Topic: security updates
-
ChatGPT's Lockdown Mode: How It Stops Prompt Injection
OpenAI has introduced **Lockdown Mode**, an optional security feature for its enterprise and education ChatGPT plans, designed to defend against prompt injection attacks by restricting vulnerable tools and external data interactions. This mode provides administrators with granular control over ap...
Read More » -
Windows 11 Update Fixes Boot Failures After Failed Installs
Microsoft resolved a Windows 11 boot failure bug with its February 2026 security update (KB5077181), which had caused commercial systems to display a black screen with an "UNMOUNTABLE_BOOT_VOLUME" error. The issue was triggered by installing certain updates on systems left in an improper state fr...
Read More » -
NCSC Chief: SMEs Must Prepare for Cyber-Attacks Now
The head of the UK's National Cyber Security Centre warns that SMEs are prime targets for cybercriminals, who are opportunistic and exploit vulnerabilities regardless of a company's size. To address this, the NCSC strongly advocates for the Cyber Essentials certification, a framework built on fiv...
Read More » How to Make a Great First Impression
First impressions are powerful and lasting, formed quickly and influencing opportunities and relationships through a learnable process of self-awareness and preparation. Non-verbal communication, including appearance, posture, and a genuine smile, is foundational and speaks volumes before any wor...
Read More »-
Windows 11's Special Arm Edition: Built for New PCs
Microsoft is releasing a specialized Windows 11 version (26H1) exclusively for new hardware, starting with PCs using Qualcomm's Snapdragon X Elite processors, to optimize for Arm-based architecture. This 26H1 version is a parallel branch; it won't be offered as an update to existing PCs, and devi...
Read More » -
Microsoft Fixes 59 Flaws, 6 Already Under Attack
Microsoft has patched 59 vulnerabilities, with six actively exploited flaws requiring urgent updates to prevent breaches. The exploited vulnerabilities include security bypasses and privilege escalations, which can allow attackers to disable security tools or compromise networks. Microsoft is als...
Read More » -
Notepad's Markdown Update Comes With a Critical RCE Flaw
A high-severity vulnerability (CVE-2026-20841) in Microsoft Notepad's Markdown feature allows remote code execution if a user opens a malicious file and clicks an embedded link. Microsoft has patched the flaw, noting no current active exploits, but its impact is significant due to Notepad's ubiqu...
Read More » -
US Agencies Ordered to Replace Outdated Edge Devices
US federal agencies must remove all outdated public-facing network hardware within one year, as mandated by CISA's Binding Operational Directive 26-02 to address active exploitation of end-of-support devices. The directive establishes strict deadlines, requiring agencies to identify vulnerabiliti...
Read More » -
CISA Mandates Federal Agencies Replace Outdated Edge Devices
CISA mandates federal agencies to urgently replace end-of-life network hardware like routers and firewalls, as these unsupported devices are a critical vulnerability to cyberattacks. Agencies must follow strict deadlines, including creating an inventory within three months and fully replacing all...
Read More » -
Adobe Reverses Course: 30-Year-Old Animation App Saved by Users
Adobe reversed its decision to discontinue the 2D animation software Animate after significant user backlash, ensuring it remains available for all subscribers. The company's initial announcement to end new subscriptions and eventually cut off access to projects had sparked widespread criticism f...
Read More » -
Windows 11 February Update: 8 Features to Expect
Microsoft will release a major Windows 11 update in February 2026, introducing Cross-Device Resume for Android phones to seamlessly transfer activities like media and documents to a PC. The update includes significant upgrades for audio professionals with enhanced Windows MIDI Services and allows...
Read More » -
Google Extends Pixel Tablet Android Updates to 5 Years
Google has extended Pixel Tablet software support to five years of both Android OS and security updates, aligning it with its modern smartphone policy. This change, updated on Google's support page, guarantees updates through June 2028, matching the support given to earlier Tensor-powered Pixel p...
Read More » -
Chrome And Safari Alert: This Sign Means You're Hacked
A new phishing technique exploits small mobile screens by using characters like "rn" to mimic "m" in URLs, tricking users into visiting fake sites that resemble legitimate ones like microsoft.com. The primary defense is behavioral: avoid logging in via emailed links and instead navigate directly ...
