Cybersecurity
The latest Cybersecurity coverage — news, analysis, and updates from the WindowsNews.AI desk.
Schneider Electric M340 flaw CVE-2024-12142 enables remote code execution on ICS
A newly discovered critical vulnerability (CVE-2024-12142) in Schneider Electric's Modicon M340 programmable logic controllers (PLCs) poses significant risks to industrial control systems worldwide....
Microsoft 365 Security Guide: Essential Practices to Block 99.9% of Attacks
Microsoft 365 has become the backbone of productivity for millions of businesses worldwide, but its widespread adoption also makes it a prime target for cyber threats. As organizations increasingly...
Data443 Acquires Breezemail.ai: Revolutionizing Email Security for Windows and Cloud Users
Data443 Risk Mitigation, Inc. has made a strategic move in the cybersecurity space with its acquisition of Breezemail.ai, a cutting-edge AI-powered email security solution. This acquisition marks a...
Microsoft Addresses Critical Vulnerabilities in Azure AI Face Service and Microsoft Account
Overview Microsoft has recently patched two critical security vulnerabilities affecting its Azure AI Face Service and Microsoft Account systems. These vulnerabilities, identified as CVE-2025-21415...
Microsoft 365 ATO Attacks Exploit Axios and Node Fetch — How to Defend
Microsoft 365 remains one of the most targeted platforms for cybercriminals, with account takeover (ATO) and brute force attacks posing significant threats to enterprise security. As organizations...
Microsoft's Privacy Protection VPN Service to Shut Down in 2025: What Users Need to Know
Microsoft has announced the discontinuation of its Privacy Protection VPN service, with shutdown scheduled for February 28, 2025. This surprising move marks the end of a security-focused feature that...
Patch now: CVE-2025-21415 in Azure AI Face Service allows remote privilege escalation bypassing authentication.
Microsoft has disclosed a critical elevation of privilege vulnerability (CVE-2025-21415) in its Azure AI Face service that could allow attackers to bypass authentication mechanisms and gain...
Microsoft Kills Office 365 Free VPN: Find Best Alternatives Now
Microsoft has officially discontinued its free VPN service for Office 365 subscribers, marking a significant shift in its cybersecurity offerings. The feature, previously available through Microsoft...
Microsoft Enforces Stricter Windows 11 Hardware Rules: What Users Need to Know
Microsoft has recently implemented stricter enforcement of Windows 11's hardware requirements, signaling a significant shift in how users can install and run the operating system. This move, aimed at...
Microsoft Ends Support for Defender VPN: What This Means for Users and Privacy
Microsoft Ends Support for Defender VPN: What This Means for Users and Privacy In a significant development for cybersecurity and privacy-conscious users, Microsoft has announced that it will...
Microsoft Entra ID Flaw: How UPN Changes Create Security Risks for Organizations
A newly discovered vulnerability in Microsoft Entra ID (formerly Azure Active Directory) has raised significant security concerns among IT administrators. The flaw, related to User Principal Name...