Tag: antivirus

Avast Antivirus Sandbox Vulnerabilities Allow Privilege Escalation

Dec 5, 2025 4:32 PM

Tags: access, antivirus, attack, cve, cyber, flaw, vulnerability

SAFA researchers uncovered four kernel heap overflow vulnerabilities in Avast Antivirus’s aswSnx.sys driver, designated CVE-2025-13032, affecting versions before 25.3 on Windows. These flaws originate from double-fetch issues in IOCTL handling, allow local attackers to trigger pool overflows for privilege escalation to SYSTEM. The vulnerabilities require sandbox manipulation to access the attack surface, marking a reversal…
Avast Antivirus Sandbox Vulnerabilities Allow Privilege Escalation

Dec 5, 2025 4:32 PM

Tags: access, antivirus, attack, cve, cyber, flaw, vulnerability

SAFA researchers uncovered four kernel heap overflow vulnerabilities in Avast Antivirus’s aswSnx.sys driver, designated CVE-2025-13032, affecting versions before 25.3 on Windows. These flaws originate from double-fetch issues in IOCTL handling, allow local attackers to trigger pool overflows for privilege escalation to SYSTEM. The vulnerabilities require sandbox manipulation to access the attack surface, marking a reversal…
K7 Antivirus Flaw Lets Attackers Gain SYSTEM-Level Privileges

Dec 4, 2025 1:32 PM

Tags: access, antivirus, control, cyber, flaw, software, vulnerability, windows

A critical security vulnerability has been discovered in K7 Ultimate Security antivirus software that allows attackers to gain the highest level of system access on Windows computers. The flaw, tracked asCVE-2024-36424, enables low-privileged users to escalate their permissions to SYSTEM level, giving them complete control over affected machines. How the Vulnerability Works K7 Ultimate Security…
K7 Antivirus Flaw Lets Attackers Gain SYSTEM-Level Privileges

Dec 4, 2025 1:32 PM

Tags: access, antivirus, control, cyber, flaw, software, vulnerability, windows

A critical security vulnerability has been discovered in K7 Ultimate Security antivirus software that allows attackers to gain the highest level of system access on Windows computers. The flaw, tracked asCVE-2024-36424, enables low-privileged users to escalate their permissions to SYSTEM level, giving them complete control over affected machines. How the Vulnerability Works K7 Ultimate Security…
Best 5 Dark Web Intelligence Platforms

Dec 3, 2025 11:32 PM

Tags: antivirus, cloud, computing, cybersecurity, dark-web, firewall, intelligence

Cybersecurity today is about a lot more than just firewalls and antivirus software. As organisations adopt cloud computing,… First seen on hackread.com Jump to article: hackread.com/best-dark-web-intelligence-platforms/
What are zero-day attacks and why do they work?

Dec 1, 2025 6:49 PM

Tags: access, antivirus, attack, breach, bug-bounty, cyber, cybersecurity, data, detection, edr, email, endpoint, espionage, exploit, government, group, hacker, infrastructure, intelligence, malicious, mobile, network, phishing, risk, service, software, spear-phishing, strategy, supply-chain, tactics, threat, tool, unauthorized, update, vulnerability, vulnerability-management, zero-day, zero-trust

No available patch: These exploits are unknown to both vendors and defenders, meaning they have not been identified and patched yet, leaving the door open for attackers.High-value targets: These attacks are often used in cyber espionage, ransomware campaigns, and advanced persistent threats (APTs) to target high-value assets with sensitive data.Difficult to detect: These exploits often are missed by traditional detection tools, especially…
What are zero-day attacks and why do they work?

