On Friday, Microsoft reminded customers once again that Windows 10 will reach its end of support in 30 days, on October 14. […] Go to Source Author: Sergiu Gatlan
Author Archives: Onsite Computing, Inc.
A threat actor named WhiteCobra has targeting VSCode, Cursor, and Windsurf users by planting 24 malicious extensions in the Visual Studio marketplace and the Open VSX registry. […] Go to Source Author: Bill Toulas
A newly discovered phishing-as-a-service (PhaaS) platform, named VoidProxy, targets Microsoft 365 and Google accounts, including those protected by third-party single sign-on (SSO) providers such as Okta. […] Go to Source Author: Bill Toulas
The U.S. Federal Bureau of Investigation (FBI) has issued a flash alert to release indicators of compromise (IoCs) associated with two cybercriminal groups tracked as UNC6040 and UNC6395 for a string of data theft and extortion attacks. “Both groups have recently been observed targeting organizations’ Salesforce platforms via different initial access mechanisms,” the FBI said. […]
CERT-FR’s advisory follows last month’s disclosure of a zero-day flaw Apple said was used in “sophisticated” attacks against targeted individuals. Go to Source Author: Rob Wright
A recently discovered ransomware strain called HybridPetya can bypass the UEFI Secure Boot feature to install a malicious application on the EFI System Partition. […] Go to Source Author: Bill Toulas
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) is warning of hackers exploiting a critical remote code execution flaw in DELMIA Apriso, a manufacturing operations management (MOM) and execution (MES) solution from French company Dassault Systèmes. […] Go to Source Author: Bill Toulas
Microsoft has reminded customers today that devices running Home and Pro editions of Windows 11 23H2 will stop receiving updates in November. […] Go to Source Author: Sergiu Gatlan
Samsung has released its monthly security updates for Android, including a fix for a security vulnerability that it said has been exploited in zero-day attacks. The vulnerability, CVE-2025-21043 (CVSS score: 8.8), concerns an out-of-bounds write that could result in arbitrary code execution. “Out-of-bounds Write in libimagecodec.quram.so prior to SMR Sep-2025 Release 1 allows remote attackers […]
Mobile devices have become essential business tools, keeping employees connected and productive wherever they may be. However, if a mobile device is misplaced, stolen, or accessed by the wrong person, sensitive company data could be at risk. Below are practical steps to help secure your organization’s mobile devices. Set strong passwords and use a password […]