Latest Tech News

Stay updated with the latest in technology, AI, cybersecurity, and more

Filtered by: security Clear Filter

Some VMware perpetual license owners are unable to download security patches

arstechnica.com Unknown 2025-12-29 03:51:43

Some VMware perpetual license holders are currently unable to download security patches, The Register reported today. The virtualization company has only said that these users will receive the patches at “a later date,” meaning users are uncertain how long their virtualization environments will be at risk. Since Broadcom bought VMware and ended perpetual license sales in favor of bundled subscription-based SKUs, some organizations have opted against signing up for a subscription and are running

Topics: broadcom patches security users vmware
Read More
Shop Amazon

Microsoft fixes SharePoint zero-day exploits used in cyberattacks and ransomware - how to patch them

zdnet.com Lance Whitney 2025-12-29 08:32:00

Kiryl Pro motion / Getty Images Microsoft has patched three critical zero-day SharePoint security flaws that hackers have already exploited to attack more vulnerable organizations. Responding to the exploits, the software giant initially issued fixes just for SharePoint Server Subscription Edition and SharePoint Server 2019, and then eventually rolled out a patch for SharePoint Server 2016 as well. Designated as CVE‑2025‑53771 and CVE‑2025‑53770, the two vulnerabilities apply only to on‑premis

Topics: 2025 microsoft security server sharepoint
Read More
Shop Amazon

OpenAI prepares to launch GPT-5 in August

theverge.com Tom Warren 2025-12-29 08:00:00

is a senior editor and author of Notepad , who has been covering all things Microsoft, PC, and tech for over 20 years. Earlier this year, I heard that Microsoft engineers were preparing server capacity for OpenAI’s next-generation GPT-5 model, arriving as soon as late May. After some additional testing and delays, sources familiar with OpenAI’s plans tell me that GPT-5 is now expected to launch as early as next month. OpenAI CEO Sam Altman recently revealed on X that “we are releasing GPT-5 so

Topics: gpt microsoft model openai security
Read More
Shop Amazon

Microsoft: SharePoint servers also targeted in ransomware attacks

bleepingcomputer.com Unknown 2025-12-30 11:53:14

A China-based hacking group is deploying Warlock ransomware on Microsoft SharePoint servers vulnerable to widespread attacks targeting the recently patched ToolShell zero-day exploit chain. Non-profit security organization Shadowserver is currently tracking over 420 SharePoint servers that are exposed online and remain vulnerable to these ongoing attacks. "Although Microsoft has observed this threat actor deploying Warlock and Lockbit ransomware in the past, Microsoft is currently unable to co

Topics: attacks department microsoft ransomware security
Read More
Shop Amazon

SecurityPal combines AI and experts in Nepal to speed enterprise security questionnaires by 87X or more

venturebeat.com Carl Franzen 2025-12-30 22:41:32

Want smarter insights in your inbox? Sign up for our weekly newsletters to get only what matters to enterprise AI, data, and security leaders. Subscribe Now When a tech vendor wants to sell into a large enterprise — or when that enterprise wants to buy software from a tech vendor or AI model provider — each side may be required by the other to prove they will handle shared data responsibly in the form of mandatory surveys and questionnaires. Regulations such as GDPR, the soon-to-be effected EU

Topics: ai data hamal security securitypal
Read More
Shop Amazon

Microsoft Put Older Versions of SharePoint on Life Support. Hackers Are Taking Advantage

wired.com Lily Hay Newman 2025-12-30 21:59:20

Hundreds of organizations around the world suffered data breaches this week, as an array of hackers rushed to exploit a recently discovered vulnerability in older versions of the Microsoft file-sharing tool known as SharePoint. The string of breaches adds to an already urgent and complex dynamic: Institutions that are longtime SharePoint users can face increased risk by continuing to use the service, just as Microsoft is winding down support for a platform in favor of newer cloud offerings. Mic