Dec 1, 2025 6:49 PM

Tags: access, antivirus, attack, breach, bug-bounty, cyber, cybersecurity, data, detection, edr, email, endpoint, espionage, exploit, government, group, hacker, infrastructure, intelligence, malicious, mobile, network, phishing, risk, service, software, spear-phishing, strategy, supply-chain, tactics, threat, tool, unauthorized, update, vulnerability, vulnerability-management, zero-day, zero-trust

No available patch: These exploits are unknown to both vendors and defenders, meaning they have not been identified and patched yet, leaving the door open for attackers.High-value targets: These attacks are often used in cyber espionage, ransomware campaigns, and advanced persistent threats (APTs) to target high-value assets with sensitive data.Difficult to detect: These exploits often are missed by traditional detection tools, especially…
The Black Friday 2025 Cybersecurity, IT, VPN, & Antivirus Deals

Nov 25, 2025 8:50 PM

Tags: antivirus, cybersecurity, software, tool, vpn

Black Friday 2025 is almost here, and early deals are already live across security software, online courses, system administration tools, antivirus products, and VPN services. These discounts are limited-time offers and vary by provider, so if you see something that fits your needs, it’s best to act while it’s available. First seen on bleepingcomputer.com Jump…
This Hacker Conference Installed a Literal Antivirus Monitoring System

Nov 23, 2025 5:50 PM

Tags: antivirus, conference, cybersecurity, hacker, monitoring

At New Zealand’s Kawaiicon cybersecurity convention, organizers hacked together a way for attendees to track CO2 levels throughout the venue”, even before they arrived. First seen on wired.com Jump to article: www.wired.com/story/this-hacker-conference-installed-a-literal-anti-virus-monitoring-system/
This hacker conference installed a literal antivirus monitoring system

Nov 22, 2025 1:49 PM

Tags: antivirus, conference, hacker, monitoring

Organizers had a way for attendees to track CO2 levels throughout the venue”, even before they arrived. First seen on arstechnica.com Jump to article: arstechnica.com/security/2025/11/this-hacker-conference-installed-a-literal-antivirus-monitoring-system/
AI-Driven Obfuscated Malicious Apps Bypassing Antivirus Detection to Deliver Malicious Payloads

Nov 21, 2025 7:49 PM

Tags: ai, antivirus, control, cyber, cybersecurity, detection, intelligence, malicious, malware, service, threat

Cybersecurity researchers have identified a sophisticated malware campaign leveraging artificial intelligence to enhance obfuscation techniques, enabling malicious applications to circumvent traditional antivirus detection systems. The threat actors behind the campaign are distributing trojanized applications impersonating a prominent Korean delivery service, employing a multi-layered approach to evade security controls and maintain persistent command-and-control (C2) infrastructure. The…
SilentButDeadly: New Tool Blocks Network Traffic to Bypass EDR and Antivirus

Nov 17, 2025 9:49 PM

Tags: antivirus, cloud, cyber, detection, edr, endpoint, exploit, network, open-source, software, tool, windows

A newly released open-source tool called SilentButDeadly is raising security concerns by demonstrating how attackers can effectively turn off Endpoint Detection and Response systems and antivirus software without terminating any processes. Developed by security researcher Ryan FramiÃ±Ã¡n and released on November 2, 2025, the tool exploits the Windows Filtering Platform to sever cloud connectivity for…
Spam flooding npm registry with token stealers still isn’t under control

Nov 17, 2025 7:49 AM

Tags: access, antivirus, attack, authentication, blockchain, breach, control, credentials, crypto, detection, edr, exploit, finance, firewall, governance, identity, login, malicious, malware, mfa, monitoring, network, open-source, pypi, risk, software, spam, supply-chain, threat, tool, worm

CSO that number has now grown to 153,000.And while this payload merely steals tokens, other threat actors are paying attention, said Sonatype CTO Brian Fox.When Sonatype wrote about the campaign just over a year ago, it found a mere 15,000 packages that appeared to come from a single person.With the swollen numbers reported this week,…
Worm flooding npm registry with token stealers still isn’t under control

Nov 15, 2025 5:49 AM

Tags: access, antivirus, attack, authentication, blockchain, breach, control, credentials, crypto, detection, edr, exploit, finance, firewall, governance, identity, login, malicious, malware, mfa, monitoring, network, open-source, pypi, risk, software, supply-chain, threat, tool, worm

CSO that number has now grown to 153,000.”It’s unfortunate that the worm isn’t under control yet,” said Sonatype CTO Brian Fox.And while this payload merely steals tokens, other threat actors are paying attention, he predicted.”I’m sure somebody out there in the world is looking at this massively replicating worm and wondering if they can ride…
Cybersecurity Snapshot: Refresh Your Akira Defenses Now, CISA Says, as OWASP Revamps Its App Sec Top 10 Risks

