Security

Microsoft has announced a significant security update for Windows 11, introducing new controls that mirror the permission systems on modern smartphones. The changes are designed to make the operating system "secure by default" by giving users more direct control over how applications access data and system resources. This change aims to address long-standing issues where applications can override system settings or install unwanted software without clear user approval. The new framework is built on two core components: "Windows Baseline Security Mode" and "User Transparency and Consent." A ' ...view more

If you use Notepad++ on your PC - especially on a work machine - this is one of those updates you should not postpone. Notepad++ is a free, open source text editor for Windows that is widely used for both basic text work and software / IT tasks. People rely on it for features like tabs, syntax highlighting, search and replace across files, and editing configuration files or logs, among other things. Its footprint in technical environments makes it a high value target for attackers who want a quiet foothold. Why You need to Update Notepad++ If you use the standard installer version of Notepad ...view more

An group of Switzerland's data protection watchdogs has issued a stark warning to public sector organizations: steer clear of major cloud platforms like Microsoft 365, Google Cloud, and AWS. The guidance points to critical shortcomings in data encryption and conflicting legal frameworks as the main reasons for concern. The group, named Privatim, says that the majority of software-as-a-service (SaaS) offerings lack robust end-to-end encryption. According to their findings, this gap could potentially allow providers to access data in a plaintext state, a vulnerability considered far too great ...view more

Security researchers are warning about a powerful new Android malware known as Albiriox. Reports indicate that this threat can potentially grant attackers full control over a smartphone, allowing them to carry out financial fraud directly from the compromised device. In these cases, banks may refuse to reverse or reimburse the losses, since the fraudulent activity appears to originate from the user's own phone. The malware is suspected to be the work of Russian cybercriminals and is being sold on the dark web through a Malware-as-a-Service (MaaS) framework. This concerning distribution model ...view more

Microsoft has released its final Windows 11 update for 2025, combining a security patch that addresses numerous bugs with several system refinements. The mandatory cumulative update, codenamed KB5072033 for versions 25H2 and 24H2, is rolling out now via Windows Update and includes fixes from the month's previous optional releases. The release tackled a persistent issue for gamers using certain AMD graphics cards. Following widespread user reports of frequent crashes and driver timeout errors in popular gaming titles, this update is reported to have resolved the instability. Key Stability and ...view more

A British man responsible for a high-profile 2020 hack of Twitter, now known as X, has been ordered to pay back 4.1 million British Pounds ($5.37 million USD) in cryptocurrency. Joseph James O'Connor, 26, is currently serving a five-year prison sentence in the United States after pleading guilty to multiple charges including computer intrusion and wire fraud. The cyber attack in July 2020 affected the accounts of numerous public figures, including then-presidential candidate Joe Biden, former President Barack Obama, and Tesla CEO Elon Musk. Other notable victims included Bill Gates, Warren ...view more

WhatsApp has announced a significant security enhancement: passkey support for end-to-end encrypted chat backups on both iOS and Android devices. This update means users can secure their valuable chat histories using the same simple methods they use to unlock their phones, such as a fingerprint, face scan, or screen lock PIN. (Source: forbes.com ) The move is designed to make robust security more accessible by removing a major hurdle for users. Previously, securing a cloud backup with end-to-end encryption required users to remember a complex password or safeguard a cumbersome 64-digit key. ...view more

Google has declined to fix a security vulnerability in its Gemini AI assistant that allows attackers to embed hidden instructions in emails and calendar invites. The flaw, known as ASCII smuggling, uses invisible characters that users cannot see but that artificial intelligence systems can read and process. Security researcher Viktor Markopoulos from cybersecurity firm FireTail discovered the vulnerability and reported it to Google in September. The company dismissed the issue, stating it only constitutes social engineering rather than a technical security bug. How the Attack Works ASCII ...view more

Microsoft has officially released Windows 11 version 25H2, marking the company's annual "feature update" for 2025. It's a quicker install than many updates, which is down to both the delivery and content of the update. Unlike traditional Windows updates that replace entire system files, version 25H2 utilizes a streamlined "enablement package" approach. The update activates feature code already present on machines running 24H2, requiring only a single restart to complete the installation process. Shared Codebase Simplifies Update Process Windows 11 versions 24H2 and 25H2 share the same ...view more

Microsoft has announced it will provide one year of no-strings free Extended Security Updates (ESUs) for Windows 10 users in the European Economic Area (EEA). Unlike the rest of the world, there's no need to follow any special conditions. Windows 10: The End is Near The end-of-support date for Windows 10 is October 14, 2025. Beyond this date, devices will no longer receive crucial security patches unless they are enrolled in the ESU program. Microsoft has shifted policy several times, originally suggesting the ESU was - as with previous Windows editions - only for businesses. It then offered ...view more