Tech News

Industry updates, security alerts, and analysis from an IT professional

📰 All News ⚡ Gadgets 🌐 Networking 🛡️ Security 🏠 Smart Home 🔐 VPN Services

9 Articles

🛡️ Security Dec 31, 2025

Unleash Protocol Loses $3.9M in Unauthorized Smart Contract Upgrade Attack

Attackers gained multisig control and executed unauthorized contract upgrade to drain wrapped IP tokens, USDC, and ETH before laundering through Tornado Cash.

DeFiSmart Contract SecurityCryptocurrency

Read Article

🛡️ Security Dec 21, 2025

RansomHouse Ransomware Upgrades to Advanced 'Mario' Encryptor With Multi-Layer Encryption

RansomHouse RaaS operation deploys new 'Mario' encryptor featuring dual-key encryption, dynamic chunk sizing, and enhanced anti-analysis capabilities targeting VMware ESXi environments.

ransomwareRansomHouseVMware ESXi

Read Article

🛡️ Security Dec 16, 2025

Critical Fortinet SSO Vulnerabilities Under Active Exploitation — Admin Accounts and Config Files Targeted

Hackers are actively exploiting CVE-2025-59718 and CVE-2025-59719 to bypass FortiCloud SSO authentication and steal firewall configuration files from multiple Fortinet products.

FortinetCVESSO

Read Article

🛡️ Security Dec 16, 2025

Microsoft to Block Outdated Exchange ActiveSync Devices from Exchange Online Starting March 2026

Microsoft announces that devices running Exchange ActiveSync versions below 16.1 will lose access to Exchange Online after March 1, 2026, affecting millions of mobile email users.

Microsoft 365Exchange OnlineExchange ActiveSync

Read Article

🛡️ Security Dec 15, 2025

700Credit Data Breach Exposes 5.8 Million Customer Records Through API Vulnerability

700Credit reveals massive data breach affecting 5.8 million people after attackers exploited an API vulnerability through a compromised integration partner.

Data BreachAPI SecurityIdentity Theft

Read Article

🛡️ Security Dec 15, 2025

Microsoft Confirms Windows 11 Updates Breaking Enterprise VPN Connections in WSL

Recent Windows 11 security updates are causing VPN connectivity failures for enterprise users running Windows Subsystem for Linux with mirrored mode networking.

MicrosoftWindows 11WSL

Read Article

🛡️ Security Dec 11, 2025

New ConsentFix Attack Hijacks Microsoft Accounts via Azure CLI Without Passwords or MFA

A new 'ConsentFix' attack tricks users into granting full Microsoft account access through Azure CLI OAuth flows—no password theft or MFA bypass required.

MicrosoftAzureOAuth

Read Article

🛡️ Security Dec 10, 2025

Fortinet Warns of Critical FortiCloud SSO Authentication Bypass Flaws

Fortinet releases patches for two critical 9.1 CVSS authentication bypass vulnerabilities affecting FortiOS, FortiWeb, FortiProxy, and FortiSwitchManager.

FortinetFortiWebAuthentication Bypass

Read Article

🛡️ Security Dec 10, 2025

Microsoft December 2025 Patch Tuesday: One Zero-Day Exploited in the Wild, 57 Total Fixes

Microsoft's final Patch Tuesday of 2025 addresses 57 vulnerabilities including three zero-days—one actively exploited in attacks.

WindowsPatch TuesdayZero-Day

Read Article