Nov 14, 2025 4:49 PM

Tags: access, advisory, ai, antivirus, application-security, attack, authentication, backup, business, chatgpt, cisa, ciso, cloud, compliance, control, corporate, cve, cyber, cybersecurity, data, defense, detection, encryption, endpoint, exploit, finance, firewall, flaw, framework, germany, group, guide, healthcare, infrastructure, injection, Internet, iot, law, malware, mfa, mitigation, phishing, privacy, programming, ransomware, resilience, risk, service, soc, software, supply-chain, tactics, technology, threat, tool, update, vulnerability

Learn why you should revise your Akira ransomware protection plans. Plus, find out what’s new in OWASP’s revamped Top 10 Web Application Risks list. Also, find out about agentic AI’s cognitive degradation risk. And get the latest on AI security trends and CISO compensation. Key takeaways CISA and other agencies are urging organizations, especially in…
Cybersecurity Snapshot: Refresh Your Akira Defenses Now, CISA Says, as OWASP Revamps Its App Sec Top 10 Risks

Nov 14, 2025 4:49 PM

Tags: access, advisory, ai, antivirus, application-security, attack, authentication, backup, business, chatgpt, cisa, ciso, cloud, compliance, control, corporate, cve, cyber, cybersecurity, data, defense, detection, encryption, endpoint, exploit, finance, firewall, flaw, framework, germany, group, guide, healthcare, infrastructure, injection, Internet, iot, law, malware, mfa, mitigation, phishing, privacy, programming, ransomware, resilience, risk, service, soc, software, supply-chain, tactics, technology, threat, tool, update, vulnerability

Learn why you should revise your Akira ransomware protection plans. Plus, find out what’s new in OWASP’s revamped Top 10 Web Application Risks list. Also, find out about agentic AI’s cognitive degradation risk. And get the latest on AI security trends and CISO compensation. Key takeaways CISA and other agencies are urging organizations, especially in…
Hackers abuse Triofox antivirus feature to deploy remote access tools

Nov 11, 2025 9:20 PM

Tags: access, antivirus, exploit, hacker, remote-code-execution, tool, vulnerability

Hackers exploited a critical vulnerability and the built-in antivirus feature in Gladinet’s Triofox file-sharing and remote-access platform to achieve remote code execution with SYSTEM privileges. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/hackers-abuse-triofox-antivirus-feature-to-deploy-remote-access-tools/
Critical Triofox bug exploited to run malicious payloads via AV configuration

Nov 11, 2025 10:19 AM

Tags: access, antivirus, authentication, cve, exploit, flaw, google, hacker, malicious, mandiant, threat, tool

Hackers exploited Triofox flaw CVE-2025-12480 to bypass auth and install remote access tools via the platform’s antivirus feature. Google’s Mandiant researchers spotted threat actors exploiting a now-patched Triofox flaw, tracked as CVE-2025-12480 (CVSS score of 9.1) that allows them to bypass authentication to upload and run remote access tools via the platform’s antivirus feature. Mandiant…
Hackers Exploiting Triofox Flaw to Install Remote Access Tools via Antivirus Feature

Nov 10, 2025 11:19 PM

Tags: access, antivirus, authentication, cve, defense, exploit, flaw, google, hacker, mandiant, threat, tool, vulnerability

Google’s Mandiant Threat Defense on Monday said it discovered n-day exploitation of a now-patched security flaw in Gladinet’s Triofox file-sharing and remote access platform.The critical vulnerability, tracked as CVE-2025-12480 (CVSS score: 9.1), allows an attacker to bypass authentication and access the configuration pages, resulting in the upload and execution of arbitrary payloads. The First seen…
Cybersecurity Snapshot: AI Will Take Center Stage in Cyber in 2026, Google Says, as MITRE Revamps ATTCK Framework

