Microsoft patched a critical vulnerability in its NLWeb AI search tool – but there's no CVE (yet)

Threat Score:

IT Pro Security

4 hours ago

Overview

Limited Content Available

We were unable to pull all insights from this article. Clustering, as well as Threat and Business intelligence may be limited.

Researchers found an unauthenticated path traversal bug in the tool debuted at Microsoft Build in May...

Continue Reading on Original Site

5 articles

SonicWall says recent attack wave involved previously disclosed flaw, not zero-day

Cybersecurity Dive • 3 hours ago

The company said it had linked recent hacks to customers’ use of legacy credentials when migrating from Gen 6 to Gen 7 firewalls.

Score

Business Associate Data Breaches Affect Florida Healthcare Providers

Hipaajournal • 4 hours ago

PhyNet Dermatology, a business associate of Premier Dermatology Partners, has identified unauthorized access to an email account containing patient information. […]

Score

SonicWall finds no SSLVPN zero-day, links ransomware attacks to 2024 flaw

BleepingComputer • 2 hours ago

SonicWall finds no SSLVPN zero-day, links ransomware attacks to 2024 flaw Bill Toulas August 7, 2025 11:27 AM 0 SonicWall says that recent Akira ransomware attacks exploiting Gen 7 firewalls with SSLVPN enabled are exploiting an older vulnerability rather than a zero-day flaw. The company says that the attackers are targeting CVE-2024-40766, an unauthorized access flaw fixed in August 2024. "We now have high confidence that the recent SSLVPN activity is not connected to a zero-day vulnerability,

Score

Google Confirms Salesforce Data Breach by ShinyHunters via Vishing Scam

Hackread • 3 hours ago

Google confirms a data breach by ShinyHunters hackers, who used a vishing scam to access a Salesforce database with small business customer info.

Score

Google Among Victims in Ongoing Salesforce Data Theft Campaign

Infosecurity Magazine • 5 hours ago

Google confirms it was among the victims of an ongoing data theft campaign targeting Salesforce instances, where publicly available business names and details were retrieved by the threat actor

Score

VULNERABILITIES

Path Traversal

COMPANIES

Microsoft

ARTICLE INFORMATION

Article #9603

Published 4 hours ago

IT Pro Security

THREAT HUNTING

THREAT INTELLIGENCE

BUSINESS INTELLIGENCE

Save to Folder

Article Intelligence

THREAT HUNTING

THREAT INTELLIGENCE

BUSINESS INTELLIGENCE

Overview

Related Articles

SonicWall says recent attack wave involved previously disclosed flaw, not zero-day

Business Associate Data Breaches Affect Florida Healthcare Providers

SonicWall finds no SSLVPN zero-day, links ransomware attacks to 2024 flaw

Google Confirms Salesforce Data Breach by ShinyHunters via Vishing Scam

Google Among Victims in Ongoing Salesforce Data Theft Campaign

Save to Folder

Article Intelligence

We use cookies

Cookie Settings

Essential Cookies

Analytics Cookies

Performance Cookies

Marketing Cookies