Topics: microsoft organizations security server sharepoint
Read More
Shop Amazon

What to know about ToolShell, the SharePoint threat under mass exploitation

arstechnica.com Unknown 2025-12-31 08:14:40

Government agencies and private industry have been under siege over the past four days following the discovery that a critical vulnerability in SharePoint, the widely used document-sharing app made by Microsoft, is under mass exploitation. Since that revelation, the fallout and the ever-increasing scope of the attacks have been hard to keep track of. What follows are answers to some of the most common questions about the vulnerability and the ongoing exploitation of it, which collectively is be

Topics: exploitation microsoft security sharepoint vulnerability
Read More
Shop Amazon

Microsoft fixes three SharePoint zero-day exploits used in series of cyberattacks - how to patch them

zdnet.com Lance Whitney 2025-12-31 17:36:00

Olemedia / Getty Images Microsoft has patched three critical zero-day SharePoint security flaws that have already been exploited by hackers to attack a larger number of vulnerable organizations. Responding to the exploits, the software giant initially issued fixes just for SharePoint Server Subscription Edition and SharePoint Server 2019 and then eventually rolled out a patch for SharePoint Server 2016 as well. Designated as CVE-2025-53771 and CVE-2025-53770, the two vulnerabilities apply only

Topics: 2025 microsoft security server sharepoint
Read More
Shop Amazon

Microsoft fixes two SharePoint zero-days under attack, but one is still unresolved - how to patch

zdnet.com Lance Whitney 2026-01-01 12:23:00

Olemedia / Getty Images Microsoft has patched two critical zero-day SharePoint security flaws that have already been exploited by hackers to attack vulnerable organizations. Responding to the exploits, the software giant has issued fixes for SharePoint Server Subscription Edition and SharePoint Server 2019, but is still working on a patch for SharePoint Server 2016. Designated as CVE-2025-53771 and CVE-2025-53770, the two vulnerabilities apply only to on-premises versions of SharePoint, so org

Topics: 2025 microsoft security server sharepoint
Read More
Shop Amazon

Bitdefender Antivirus Review 2025: CNET's Editors' Choice for Best Antivirus

cnet.com See Full Bio 2026-01-01 17:00:00

CNET’s expert staff reviews and rates dozens of new products and services each month, building on more than a quarter century of expertise. 9.5 / 10 SCORE Bitdefender Antivirus $90 at Bitdefender $120 at Walmart Score Breakdown Performance 9 /10 Security 10 /10 Customer Support 9 /10 Usability 10 /10 Value 9 /10 Features 10 /10 Pros Very easy to use Fast scanning Minimal usage of computer processing power and other resources Comprehensive digital footprint visualization Excellent security

Topics: 10 antivirus bitdefender data security
Read More
Shop Amazon

US agency responsible for nuclear weapons was breached in Sharepoint hack [U]

9to5mac.com Ben Lovejoy 2026-01-02 09:30:47

More than 10,000 organizations around the world are at risk from hackers after a serious security flaw was discovered in Microsoft’s popular Sharepoint platform, used to store and share confidential documents. The majority of companies at risk are said to be in the US. Update: Bloomberg reports that the National Nuclear Security Administration was among the organizations breached – see the end of the piece … Microsoft said that there were “active attacks targeting on-premises servers.” US fede

Topics: microsoft organizations said security sharepoint
Read More
Shop Amazon

OSS Rebuild: open-source, rebuilt to last

news.ycombinator.com Posted Matthew Suozzo 2026-01-03 00:53:46

Today we're excited to announce OSS Rebuild, a new project to strengthen trust in open source package ecosystems by reproducing upstream artifacts. As supply chain attacks continue to target widely-used dependencies, OSS Rebuild gives security teams powerful data to avoid compromise without burden on upstream maintainers. The project comprises: Automation to derive declarative build definitions for existing PyPI (Python), npm (JS/TS), and Crates.io (Rust) packages. SLSA Provenance for thousan