Nov 7, 2025 8:20 PM

Tags: access, ai, android, antivirus, api, apple, attack, authentication, business, cio, cisa, ciso, cloud, communications, container, control, credentials, cryptography, cve, cyber, cybercrime, cybersecurity, data, defense, detection, docker, endpoint, exploit, firewall, flaw, framework, google, governance, group, guide, hacker, identity, infrastructure, injection, Internet, kubernetes, leak, least-privilege, linux, malicious, malware, mfa, microsoft, mitigation, mitre, mobile, network, offense, oracle, programming, resilience, risk, risk-management, service, skills, soc, social-engineering, software, sophos, spam, strategy, supply-chain, switch, tactics, technology, threat, tool, unauthorized, update, vulnerability, windows, zero-day

Learn why Google expects AI to transform cyber defense and offense next year, and explore MITRE’s major update to the ATT&CK knowledge base. We also cover a new McKinsey playbook for agentic AI security, along with the latest on Microsoft Exchange protection and the CIS Benchmarks. Key takeaways Google is forecasting that AI will kick…
Cybersecurity Snapshot: AI Will Take Center Stage in Cyber in 2026, Google Says, as MITRE Revamps ATTCK Framework

Nov 7, 2025 8:20 PM

Tags: access, ai, android, antivirus, api, apple, attack, authentication, business, cio, cisa, ciso, cloud, communications, container, control, credentials, cryptography, cve, cyber, cybercrime, cybersecurity, data, defense, detection, docker, endpoint, exploit, firewall, flaw, framework, google, governance, group, guide, hacker, identity, infrastructure, injection, Internet, kubernetes, leak, least-privilege, linux, malicious, malware, mfa, microsoft, mitigation, mitre, mobile, network, offense, oracle, programming, resilience, risk, risk-management, service, skills, soc, social-engineering, software, sophos, spam, strategy, supply-chain, switch, tactics, technology, threat, tool, unauthorized, update, vulnerability, windows, zero-day

Learn why Google expects AI to transform cyber defense and offense next year, and explore MITRE’s major update to the ATT&CK knowledge base. We also cover a new McKinsey playbook for agentic AI security, along with the latest on Microsoft Exchange protection and the CIS Benchmarks. Key takeaways Google is forecasting that AI will kick…
KI-Malware ist keine Theorie mehr

Nov 7, 2025 2:20 PM

Tags: access, ai, antivirus, api, control, cyberattack, cybercrime, cybersecurity, data, exploit, github, google, group, hacker, intelligence, LLM, malware, ransomware, RedTeam, service, skills, social-engineering, software, threat, tool, vulnerability

KI boomt auch unter Cyberkriminellen. Die ersten operativen Ergebnisse dieses Trends beleuchten Google-Sicherheitsforscher in einem aktuellen Report.Was lange befürchtet und vermutet wurde, will die Google Threat Intelligence Group (GTIG) nun im Rahmen einer aktuellen Untersuchung belegen: Cyberkriminelle nutzen KI im Rahmen ihrer Malware-Angriffskampagnen. Aber längst nicht mehr nur für Vibe-Coding-Zwecke oder zur technischen Unterstützung. Wie…
KI-Malware ist keine Theorie mehr

Nov 7, 2025 2:20 PM

Tags: access, ai, antivirus, api, control, cyberattack, cybercrime, cybersecurity, data, exploit, github, google, group, hacker, intelligence, LLM, malware, ransomware, RedTeam, service, skills, social-engineering, software, threat, tool, vulnerability

KI boomt auch unter Cyberkriminellen. Die ersten operativen Ergebnisse dieses Trends beleuchten Google-Sicherheitsforscher in einem aktuellen Report.Was lange befürchtet und vermutet wurde, will die Google Threat Intelligence Group (GTIG) nun im Rahmen einer aktuellen Untersuchung belegen: Cyberkriminelle nutzen KI im Rahmen ihrer Malware-Angriffskampagnen. Aber längst nicht mehr nur für Vibe-Coding-Zwecke oder zur technischen Unterstützung. Wie…
Herodotus Android Banking Trojan Takes Over Devices, Outsmarts Security Tools

Nov 7, 2025 2:20 PM

Tags: android, antivirus, banking, cyber, data, detection, finance, malware, mobile, service, social-engineering, threat, tool

