Microsoft announced storing their Azure keys in an HSM after previously losing control of a private signing key A quartet of new 0-day vulnerabilities in Exchange Server that Microsoft declined to fix Apache ActiveMQ servers under attack exploiting a 0-day, with over half of publicly exposed servers vulnerable Update on the Citrix Bleed vulnerability with evidence of hackers gaining access and post-exploitation activity CVSS version 4 released with new metrics for better granularity and clarity of vulnerability scores Ace Hardware suffered a cyberattack impacting servers and systems Google abandons controversial "Web DRM" proposal Analysis of "BadCandy" malware infecting vulnerable Cisco routers Bitwarden password manager adds support for FIDO2 passkeys in browser extension Feedback from listeners on IPv6 adoption, factors for choosing crypto primes, installing Windows 11, and more The brewing battle in the EU over proposed eIDAS regulation Article 45