Read More » -
iPhone 5s Gets Surprise Update 13 Years Later
Apple has released iOS 12.5.8 for the iPhone 5s and iPhone 6, extending their functional lifespan by updating a critical security certificate. The update ensures core communication features like iMessage and FaceTime will remain operational beyond January 2027, preventing a service disruption. Th...
Read More » -
Windows 11's 2026 Debut Update Sparks User Frustration
Microsoft's January 2026 Windows 11 update caused major disruptions, requiring two consecutive weekend emergency patches to address severe system instability and operational headaches. The patches targeted specific issues: the first fixed unexpected shutdowns on Enterprise/IoT 23H2, while the sec...
Read More » -
OnePlus Denies Shutdown Rumors, Confirms Business as Usual
OnePlus has officially denied rumors of its shutdown, confirming its business operations are continuing as usual and countering a speculative report. The disputed report claimed a significant drop in OnePlus's global shipments and the cancellation of key upcoming devices, citing severe market cha...
Read More » -
Urgent iPhone Update Required for Millions
Apple has implemented a critical policy shift, requiring most modern iPhones to upgrade to iOS 26 to continue receiving vital security updates, as support for older iOS 18 versions has been cut off. Owners of iPhone XS, XS Max, and XR models are an exception; they cannot upgrade to iOS 26 and mus...
Read More » -
Microsoft Issues Emergency Windows Updates for Most PCs
Microsoft issued emergency updates to fix critical issues from its January security patches, resolving major problems with remote desktop logins and system shutdowns for some Windows versions. Despite these fixes, several bugs remain unresolved, including intermittent black screens, desktop backg...
Read More » -
Cisco Patches Critical Zero-Day Flaw in AsyncOS (CVE-2025-20393)
Cisco has patched a critical zero-day vulnerability (CVE-2025-20393) in its Email Security and Web Manager appliances, which was actively exploited by suspected state-sponsored actors. The flaw allowed unauthenticated attackers to execute root-level commands via a flaw in the Spam Quarantine feat...
Read More » -
One UI 8.5's Biggest Performance Boost Leaks for Galaxy
Samsung is testing a foundational Android kernel upgrade for One UI 8.5, which promises a noticeably smoother and more responsive user experience on Galaxy devices. The kernel update, a first for One UI, was discovered in beta builds and is reported to improve system fluidity, touch responsivenes...
Read More » -
Microsoft Copilot Hijacked in Reprompt Attack for Data Theft
The "Reprompt" attack is a cybersecurity threat that allows attackers to hijack a user's Microsoft Copilot session via a malicious link, exploiting a vulnerability where Copilot automatically executes prompts from a URL parameter. The attack uses three techniques—Parameter-to-Prompt injection, a ...
Read More » -
Microsoft Patch Tuesday fixes 3 zero-days, 114 flaws in January 2026 update
Microsoft's January 2026 Patch Tuesday addresses 114 vulnerabilities, including eight critical flaws and three zero-days, with one confirmed as actively exploited. The actively exploited zero-day (CVE-2026-20805) is an information disclosure flaw in the Desktop Window Manager, while the other two...
Read More » -
Why Pay $200 for a Security Camera? Your Old Phone Works for Free
Old smartphones can be repurposed into free home security cameras using a dedicated app like Alfred Camera, providing live video feeds and motion detection without new hardware. The setup requires installing the app on both the old and current phone, linking them with the same account, and strate...
Read More » -
OpenAI's ChatGPT Defense: Why Safety Isn't Guaranteed
OpenAI acknowledges that complete security for its AI-powered Atlas browser may be impossible, highlighting a core tension where the tools' useful capabilities also create significant new cyberattack risks. To proactively find vulnerabilities, OpenAI uses an AI-based automated attacker that simul...
Read More » -
Critical RCE flaw exposes over 115,000 WatchGuard firewalls
A critical vulnerability (CVE-2025-14733) in WatchGuard Firebox firewalls allows unauthenticated attackers to remotely execute code, primarily affecting devices with IKEv2 VPN enabled. Over 117,000 unpatched devices remain exposed online, prompting urgent patches from WatchGuard and a CISA mandat...
