Research Archives

A corporate logo for Microsoft hangs above the door to its office building on 8th Avenue on June 24, 2025, in New York City. (Photo by Gary Hershorn/Getty Images)

Microsoft Patch Tuesday follows SharePoint attacks, Exchange server warnings

Despite serious alarm raised by officials, organizations have not applied the patch for Microsoft Exchange servers en masse.

5 hours ago By Matt Kapko

In this photo illustration, a person holds a smartphone showing the Introducing GPT-5 interface in the ChatGPT app, with text describing the model’s capabilities, in front of a blurred OpenAI logo on August 9, 2025 in Chongqing, China. (Photo illustration by Cheng Xin/Getty Images)

Guess what else GPT-5 is bad at? Security

OpenAI and Microsoft have said that GPT-5 is one of their safest and secure models out of the box yet. An AI red-teamer called its performance “terrible.”

8 hours ago By Derek B. Johnson

SonicWall headquarters — SonicWall’s headquarters in Milpitas, California. (Getty Images)

SonicWall pins firewall attack spree on year-old vulnerability

The vendor ruled out a zero-day vulnerability as the root cause, disputing initial assessments from third-party researchers. Fewer than 40 organizations have been impacted since mid-July.

1 day ago By Matt Kapko

Researchers determine old vulnerabilities pose real-world threat to sensitive data in public clouds

The presentation Monday revises the old Spectre vulnerability in a new scenario, demonstrating there’s not enough focus on the danger.

1 day ago By Tim Starks

DARPA’s AI Cyber Challenge reveals winning models for automated vulnerability discovery and patching

The initiative seeks to patch vulnerabilities in open-source code before they are exploited by would-be attackers. Now comes the hard part — putting the systems to the…

4 days ago By Matt Kapko

Microsoft: An organization without a response plan will be hit harder by a security incident

Security leaders shared advice gleaned from customer engagements, and reinforced the importance of planning and following fundamentals for defense.

4 days ago By Matt Kapko

This photograph taken on October 30, 2023, in Mulhouse, eastern France, shows figurines next to a screen displaying a logo of Siri, a digital assistant of Apple Inc. technology company. (Photo by SEBASTIEN BOZON / AFP) (Photo by SEBASTIEN BOZON/AFP via Getty Images)

Research reveals possible privacy gaps in Apple Intelligence’s data handling

LAS VEGAS — One of the big worries during the generative AI boom is where exactly data is traveling when users enter queries or commands into the…

4 days ago By Greg Otto

Microsoft Romania headquarters in City Gate Towers situated in Free Press Square, in Bucharest, Romania. (Getty Images)

CISA, Microsoft warn organizations of high-severity Microsoft Exchange vulnerability

The public disclosure and advisories came late Wednesday during Black Hat, but Microsoft said the timing was coordinated.

5 days ago By Matt Kapko

SonicWall firewalls hit by active mass exploitation of suspected zero-day

About 20 organizations have been impacted and the pace of attacks is rising. Threat researchers and SonicWall are scrambling to determine the root cause.

Aug 5, 2025 By Matt Kapko

BlackSuit site seizure notice — Seizure notice displayed on BlackSuit’s extortion site. (State Criminal Police Office Lower Saxony, Germany)

Details emerge on BlackSuit ransomware takedown

The Russian cybercrime group attacked more than 180 organizations before members abandoned the brand and dispersed to new ransomware groups earlier this year.

Aug 4, 2025 By Matt Kapko