A new threat has surfaced in the mobile banking landscape Herodotus, a sophisticated Android banking Trojan that has been wreaking havoc in recent weeks. Offered under the notorious Malware-as-a-Service (MaaS) model, Herodotus leverages social engineering and technical deception, evading detection by conventional antivirus solutions and putting users’ financial data at serious risk. Herodotus addressed victims…
Herodotus Android Banking Trojan Takes Over Devices, Outsmarts Security Tools

Nov 7, 2025 2:20 PM

Tags: android, antivirus, banking, cyber, data, detection, finance, malware, mobile, service, social-engineering, threat, tool

A new threat has surfaced in the mobile banking landscape Herodotus, a sophisticated Android banking Trojan that has been wreaking havoc in recent weeks. Offered under the notorious Malware-as-a-Service (MaaS) model, Herodotus leverages social engineering and technical deception, evading detection by conventional antivirus solutions and putting users’ financial data at serious risk. Herodotus addressed victims…
KI-Malware ist keine Theorie mehr

Nov 7, 2025 2:20 PM

Tags: access, ai, antivirus, api, control, cyberattack, cybercrime, cybersecurity, data, exploit, github, google, group, hacker, intelligence, LLM, malware, ransomware, RedTeam, service, skills, social-engineering, software, threat, tool, vulnerability

KI boomt auch unter Cyberkriminellen. Die ersten operativen Ergebnisse dieses Trends beleuchten Google-Sicherheitsforscher in einem aktuellen Report.Was lange befürchtet und vermutet wurde, will die Google Threat Intelligence Group (GTIG) nun im Rahmen einer aktuellen Untersuchung belegen: Cyberkriminelle nutzen KI im Rahmen ihrer Malware-Angriffskampagnen. Aber längst nicht mehr nur für Vibe-Coding-Zwecke oder zur technischen Unterstützung. Wie…
EndClient RAT Leverages Compromised Code-Signing to Slip Past Antivirus

Nov 6, 2025 9:19 AM

Tags: access, antivirus, breach, cyber, malicious, microsoft, north-korea, rat, threat

A sophisticated Remote Access Trojan (RAT) is actively targeting North Korean Human Rights Defenders (HRDs) through a campaign leveraging stolen code-signing certificates to evade antivirus detection. The newly discovered >>EndClient RAT,>StressClear.msi,
EndClient RAT Leverages Compromised Code-Signing to Slip Past Antivirus

Nov 6, 2025 9:19 AM

Tags: access, antivirus, breach, cyber, malicious, microsoft, north-korea, rat, threat

A sophisticated Remote Access Trojan (RAT) is actively targeting North Korean Human Rights Defenders (HRDs) through a campaign leveraging stolen code-signing certificates to evade antivirus detection. The newly discovered >>EndClient RAT,>StressClear.msi,
New backdoor ‘SesameOp’ abuses OpenAI Assistants API for stealthy C2 operations

Nov 4, 2025 1:19 PM

Tags: ai, antivirus, api, attack, backdoor, detection, endpoint, injection, malicious, microsoft, monitoring, openai, ransomware, risk, threat

Lessons for defenders and platform providers: Microsoft clarified that OpenAI’s platform itself wasn’t breached or exploited; rather, its legitimate API functions were misused as a relay channel, highlighting a growing risk as generative AI becomes part of enterprise and development workflows. Attackers can now co-opt public AI endpoints to mask malicious intent, making detection significantly…
New backdoor ‘SesameOp’ abuses OpenAI Assistants API for stealthy C2 operations

Nov 4, 2025 1:19 PM

Tags: ai, antivirus, api, attack, backdoor, detection, endpoint, injection, malicious, microsoft, monitoring, openai, ransomware, risk, threat

Lessons for defenders and platform providers: Microsoft clarified that OpenAI’s platform itself wasn’t breached or exploited; rather, its legitimate API functions were misused as a relay channel, highlighting a growing risk as generative AI becomes part of enterprise and development workflows. Attackers can now co-opt public AI endpoints to mask malicious intent, making detection significantly…