Topics: build oss packages rebuild security
Read More
Shop Amazon

Microsoft says Chinese hacking groups are behind SharePoint attacks

theverge.com Jess Weatherbed 2026-01-03 22:13:36

Some of the attacks that targeted organizations using an exploit in Microsoft’s SharePoint server platform over the last few days have been linked to hacking groups affiliated with the Chinese government, according to a new Microsoft security blog. “As of this writing, Microsoft has observed two named Chinese nation-state actors, Linen Typhoon and Violet Typhoon, exploiting these vulnerabilities targeting internet-facing SharePoint servers,” Microsoft said on Tuesday. “In addition, we have obse

Topics: actors microsoft security sharepoint using
Read More
Shop Amazon

US Fairphone OS devs hit back against GrapheneOS security claims

androidauthority.com Unknown 2026-01-04 06:04:22

What’s next for Murena, though? Well, the company confirmed that it will be making some improvements: Murena is taking security issues seriously, and our policy about integration of security patches in /e/OS is very comparable to or even better in some cases than many of mobile OS vendors in the smartphone industry. However, as part of our ongoing efforts to continuously improve we have decided to reduce the integration time of monthly security updates in /e/OS. Therefore we’ll progressively u

Topics: integration murena os security updates
Read More
Shop Amazon

Tailscale says Zero Trust is broken, and that might be a good thing

9to5mac.com Bradley C 2026-01-04 06:00:00

Zero Trust has been a buzzword at every enterprise tech conference for years (only recently being replaced with AI), but Tailscale’s new State of Zero Trust 2025 report makes it clear that most organizations still have no idea what it means or how to do it. They surveyed 1,000 IT, security, and engineering leaders. Only 1% of those surveyed said they’re happy with their current access setup. That stat says a lot about the confusion in the marketplace. Some of my favorite gear eufyCam 2C Upgrade

Topics: access apple security trust zero
Read More
Shop Amazon

OSS Rebuild: open-source, Rebuilt to Last

news.ycombinator.com Posted Matthew Suozzo 2026-01-04 06:53:46

Today we're excited to announce OSS Rebuild, a new project to strengthen trust in open source package ecosystems by reproducing upstream artifacts. As supply chain attacks continue to target widely-used dependencies, OSS Rebuild gives security teams powerful data to avoid compromise without burden on upstream maintainers. The project comprises: Automation to derive declarative build definitions for existing PyPI (Python), npm (JS/TS), and Crates.io (Rust) packages. SLSA Provenance for thousan

Topics: build oss packages rebuild security
Read More
Shop Amazon

Fairphone software devs hit back against GrapheneOS security claims

androidauthority.com Unknown 2026-01-04 12:04:22

What’s next for Murena, though? Well, the company confirmed that it will be making some improvements: Murena is taking security issues seriously, and our policy about integration of security patches in /e/OS is very comparable to or even better in some cases than many of mobile OS vendors in the smartphone industry. However, as part of our ongoing efforts to continuously improve we have decided to reduce the integration time of monthly security updates in /e/OS. Therefore we’ll progressively u

Topics: integration murena os security updates
Read More
Shop Amazon

Microsoft just upgraded Sentinel with an AI-powered data lake - here's how it works

zdnet.com Webb Wright 2026-01-04 12:00:17

NurPhoto/Contributor/Getty Microsoft is launching a new agentic AI system to help cybersecurity professionals manage and protect their organizations' data, the company said Tuesday. Microsoft Sentinel, a proprietary Security Incidents and Event Management (SEIM) platform, which debuted in 2019, now comes with a data lake -- that is, a centralized repository that can store structured and unstructured data without any kind of reformatting. Also: Microsoft fixes two SharePoint zero-days under at

Topics: ai cybersecurity data microsoft new
Read More
Shop Amazon

Crowdstrike’s massive cyber outage 1-year later: lessons enterprises can learn to improve security

venturebeat.com Louis Columbus 2026-01-05 06:46:41

Want smarter insights in your inbox? Sign up for our weekly newsletters to get only what matters to enterprise AI, data, and security leaders. Subscribe Now As we wrote in our initial analysis of the CrowdStrike incident, the July 19, 2024, outage served as a stark reminder of the importance of cyber resilience. Now, one year later, both CrowdStrike and the industry have undergone significant transformation, with the catalyst being driven by 78 minutes that changed everything. “The first anniv

