SecurityWeek

Progress Patches Multiple Vulnerabilities in MOVEit WAF, LoadMaster

The security defects could be exploited for remote code execution, OS command injection, and WAF detection bypass.
Microsoft

Cross‑tenant helpdesk impersonation to data exfiltration: A human-operated intrusion playbook

Threat actors are abusing external Microsoft Teams collaboration to impersonate IT helpdesk staff and convince users to grant ...