltration techniques, authentication bypass…
