Tag: windows
242 articles

Microsoft Faces Backlash Over Zero-Day Disclosure Feud
A researcher known as Nightmare Eclipse has unleashed a series of six Windows zero-day vulnerabilities, with working exploit code for at least three, and has threatened to release another on July 14, sparking a public feud with Microsoft. The ominous warning, which has left Microsoft speaking out against uncoordinated disclosures, has security experts on high alert.

Microsoft Opposes Public Zero-Day Disclosures, Cites Customer Risk
Microsoft is speaking out against public zero-day disclosures, warning that revealing vulnerabilities without prior notice can put customers at unnecessary risk. The tech giant is urging researchers to adopt Coordinated Vulnerability Disclosure, sharing findings with affected vendors before going public.

Malware Campaigns Target Windows, Android Users in Global Finance Sector
Global finance sector faces a double threat as malware campaigns target Windows and Android users, with attackers using clever tactics like hiding in trusted traffic and selling mobile RATs as turnkey services. Two recent campaigns, one using Grandoreiro malware in Portugal, Spain, and Mexico, and another using a new BTMOB trojan in Brazil, highlight the evolving threat landscape.

FortiGuard Labs Exposes Sophisticated Phishing Campaign Targeting Windows Users
Beware of a sneaky phishing campaign that's targeting Windows users with a multi-stage attack chain, starting with a seemingly harmless email attachment that unleashes a powerful malware. This stealthy threat uses clever tactics like process hollowing to inject malicious code into trusted Windows processes.

Exploiting Windows Drivers Without Hardware: The BYOVD Perspective
Discover how attackers can exploit Windows drivers without hardware, turning kernel-mode driver bugs into powerful tools to bypass security controls. The Atos Threat Research Center reveals a game-changing method to manipulate reachability from userland on Windows 11 23H2.

Linux Rootkits Persist in Updated Forms
A single misstep with an over-privileged or poorly designed agent can quickly spiral into a serious incident, making the UK National Cyber Security Centre's warning feel alarmingly relevant. This urgency was underscored at Pwn2Own Berlin, where researchers exploited 47 zero-day flaws, raking in over $1.2 million in rewards.

Microsoft Utility MSHTA Fuels Malware Surge via Lumma Stealer Campaigns
Malware campaigns are on the rise, fueled by the Microsoft Utility MSHTA, which is being exploited to spread info stealers like Lumma Stealer and Amatera. This sneaky tactic is just the latest example of how cybercriminals are abusing a long-standing Windows feature to wreak havoc.

Zero-Day Exploit Escalates Privileges on Patched Windows Systems
A security researcher has uncovered a zero-day exploit, dubbed MiniPlasma, that can escalate privileges to LOCAL SYSTEM on fully patched Windows systems by targeting a vulnerability in the Windows Cloud Files Mini Filter Driver. This shocking flaw has left experts wondering if Microsoft simply missed the issue or if a patch was quietly rolled back.

BitLocker Zero-Day Exposes Windows Drives to Unauthorized Access
A security researcher, Chaotic Eclipse, has dropped a bombshell by releasing proof-of-concept code for two unpatched Windows vulnerabilities, citing frustration with Microsoft's handling of previous bug reports. This move exposes Windows drives to unauthorized access, even with TPM+PIN protection in place.

Anonymous Researcher Exposes New Microsoft Zero-Days
A shocking new discovery by an anonymous researcher has revealed not one, but two fresh Windows zero-days, just days after Microsoft's monthly Patch Tuesday. Meet YellowKey, a sneaky BitLocker bypass that can be launched from a USB drive, giving attackers unrestricted access to a protected machine - if they can get their hands on it.

Microsoft's AI System Uncovers 16 Windows Flaws in Patch Tuesday Release
Microsoft's cutting-edge AI system, MDASH, has successfully uncovered 16 critical Windows flaws in the latest Patch Tuesday release by leveraging a team of over 100 specialized AI agents. This innovative approach combines multiple AI models to detect and prove exploitable bugs, showcasing its potential to revolutionize cybersecurity.

