Two New Windows Zero-Days Exploited in the Wild

Microsoft on Tuesday released fixes for a whopping 183 security flaws spanning its products, including three vulnerabilities that have come under active exploitation in the wild, as the tech giant officially ended support for its Windows 10 operating system unless the PCs are enrolled in the Extended Security Updates (ESU) program.

The updates are in addition to the 25 vulnerabilities Microsoft addressed in its Chromium-based Edge browser since the release of September 2025’s Patch Tuesday update.

The two Windows zero-days that have come under active exploitation are as follows –

CVE-2025-24990 (CVSS score: 7.8) – Windows Agere Modem Driver (“ltmdm64.sys”) Elevation of Privilege Vulnerability
CVE-2025-59230 (CVSS score: 7.8) – Windows Remote Access Connection Manager (RasMan) Elevation of Privilege Vulnerability

Read more: thehackernews.com

Henderson Nevada

Datacenter

Governor approves tax breaks for Google data center in Henderson

State of Nevada Governor Paul Anderson has approved $25.2 million in tax breaks for a data center project in Henderson, Nevada, which we now know

JanelaRAT Malware Targets Latin American Banks with 14,739 Attacks in Brazil in 2025

Security

JanelaRAT Malware Targets Latin American Banks with 14,739 Attacks in Brazil in 2025

Banks and financial institutions in Latin American countries like Brazil and Mexico have continued to be the target of a malware family called JanelaRAT. A

OpenAI Revokes macOS App Certificate After Malicious Axios Supply Chain Incident

Security

OpenAI Revokes macOS App Certificate After Malicious Axios Supply Chain Incident

OpenAI revealed a GitHub Actions workflow used to sign its macOS apps led to the download of the malicious Axios library on March 31, but