Microsoft fixes over 130 flaws, no actively exploited zero-days

Among the fixes is a patch for a previously disclosed vulnerability in Microsoft SQL Server.

US sanctions North Korean cyber actor for orchestrating IT Worker scheme abroad

Song Kum Hyok created fake American identities using stolen names, Social Security numbers, and addresses for North Korean tech workers.

Hackers abuse Shellter Elite after software leak, vendor confirms

The Shellter Project said the misuse stems from a breach involving a company that recently purchased Shellter Elite licenses.

Nippon Steel Solutions hit by cyberattack exploiting zero-day flaw

NSSOL has not disclosed the specific vulnerability but confirmed the breach was the result of a zero-day exploit targeting its network equipment.

BERT ransomware group expands attacks across Asia and Europe

BERT’s tactics include PowerShell-based loaders, privilege escalation techniques, and file encryption.