Read More » -
OpenAI Warns AI Browsers Face Permanent Prompt Injection Risk
OpenAI identifies prompt injection attacks, where hidden malicious instructions manipulate AI agents, as a fundamental and likely unsolvable long-term security challenge for AI-powered web browsers. To combat this, OpenAI employs an automated LLM-based attacker that uses reinforcement learning to...
Read More » -
How to Stay on iOS 18 and Skip the iOS 26 Update
Apple has stopped providing new iOS 18 security updates for compatible iPhones, effectively forcing users to upgrade to iOS 26 to receive critical patches, despite no pressing technical reason to mandate the new OS. This is a deliberate, recurring strategy from Apple, which historically offers on...
Read More » -
Clop Ransomware Strikes Gladinet CentreStack, Steals Data
The Clop ransomware gang is actively targeting businesses using Gladinet CentreStack file-sharing servers by exploiting an unidentified vulnerability to steal sensitive data. Security researchers have identified at least 200 potentially vulnerable servers, and the Clop group has a history of succ...
Read More » -
Protect Your Windows 10 From Hackers With This One Step
Windows 10's official security support ended in October 2025, leaving systems without critical patches and creating a significant, growing vulnerability risk. Users can temporarily mitigate this risk by enrolling in a paid Extended Security Updates program or by relying on Microsoft Defender upda...
Read More » -
Urgent Apple Update Fixes Critical Security Exploits
Apple has released urgent security patches for two actively exploited zero-day vulnerabilities (CVE-2025-14174 and CVE-2025-43529) in its WebKit browser engine, which is used across iPhones, iPads, and Macs. The flaws, discovered through a collaboration between Apple and Google, could allow memor...
Read More » -
Microsoft's December Updates Break Message Queuing
Microsoft's December 2025 security updates are causing Message Queuing (MSMQ) to fail, disrupting business applications and IIS websites on several Windows versions. The failure occurs because the updates changed permissions on a key system folder, requiring MSMQ users to have write access typica...
Read More » -
Apple's iOS 26.2 Adds Lock Screen Liquid Glass Rollback
Apple's iOS 26.2 update introduces granular user control over the Liquid Glass design, specifically allowing adjustments to the Lock Screen clock's transparency in response to user feedback about readability. The update reflects Apple's iterative approach to refining its visual overhaul post-laun...
Read More » -
Windows 11's Final 2025 Update: New Features & Fixes
Microsoft has released the final 2025 security and feature update (KB5072033) for Windows 11, focusing on user experience refinements and system stability. Key improvements include a more consistent dark mode in File Explorer, new quality-of-life toggles, and fixes for issues like a broken Ask Co...
Read More » -
Fortinet warns of critical FortiCloud SSO auth bypass flaw
Fortinet has patched two critical authentication bypass vulnerabilities (CVE-2025-59718 & CVE-2025-59719) in several products, which could allow attackers to gain unauthorized access via a crafted SAML message. The affected FortiCloud SSO feature is not enabled by default on new devices, but it i...
Read More » -
CISA Warns of Active Android Attacks - Update Now
CISA has issued an urgent directive for federal employees to apply critical Android security updates by December 23 or stop using their devices, serving as a severe warning to all consumers about active threats. Google and Samsung have confirmed severe, actively exploited vulnerabilities that can...
Read More » -
Google Patches Actively Exploited Android Security Flaws
Google's December security update patches over 50 Android vulnerabilities, including two high-severity flaws in the Android Framework that are already being used in limited, targeted attacks. The two critical vulnerabilities (CVE-2025-48633 and CVE-2025-48572) could allow unauthorized access to s...
Read More » -
Android's December 2025 Security Patch: A Major Update
Google's December 2025 Android Security Bulletin details numerous critical vulnerabilities, including a severe flaw in the Android Framework that could enable remote denial-of-service attacks without special privileges. The update addresses high-severity system and kernel-level vulnerabilities th...
Read More » -
5 Essential Ways to Guard Your AI Browser from Prompt Injections
The integration of AI into web browsers introduces significant security risks, with "prompt injection attacks" being a primary threat that can manipulate AI assistants to produce harmful outputs or steal data. These attacks, which can be direct or indirect (like the HashJack technique), exploit...
