Latest NEWS

Microsoft gives admins Exchange Online breathing room
Retirement of PowerShell -Credential parameter pushed back to the end of 2026
19 July 2026
From:
[www.theregister.com - Articles]

Missed incidents, persistent threats, and response gaps: Insights from compromise assessment projects
Kaspersky Compromise Assessment specialists analyze trends from the service's 2025 projects and provide tips on how to enhance your organization's security.
19 July 2026
From:
Victor Sergeev, Amged Wageh [Securelist]

The Race to Field Military Autonomy Is On, Can Trusted Information Infrastructure Keep Pace?
Military forces are under increasing pressure to field autonomous capabilities faster than ever before. Across the U.S., UK, and NATO, new investment, evolving defense strategies, and accelerated acquisition pathways are transforming how capability is delivered, rewarding programs that can move from concept to operational deployment at commercial speed.
Now the focus shifts to the trusted
19 July 2026
From:
info@thehackernews.com (The Hacker News) [The Hacker News]

When checking the URL isn’t enough: a Device Code Phishing attack via a Microsoft website
The OAuth 2.0 Device Authorization Grant specification was designed to streamline authentication for Smart TVs, IoT devices, and printers. Today, threat actors are weaponizing it.
19 July 2026
From:
Roman Dedenok [Securelist]

Fake Coding Tests Deliver OtterCookie-Aligned Malware Hidden in SVG Flag Images
North Korean threat actors linked to the Contagious Interview campaign have been observed employing steganography in SVG image files to conceal malicious payloads as part of a campaign using fake job postings and coding challenges.
"Any user who ran the project ended up with a four-stage payload aligned with OTTERCOOKIE: a browser credential and crypto wallet stealer, a file stealer, a
19 July 2026
From:
info@thehackernews.com (The Hacker News) [The Hacker News]

ToddyCat: your hidden email assistant. Part 2
An in-depth analysis of Umbrij, a new tool used by the ToddyCat APT group to compromise corporate email communications in Gmail. The attack targeted OAuth authorization tokens, allowing threat actors to gain access to Google services.
19 July 2026
From:
Andrey Gunkin [Securelist]


.jpg)