Topics: crowdstrike incident infrastructure resilience security
Read More
Shop Amazon

Global hack on Microsoft Sharepoint hits U.S., state agencies, researchers say

news.ycombinator.com Ellen Nakashima 2026-01-04 18:58:06

Hackers exploited a major security flaw in widely used Microsoft server software to launch a global attack on government agencies and businesses in the past few days, breaching U.S. federal and state agencies, universities, energy companies and an Asian telecommunications company, according to state officials and private researchers. The U.S. government and partners in Canada and Australia are investigating the compromise of SharePoint servers, which provide a platform for sharing and managing d

Topics: advertisement government microsoft said security
Read More
Shop Amazon

Best Home Security Systems in 2025: Protect Your Home and Your Family

cnet.com See Full Bio 2026-01-06 06:04:00

SimpliSafe home security systems can be easily tailored to your needs. Just add or subtract hardware and equipment as you please. CNET When choosing a home security system for your home, you may be tempted to start by deciding between a DIY setup or one that is professionally installed and monitored. When you consider the equipment, installation, monitoring options and other features you want, you'll probably reach a DIY-versus-pro system decision along the way. Here are some more parameters to

Topics: devices home monitoring security systems
Read More
Shop Amazon

Microsoft Sharepoint server vulnerability puts an estimated 10,000 organizations at risk

engadget.com Unknown 2026-01-07 12:00:06

A major zero-day security vulnerability in Microsoft's widely used SharePoint server software has been exploited by hackers, causing chaos within businesses and government agencies, multiple outlets have reported. Microsoft announced that it had released a new security patch "to mitigate active attacks targeting on-premises [and not online] servers," but the breach has already effected universities, energy companies, federal and state agencies and telecommunications firms. The SharePoint flaw i

Topics: flaw hackers microsoft security sharepoint
Read More
Shop Amazon

10,000+ companies at risk from Microsoft Sharepoint security flaw

9to5mac.com Ben Lovejoy 2026-01-07 23:49:12

More than 10,000 organizations around the world are at risk from hackers after a serious security flaw was discovered in Microsoft’s popular Sharepoint platform, used to store and share confidential documents. The majority of companies at risk are said to be in the US … Microsoft said that there were “active attacks targeting on-premises servers.” US federal and state agencies are among the organizations said to have been affected. Security researchers cited by Bloomberg said that the vulnerab

Topics: hackers organizations said security sharepoint
Read More
Shop Amazon

These are our favorite cyber books on hacking, espionage, crypto, surveillance, and more

techcrunch.com Lorenzo Franceschi-Bicchierai 2026-01-06 00:00:00

In the last 30 years or so, cybersecurity has gone from being a niche specialty within the larger field of computer science, to an industry estimated to be worth more than $170 billion made of a globe-spanning community of hackers. In turn, the industry’s growth, and high-profile hacks such as the 2015 Sony breach, the 2016 U.S. election hack and leak operations, the Colonial Pipeline ransomware attack, and a seemingly endless list of Chinese government hacks, have made cybersecurity and hacking

Topics: book cybersecurity dark government world
Read More
Shop Amazon

HPE warns of hardcoded passwords in Aruba access points

bleepingcomputer.com Unknown 2026-01-07 16:09:19

Hewlett-Packard Enterprise (HPE) is warning of hardcoded credentials in Aruba Instant On Access Points that allow attackers to bypass normal device authentication and access the web interface. Aruba Instant On Access Points are compact, plug-and-play wireless (Wi-Fi) devices, designed primarily for small to medium-sized businesses, offering enterprise-grade features (guest networks, traffic segmentation) with cloud/mobile app management. The security issue, tracked as CVE-2025-37103 and rated

