Matt Kapko

1 week ago | cyberscoop.com | Matt Kapko

Skip to main content Listen to this article 0:00 Learn more.

2 weeks ago | cyberscoop.com | Matt Kapko

Microsoft addressed 126 vulnerabilities affecting its systems and core products, including a zero-day in the Windows Common Log File System (CLFS) that’s been actively exploited in a series of ransomware attacks, the company said in its latest security update Tuesday. A group Microsoft tracks as Storm-2460 has exploited CVE-2025-29824 to initiate ransomware attacks “against a small number of targets,” Microsoft Threat Intelligence said in a research note released Tuesday.

2 weeks ago | cyberscoop.com | Matt Kapko

Google addressed 62 vulnerabilities affecting Android devices in its April security update, including a pair of actively exploited software defects that were first disclosed in December. Google said the two vulnerabilities — CVE-2024-53197 and CVE-2024-53150 — “may be under limited, targeted exploitation.”The pair of flaws under active exploitation are high-severity and affect the Linux kernel’s USB audio driver, according to Google.

3 weeks ago | cyberscoop.com | Matt Kapko

Ivanti customers are confronting another string of attacks linked to an actively exploited vulnerability in the company’s VPN products. Mandiant said a nation-state backed espionage group linked to China has been exploiting the critical vulnerability, CVE-2025-22457, since mid-March. The threat group, which Google Threat Intelligence Group tracks as UNC5221, has a knack for exploiting Ivanti products and has successfully — and repeatedly — attacked the vendor’s customers since 2023.

3 weeks ago | cyberscoop.com | Matt Kapko

Businesses don’t always get what they pay for in cybersecurity. Some of the most expensive cloud network firewall vendors are among the worst performers against exploits and evasions, according to the most comprehensive, independent testing CyberRatings.org has conducted to date.