The home of the future is full of robots. Automated laundries, personal assistants, and small electronic housekeepers are all devices designed to free up precious time and make domestic life more convenient. But behind this promise of convenience lies a hidden price: privacy. Not just Neo, the future of domestic robots In recent months, products like Neo 1X have attracted media attention. This humanoid robot promises to load the dishwasher, fold laundry, and organize the house. However, the reality behind the promises is clear, as many of these robots are not yet autonomous. To perform even the simplest household tasks, they often

AzureHound, part of the BloodHound suite, was born as an open-source tool to help security teams and red teams identify vulnerabilities and escalation paths in Microsoft Azure and Entra ID environments. Today, however, it is increasingly used by criminal groups and state-sponsored actors for very different purposes: mapping cloud infrastructures, identifying privileged roles, and planning targeted attacks. Why AzureHound Became a Dangerous Tool Written in Go and available for Windows, Linux, and macOS, AzureHound queries Microsoft Graph and Azure REST APIs to gather information about identities, roles, applications, and resources in your tenant. Its operation, designed for legitimate purposes, is also useful

A new wave of digital deception has hit the Microsoft Azure ecosystem, where newly discovered vulnerabilities have allowed cybercriminals to create malicious apps that perfectly mimic official services like Microsoft Teams or the Azure Portal . These “fake” applications are identical to the originals, capable of deceiving even experienced users. The discovery, made by researchers at Varonis , revealed that Azure security measures designed to block sensitive names could be bypassed using invisible Unicode characters. By inserting characters like the Combining Grapheme Joiner (U+034F) between letters, such as in “Az͏u͏r͏e͏ ͏P͏o͏r͏t͏a͏l” , attackers were able to register apps that appeared legitimate but

While Internet Explorer has officially been out of support since June 2022, Microsoft recently faced a threat that exploited Internet Explorer Mode (IE Mode) in Edge , which was designed to provide compatibility with legacy applications and government portals. Cybercriminals exploited zero-day vulnerabilities in the Chakra JavaScript engine , coupled with social engineering techniques, to execute remote code and gain complete control over victims’ devices. “Our security team received intelligence that malicious actors were abusing IE mode in Edge to compromise unsuspecting devices,” explains Gareth Evans, head of security for Microsoft Edge. The attacks followed a specific pattern: users were directed to

This time, hackers are targeting Nintendo , the historic Japanese video game company that has been tooth and nail for decades defending its intellectual property and the industrial secrets that fuel the Mario, Zelda, and Pokémon universes. The Crimson Collective group, already known for having previously hacked the network of open source software giant Red Hat , has claimed to have compromised Nintendo’s internal servers, gaining access to the company’s confidential files and data. Cybersecurity intelligence firm Hackmanac shared a screenshot on X that allegedly shows internal Nintendo folders containing data such as production assets, developer files, and backups. However, no specific

The world of VoIP telephony has once again ended up in the crosshairs of cybercriminals. This time it’s FreePBX, the open-source platform built on Asterisk and widely used by companies, call centers, and service providers. The Sangoma FreePBX Security Team has raised the alarm: a zero-day vulnerability is affecting systems that expose the Administrator Control Panel (ACP) to the network. And this isn’t a theoretical threat: the exploit has already been actively exploited for days, with serious consequences for those who haven’t taken adequate countermeasures. The attack: arbitrary commands and mass compromises According to initial reports, the exploit allows attackers to execute

Microsoft is raising the alarm: the Storm-0501 cybercriminal group has evolved. No more “traditional” attacks on on-premise machines, no more ransomware that encrypts local files. Now the threat is moving directly above us, into the cloud, where many companies thought they were safe. This is a momentous transition: malicious executables that infect servers and PCs are no longer needed. Storm-0501 now leverages the same native cloud capabilities to do its dirty work. We’re talking about: The result? Fierce pressure, not through the usual “paid decryptor,” but through direct blackmail: either you pay, or your data in the cloud disappears or remains encrypted

A Black Thursday for millions of Microsoft Teams users around the world. A key feature of the collaboration platform – opening embedded Office documents – has suddenly been knocked out, sparking frustration and slowdowns in companies and organizations that rely on the service daily. The heart of collaboration is jammed Teams was born with a clear goal: to provide a single, integrated environment where chat, channels, and documents merge to make work faster and more collaborative. But today, opening a Word, Excel, or PowerPoint directly from Teams has become an impossible mission: screenshots of Infinite loading, cryptic errors, blank windows. A broken