Tag: windows
-
Fake npm Packages Impersonate PostCSS Tool to Steal Chrome Passwords
JFrog warns of malicious npm packages that mimic PostCSS tooling, drop a Windows RAT, and target Chrome-stored passwords through a staged infection setup route. First seen on hackread.com Jump to article: hackread.com/fake-npm-packages-postcss-tool-steal-chrome-password/
-
Fable 5 AI Model Builds Bootable Windows Kernel in Rust in Just 38 Minutes
A newly released AI model, Claude Fable 5, has made a significant advancement in autonomous systems programming by generating a bootable Windows NT-style kernel in Rust in just 38 minutes. The project, titled ntoskrnl-rs, began as an empty repository and evolved into a functioning x86_64 kernel that boots in QEMU and passes all internal self-tests.…
-
Hackers Exploit RAR Vulnerability to Drop Startup VBS in Ukraine UAV Malware Campaign
A newly observed espionage campaign targeting Ukraine’s unmanned aerial vehicle (UAV) ecosystem leverages a RAR archive exploit to install a persistent VBS loader, which then retrieves a Windows payload linked to an emergent actor the researcher calls GhostShell (Malwarebox ID MB-0009). The initial artifact is an archive named Besomar_documentation.rar, distributed with decoy PDF files mimicking…
-
Hackers Exploit RAR Vulnerability to Drop Startup VBS in Ukraine UAV Malware Campaign
A newly observed espionage campaign targeting Ukraine’s unmanned aerial vehicle (UAV) ecosystem leverages a RAR archive exploit to install a persistent VBS loader, which then retrieves a Windows payload linked to an emergent actor the researcher calls GhostShell (Malwarebox ID MB-0009). The initial artifact is an archive named Besomar_documentation.rar, distributed with decoy PDF files mimicking…
-
Hackers Exploit RAR Vulnerability to Drop Startup VBS in Ukraine UAV Malware Campaign
A newly observed espionage campaign targeting Ukraine’s unmanned aerial vehicle (UAV) ecosystem leverages a RAR archive exploit to install a persistent VBS loader, which then retrieves a Windows payload linked to an emergent actor the researcher calls GhostShell (Malwarebox ID MB-0009). The initial artifact is an archive named Besomar_documentation.rar, distributed with decoy PDF files mimicking…
-
Manipulierte npm-Pakete schleusen Windows-Trojaner ein
Tags: windowsKriminelle verbreiten manipulierte npm-Pakete, die sich als PostCSS-Werkzeuge tarnen, um einen Fernzugriffstrojaner auf Windows-Systemen zu installieren. First seen on it-daily.net Jump to article: www.it-daily.net/it-sicherheit/cybercrime/manipulierte-npm-pakete-trojaner
-
Windows 11 KB5095093 update rolls out new PointTime restore feature
Microsoft has released the KB5095093 preview cumulative update for Windows 11 24H2 and 25H2, which fixes numerous bugs and begins rolling out new features, including the new Point-in-Time restore feature. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/windows-11-kb5095093-update-rolls-out-new-point-in-time-restore-feature/
-
Lookalike npm Package Hides a Multi-Stage Windows RAT
JFrog found an npm package impersonating postcss-selector-parser to drop a multi-stage Windows RAT First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/lookalike-npm-package-postcss/
-
Malicious npm Packages Pose as PostCSS Tools to Deliver Windows RAT
Cybersecurity researchers have discovered a set of malicious npm packages that are designed to deliver a Windows-based remote access trojan (RAT).The list of identified packages, is below – aes-decode-runner-pro (145 downloads) postcss-minify-selector (256 downloads) postcss-minify-selector-parser (615 downloads)All the packages were published over the past month by an npm user named First seen on thehackernews.com Jump…
-
Microsoft Confirms Windows Recycle Bin Bug Affects All Supported Versions
Microsoft confirmed a Windows June update bug that shows internal Recycle Bin file names during permanent deletion, with a fix planned. The post Microsoft Confirms Windows Recycle Bin Bug Affects All Supported Versions appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-windows-june-update-recycle-bin-file-name-bug/
-
Microsoft Confirms Windows Recycle Bin Bug Affects All Supported Versions
Microsoft confirmed a Windows June update bug that shows internal Recycle Bin file names during permanent deletion, with a fix planned. The post Microsoft Confirms Windows Recycle Bin Bug Affects All Supported Versions appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-windows-june-update-recycle-bin-file-name-bug/
-
Prinz Eugen Ransomware Hits Recent Files First and Skips Ransom Notes
Prinz Eugen ransomware prioritizes recently modified files and leaves no ransom note on disk, creating new pressure on backup windows, endpoint alerts, and incident response playbooks. The post Prinz Eugen Ransomware Hits Recent Files First and Skips Ransom Notes appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-prinz-eugen-ransomware-recent-files/
-
Microsoft says Windows 11 26H2 is coming soon, details upgrade process
Microsoft has confirmed that Windows 11 version 26H2 will be the next feature update and that devices running Windows 11 24H2 and 25H2 will be able to upgrade using a small enablement package. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/microsoft-says-windows-11-26h2-is-coming-soon-details-upgrade-process/
-
Lücke in Microsoft Defender erlaubt lokale Rechteausweitung auf Windows – RoguePlanet verschafft SYSTEM-Rechte trotz Juni-Patchday
First seen on security-insider.de Jump to article: www.security-insider.de/rogueplanet-microsoft-defender-system-rechte-race-condition-windows-a-b3a698b48c01fe16bba8ba86459d0cc2/
-
Scammers Use Fake GitHub Stars, VirusTotal Reviews to Spread Crypto Clipper