AI-Powered Bug Hunts Disrupt Software Giants' Patch Cycles
Microsoft just dropped a massive batch of software updates to fix 118 security vulnerabilities, including 16 critical flaws that could let hackers take control of your system. For the first time in nearly two years, none of these patches are for emergency zero-day flaws that were already being exploited.

Malicious Repo Exploits OpenAI Model to Deliver Info Stealer
A malicious repository disguised as OpenAI's legitimate Privacy Filter model racked up 244,000 downloads and became the #1 trending project on Hugging Face, but actually hid a sneaky Rust-based information stealer targeting Windows machines. The fake repository, Open-OSS/privacy-filter, expertly impersonated OpenAI's release, even copying the official model card to gain users' trust.

Vulnerabilities Surge as Exploit Kits Expand in Q1 2026
The Q1 2026 report reveals a concerning surge in vulnerabilities and exploit kits, with attackers increasingly targeting Microsoft Office and Windows with new logic-flaw exploits. This quarter saw a notable rise in security-feature bypasses, including CVE-2026-21509 and CVE-2026-21514, which allow specially crafted files to execute commands with user privileges.

ScarCruft Expands Malware Arsenal with Multi-Platform BirdCall Backdoor
ScarCruft hackers have launched a sneaky attack on a popular video game platform, infecting both Windows and Android users with a new backdoor called BirdCall. The multi-platform threat has been targeting ethnic Koreans in China since late 2024, allowing hackers to gain unauthorized access.

Python Backdoor Evades Detection on Windows with Advanced Evasion Techniques
Meet Deep#Door, a sneaky Python-based backdoor framework that hides its malicious payload inside a batch dropper, making it super hard to detect on Windows systems. By embedding its code, it dodges network-based detection and slips into restricted environments with ease.

CISA Flags Actively Exploited ConnectWise, Windows Flaws
The US Cybersecurity and Infrastructure Security Agency (CISA) has flagged two major vulnerabilities, including a critical flaw in ConnectWise ScreenConnect and a Microsoft Windows Shell bug, as actively exploited by hackers. These flaws could allow attackers to execute remote code, access confidential data, and compromise critical systems.

VECT 2.0 Ransomware Exposes Flaw, Irreparably Destroys Large Files
Meet VECT 2.0, a malicious ransomware that doesn't just hold your files hostage - it destroys them, leaving you with no way to recover even if you pay up. This cunning malware wreaks havoc on large files across Windows, Linux, and ESXi hosts, causing irreversible damage.

Microsoft Warns of Flawed Remote Desktop Security Alerts
Microsoft warns that Remote Desktop security alerts may not display correctly, causing overlapping text and misplaced buttons that can make it difficult to interact with the dialog. This issue affects all supported Windows releases that received the April 2026 cumulative updates.

Microsoft Adds Pause Option to Windows Updates
Microsoft is putting you in the driver's seat with its latest update: you can now pause Windows Updates for a longer period, giving you more control over when and how you update your system. This new feature is a direct result of your feedback, and it's designed to minimize disruptions caused by untimely updates.

Windows RPC Exposes New Local Privilege Escalation Technique
A newly discovered technique allows hackers to easily escalate their privileges to SYSTEM level on Windows systems, using a vulnerability in the Remote Procedure Call stack. This alarming exploit relies on clever manipulation of Security Quality of Service parameters and impersonation levels.

Kyber Ransomware Targets Windows, VMware with Post-Quantum Encryption
Meet the Kyber Ransomware, a potent threat that targets both Windows and VMware environments with cutting-edge, post-quantum encryption. This sophisticated malware has been found to strike multiple systems at once, as seen in a March 2026 incident where two variants were deployed on the same network.

Google Deploys DBSC in Chrome to Thwart Windows Session Hijacking
Google just flipped the switch on Device Bound Session Credentials (DBSC) for Chrome users on Windows, giving millions a major security boost against session hijacking - but what does it mean for you? This game-changing update ties your credentials to your device, making it much harder for hackers to get hold of your online sessions.

Google Chrome Bolsters Defenses Against Session Cookie Theft
Google Chrome just got a major security boost with the introduction of Device Bound Session Credentials (DBSC) protection, designed to block info-stealing malware from harvesting session cookies and putting your online credentials at risk. This move is a key step in the ongoing cat-and-mouse game between defenders and cyber threats.