Read More » -
Warning: This Porn Site Installs Malware On Your Device
A deceptive cyberattack called "JackFix" tricks users by mimicking adult websites like xHamster and PornHub, hijacking screens with fake Windows update prompts to install malware. The attack exploits users' psychological states by creating urgency or embarrassment, making them more likely to foll...
Read More » -
Google Aims to Dominate Desktops With Aluminium OS
Google is developing a new AI-centric desktop operating system called "Aluminium" to replace ChromeOS, targeting premium devices and experiences. The transition to Aluminium OS will be managed to avoid disrupting enterprise workflows, with a planned public release scheduled for 2026. Not all exis...
Read More » -
Beware the 'Pixnapping' Android Attack: What It Is & Why It Matters
Pixnapping is a new Android attack method that uses transparent screen layers to stealthily capture and reconstruct on-screen pixel data, including sensitive two-factor authentication codes. Google has released a partial patch to restrict the blur function enabling this exploit, but researchers f...
Read More » -
Secure Your Upgrade: Windows 11 Migration Best Practices
Organizations face a critical transition from Windows 10 to Windows 11 due to Microsoft ending support in 2025, with market trends showing user hesitation and a surprising resurgence of older systems like Windows 7. Alternatives to Windows 11, such as Linux or Chromebooks, pose significant securi...
Read More » -
Urgent FortiWeb Zero-Day Actively Exploited, Fortinet Warns
A zero-day vulnerability (CVE-2025-58034) in FortiWeb firewalls allows authenticated attackers to execute arbitrary OS commands via manipulated HTTP or CLI requests, prompting urgent patching. Active exploitation has been detected with around 2,000 attempts, and Fortinet advises immediate updates...
Read More » -
Urgent Microsoft Update: Patch Windows 10, 11, Server Now
Microsoft has urgently patched a zero-day vulnerability (CVE-2025-62215) in the Windows Kernel, which is already being actively exploited to gain system-level privileges. The flaw involves improper synchronization in concurrent execution, allowing attackers to escalate privileges after initial ac...
Read More » -
Active Exploit Targets Suspected FortiWeb Zero-Day
A critical zero-day vulnerability (CVE-2025-64446) in Fortinet's FortiWeb is being actively exploited, allowing unauthenticated attackers to create unauthorized admin accounts and gain full administrative access. Fortinet silently patched the flaw in multiple versions, including 8.0.2, but delaye...
Read More » -
Microsoft Fixes False Windows 10 End-of-Support Warning Bug
Microsoft resolved a software glitch that incorrectly showed Windows 10 end-of-support alerts on devices still receiving security updates, though these devices remained protected. The issue affected Windows 10 22H2 and LTSC versions enrolled in the Extended Security Updates program, with a cloud-...
Read More » -
Windows 11's 2025 Update: Top 6 AI & Start Menu Features
The Windows 11 November 2025 update introduces a redesigned Start menu with unified sections and adjustable viewing modes, alongside a refreshed settings page for better customization. Enhanced security is provided through Administrator Protection, which isolates untrusted applications in a tempo...
Read More » -
Microsoft Patches Critical Zero-Day and 63 Flaws
Microsoft's November 2025 Patch Tuesday addresses 63 vulnerabilities, including one actively exploited zero-day and four critical issues, requiring immediate deployment by system administrators. The update includes the first extended security update (ESU) for Windows 10, urging organizations to u...
Read More » -
Microsoft Fixes Windows 10 Update With New Patch
Microsoft released a patch to fix a bug preventing Windows 10 devices from enrolling in the Extended Security Updates (ESU) program, ensuring uninterrupted security coverage for eligible systems. The glitch disrupted the manual enrollment process, leaving affected computers unable to receive vita...
Read More » -
Microsoft Issues Emergency Windows 10 Update to Fix Critical Bug
Microsoft released an urgent out-of-band update (KB5071959) to fix a critical enrollment issue in the Extended Security Updates (ESU) program for Windows 10, which had been preventing users from signing up for continued security coverage after the end of standard support. The update resolves a ma...
Read More »