Beyond “Better Together”: Maximize your Microsoft 365 security with Sophos MDR

Opportunistic threat actors targeted Portuguese and Spanish speakers by spoofing Portugal’s national airline in a campaign offering compensation for delayed or disrupted flights.

Cybersecurity researchers have discovered a malicious package in the Python Package Index (PyPI) repository that introduces malicious behavior through a dependency that allows it to establish persistence and achieve code execution. The package, named termncolor, realizes its nefarious functionality through a dependency package called colorinal by means of a multi-stage malware operation, Zscaler

By creating a safe environment for open discussion, prioritizing human context alongside technical data, and involving diverse stakeholders, organizations can turn security incidents into accelerators of resilience.

The now-patched vulnerabilities exist at the firmware level and enable deep persistence on compromised systems.

Google has released its monthly Android Security Bulletin for March 2025 to address a total of 44 vulnerabilities, including two that it said have come under active exploitation in the wild. The two high-severity vulnerabilities are listed below – CVE-2024-43093 – A privilege escalation flaw in the Framework component that could result in unauthorized access…

The number of zero-day vulnerabilities getting patched in Microsoft’s March update is the company’s second-largest ever.