A multi-platform malware campaign abuses fake trust signals to infect Windows and Mac users with a crypto clipper packed with 15,500 attacker wallets. First seen on hackread.com Jump to article: hackread.com/scammers-fake-github-virustotal-crypto-clipper/
-
Scammers Use Fake GitHub Stars, VirusTotal Reviews to Spread Crypto Clipper
A multi-platform malware campaign abuses fake trust signals to infect Windows and Mac users with a crypto clipper packed with 15,500 attacker wallets. First seen on hackread.com Jump to article: hackread.com/scammers-fake-github-virustotal-crypto-clipper/
-
Scammers Use Fake GitHub Stars, VirusTotal Reviews to Spread Crypto Clipper
A multi-platform malware campaign abuses fake trust signals to infect Windows and Mac users with a crypto clipper packed with 15,500 attacker wallets. First seen on hackread.com Jump to article: hackread.com/scammers-fake-github-virustotal-crypto-clipper/
-
Malicious npm Package Masquerades as PostCSS Utility to Deliver PowerShell Downloader
A malicious npm package, postcss-minify-selector-parser, has been discovered masquerading as a benign PostCSS utility and delivering a multi-stage Windows remote access trojan (RAT). The imposter deliberately mimics the widely used postcss-selector-parser a legitimate library with more than 150 million weekly downloads by reusing the same keyword space (postcss, selector, parser, css) and depending on the…
-
Microsoft Confirms Windows 11 26H2 Upgrade via Enablement Package for Faster Deployment
Microsoft has announced that the upcoming Windows 11 version 26H2 will be delivered using an enablement package model. This approach aligns with their goal of providing streamlined, low-disruption feature updates specifically for enterprise environments. According to the Windows IT Pro Blog, this annual release builds on the same servicing architecture used in recent versions, allowing…
-
OXLOADER Uses MBA Obfuscation and Control-Flow Flattening to Bypass Static Detection
A previously undocumented Windows loader, tracked as OXLOADER, that combines sophisticated obfuscation and unconventional staging to evade static detection and sandbox analysis while delivering the new CASTLESTEALER infostealer via malvertising. The campaign leveraged malicious Google Ads impersonating Node.js and API Monitor, redirecting victims through intermediary domains to Storj-hosted batch scripts that download and execute OXLOADER…
-
Product showcase: Avira Security for iOS blends security, privacy, and device optimization
Avira Mobile Security for iOS combines security, privacy, and device optimization tools in a single application. The app is also available for Android, macOS, and Windows … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/06/22/product-showcase-avira-mobile-security-ios/
-
Juni-Patch: Windows-11-Update macht Office, File Explorer und Papierkorb kaputt
Das Windows-11-Update KB5094126 hat das Startmenü verbessert, aber auch diverse neue Bugs eingeführt. Und diese sind teilweise gravierend. First seen on golem.de Jump to article: www.golem.de/news/juni-patch-windows-11-update-macht-office-file-explorer-und-papierkorb-kaputt-2606-209999.html
-
A Critical Deadline Is Approaching for Windows and Linux Security
The cryptographic keys that secure your computer’s boot sequence will start to expire on June 24. Here’s what that means for you. First seen on wired.com Jump to article: www.wired.com/story/a-critical-deadline-is-approaching-for-windows-and-linux-security/
-
June 2026 Windows updates break Recycle Bin prompts
Microsoft has confirmed a confusing Windows bug that causes different filenames to appear in the confirmation dialog when deleting a file from the Recycle Bin. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/microsoft-confirms-recycle-bin-bug-on-all-supported-windows-releases/
-
From Assistive to Agentic: The AI Shift That’s Redefining Threat Management
IntroductionThe average enterprise security team has 40 or more security tools, giving a lot of visibility into internal telemetry and asset data. But often, these tools are working in siloes, generating (overlapping) alerts and data. And yet, breach dwell times remain stubbornly long (~43 days), response windows keep closing before teams can act, and analysts…
-
MacBook Neo vs Windows Laptops for Cybersecurity Tasks
There is no one-size-fits-all cybersecurity laptop. We’ll examine real-world work scenarios, tool compatibility, and trade-offs that impact a security professional’s day-to-day work. First seen on hackread.com Jump to article: hackread.com/macbook-neo-vs-windows-laptops-cybersecurity-tasks/
-
MacBook Neo vs Windows Laptops for Cybersecurity Tasks
There is no one-size-fits-all cybersecurity laptop. We’ll examine real-world work scenarios, tool compatibility, and trade-offs that impact a security professional’s day-to-day work. First seen on hackread.com Jump to article: hackread.com/macbook-neo-vs-windows-laptops-cybersecurity-tasks/
-
USB worm spreads crypto-stealing malware via Windows shortcut files
Threat actors targeting cryptocurrency wallets have been distributing clipboard-stealing malware with self-spreading capabilities and using the Tor network to conceal communication. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/usb-worm-spreads-crypto-stealing-malware-via-windows-shortcut-files/
-
USB worm spreads crypto-stealing malware via Windows shortcut files
Threat actors targeting cryptocurrency wallets have been distributing clipboard-stealing malware with self-spreading capabilities and using the Tor network to conceal communication. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/usb-worm-spreads-crypto-stealing-malware-via-windows-shortcut-files/