Microsoft is quietly pushing out a OneDrive update that’s catching IT departments off guard. A new feature prompts users—by default—to connect their personal OneDrive accounts to corporate machines. No setup needed. The feature just appears and offers a quick, seamless sync between personal and business storage.
Here’s the obvious problem: once files from a corporate machine end up in a personal OneDrive account, they’re basically outside the company’s control. No logging. No tracking. No oversight. That means sensitive information could be moved or shared in ways the organization can’t monitor—and probably wouldn’t approve of. [Read more…]
Microsoft is shifting new account signups away from passwords and toward passkeys. It’s part of a broader industry effort, with companies like Google and Apple also pushing for a future where stolen credentials are no longer a threat. This move sounds like progress, but there’s more going on beneath the surface.
Apple just pushed out emergency updates across iOS, macOS, and other platforms to squash two zero-day bugs that were actively being exploited. But before you panic: unless you’re someone Apple might actually send a holiday card to, you’re probably not the target. Their official language? These vulnerabilities were used against “specific targeted individuals.” Translation: celebrities, high-ranking officials, or people who pay someone else to clean their AirPods.
So… turns out one of the leading enterprise security products forgot the “security” part. More than 16,000 Fortinet devices exposed to the internet have been found carrying a persistent symlink backdoor—one that grants read-only access to sensitive files.