Topics: access hpe instant points security
Read More
Shop Amazon

Microsoft SharePoint zero-day exploited in RCE attacks, no patch available

bleepingcomputer.com Unknown 2026-01-07 17:40:06

A critical zero-day vulnerability in Microsoft SharePoint, tracked as CVE-2025-53770, has been actively exploited since at least July 18th, with no patch available and at least 85 servers already compromised worldwide. In May, Viettel Cyber Security researchers chained two Microsoft SharePoint flaws, CVE-2025-49706 and CVE-2025-49704, in a "ToolShell" attack demonstrated at Pwn2Own Berlin to achieve remote code execution. While Microsoft patched both ToolShell flaws as part of the July Patch T

Topics: 2025 cve microsoft security sharepoint
Read More
Shop Amazon

Threat actors downgrade FIDO2 MFA auth in PoisonSeed phishing attack

bleepingcomputer.com Unknown 2026-01-07 09:41:49

A PoisonSeed phishing campaign is bypassing FIDO2 security key protections by abusing the cross-device sign-in feature in WebAuthn to trick users into approving login authentication requests from fake company portals. The PoisonSeed threat actors are known to employ large-volume phishing attacks for financial fraud. In the past, distributing emails containing crypto seed phrases used to drain cryptocurrency wallets. In the recent phishing attack observed by Expel, the PoisonSeed threat actors

Topics: authentication device key phishing security
Read More
Shop Amazon

MCP Security Vulnerabilities and Attack Vectors

news.ycombinator.com Unknown 2026-01-07 10:14:19

Elevenlabs AudioNative Player Been digging into Model Context Protocol implementations lately and found some stuff that's keeping me up at night. Not because it's earth-shattering, but because it's the kind of boring security debt that bites you when you least expect it. This is Part 1 of a two-part series. Read Part 2: Actually Fixing This Mess → MCP is Anthropic's attempt at standardizing how AI models talk to external tools1. Instead of every AI app rolling their own integration layer, you

Topics: ai mcp security tool tools
Read More
Shop Amazon

A CarFax for Used PCs: Hewlett Packard wants to give old laptops new life

news.ycombinator.com Abu Baker 2026-01-02 21:02:37

The United Nations’ Global E-waste Monitor estimates that the world generates over 60 million tonnes of e-waste annually. Furthermore, this number is rising five times as fast as e-waste recycling. Much of this waste comes from prematurely discarded electronic devices. Many enterprises follow a standard three-year replacement cycle, assuming older computers are inefficient. However, many of these devices are still functional and could perform well with minor upgrades or maintenance. The issue i

Topics: data pcfax security telemetry usage
Read More
Shop Amazon

How OpenAI’s red team made ChatGPT agent into an AI fortress

venturebeat.com Louis Columbus 2026-01-07 16:13:52

Want smarter insights in your inbox? Sign up for our weekly newsletters to get only what matters to enterprise AI, data, and security leaders. Subscribe Now In case you missed it, OpenAI yesterday debuted a powerful new feature for ChatGPT and with it, a host of new security risks and ramifications. Called the “ChatGPT agent,” this new feature is an optional mode that ChatGPT paying subscribers can engage by clicking “Tools” in the prompt entry box and selecting “agent mode,” at which point, t

Topics: agent chatgpt openai red security
Read More
Shop Amazon
Trending Topics
Hot Now
ai 3636 apple 3006 new 2395 google 2022 content 1726
Popular
like 1493 company 1421 pro 1315 iphone 1153 app 1128 zdnet 1106 said 1062 data 1049 does 905 reviews 890
Emerging
editorial 869 amazon 857 game 808 samsung 777 phone 764 pixel 757 android 741 just 717 users 685 available 682
About GoKawiil

GoKawiil is a project by nerdhub.co that curates technology news from trusted sources. We built this site to provide a cleaner, more mobile-friendly experience without intrusive ads or heavy JavaScript.

Privacy

Your privacy matters. GoKawiil doesn't use Google Analytics or Facebook Pixel. The only tracking occurs through affiliate links to Amazon.

Advertising

Interested in advertising? Contact us at [email protected]