Tag: windows
-
U.S. CISA adds Microsoft Windows Shell and ConnectWise ScreenConnect flaws to its Known Exploited Vulnerabilities catalog
Tags: cisa, cve, cybersecurity, exploit, flaw, infrastructure, kev, microsoft, vulnerability, windowsU.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Windows Shell and ConnectWise ScreenConnect flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Windows Shell and ConnectWise ScreenConnect flaws to its Known Exploited Vulnerabilities (KEV) catalog. Below are the flaws added to the catalog: CVE-2024-02-21 is a path traversal vulnerability…
-
CISA Warns of Windows Shell Zero-Day Exploited in Attacks
Tags: attack, cisa, cve, cyber, cybersecurity, exploit, flaw, infrastructure, kev, microsoft, vulnerability, windows, zero-dayThe Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent alert regarding a newly discovered zero-day vulnerability affecting Microsoft Windows. On April 28, 2026, the agency officially added CVE-2026-32202 to its Known Exploited Vulnerabilities (KEV) catalog. This critical flaw involves a failure of a protection mechanism within the Microsoft Windows Shell, and active exploitation…
-
Vect 2.0 RaaS Expands Attacks Across Windows, Linux, and ESXi
Vect 2.0 Ransomware”‘as”‘a”‘Service (RaaS) operation is rapidly evolving into a multi”‘platform threat that can encrypt Windows, Linux, and VMware ESXi environments across modern hybrid infrastructures. The group runs a classic affiliate model, renting out its ransomware and TOR”‘based infrastructure to partners in exchange for a share of ransom payments. Its operators are strongly suspected to be…
-
Microsoft Confirms Remote Desktop Warning Issue After April Update
Microsoft has officially confirmed a known issue affecting Remote Desktop Protocol (RDP) connections following the April 14, 2026, Patch Tuesday updates. Specifically impacting Windows 11 version 26H1 (KB5083768, OS Build 28000.1836), the update was intended to harden systems against malicious .rdp files. However, a newly introduced user interface bug is causing critical security warnings to render incorrectly,…
-
Microsoft Confirms Remote Desktop Warning Issue After April Update
Microsoft has officially confirmed a known issue affecting Remote Desktop Protocol (RDP) connections following the April 14, 2026, Patch Tuesday updates. Specifically impacting Windows 11 version 26H1 (KB5083768, OS Build 28000.1836), the update was intended to harden systems against malicious .rdp files. However, a newly introduced user interface bug is causing critical security warnings to render incorrectly,…
-
VECT 2.0 Ransomware Irreversibly Destroys Files Over 131KB on Windows, Linux, ESXi
Threat hunters are warning that the cybercriminal operation known as VECT 2.0 acts more like a wiper than a ransomware due to a critical flaw in its encryption implementation across Windows, Linux, and ESXi variants that renders recovery impossible even for the threat actors.The fact that VECT’s locker permanently destroys large files rather than encrypting…
-
New Remote Desktop warnings may display incorrectly
Microsoft has confirmed a new issue causing newly introduced Windows security warnings to display incorrectly when opening Remote Desktop (.rdp) files. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/microsoft-new-remote-desktop-warnings-may-display-incorrectly/
-
Open-source privacy tool BleachBit 6.0.0 upgrades code signing across Windows and Linux
System cleaning utilities have grown more relevant as web browsers stockpile larger volumes of cached data, tracking artifacts, and site storage on local disks. The … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/04/28/bleachbit-6-0-0-open-source-privacy-tool/
-
Open-source privacy tool BleachBit 6.0.0 upgrades code signing across Windows and Linux
System cleaning utilities have grown more relevant as web browsers stockpile larger volumes of cached data, tracking artifacts, and site storage on local disks. The … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/04/28/bleachbit-6-0-0-open-source-privacy-tool/
-
Microsoft Confirms Active Exploitation of Windows Shell CVE-2026-32202
Microsoft on Monday revised its advisory for a now-patched, high-severity security flaw impacting Windows Shell to acknowledge that it has been actively exploited in the wild.The vulnerability in question is CVE-2026-32202 (CVSS score: 4.3), a spoofing vulnerability that could allow an attacker to access sensitive information. It was addressed as part of its Patch Tuesday…
-
Microsoft Confirms Active Exploitation of Windows Shell CVE-2026-32202
Microsoft on Monday revised its advisory for a now-patched, high-severity security flaw impacting Windows Shell to acknowledge that it has been actively exploited in the wild.The vulnerability in question is CVE-2026-32202 (CVSS score: 4.3), a spoofing vulnerability that could allow an attacker to access sensitive information. It was addressed as part of its Patch Tuesday…
-
Nessus Agent Flaw Grants SYSTEM-Level Access on Windows
A Nessus Agent flaw could allow attackers to gain SYSTEM-level access and fully compromise Windows systems. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/nessus-agent-flaw-grants-system-level-access-on-windows/
-
Unpatched ‘PhantomRPC’ Flaw in Windows Enables Privilege Escalation
A researcher discovered five different exploit paths that stem from an architectural weakness in how Windows’ Remote Procedure Call (RPC) mechanism handles connections to unavailable services. First seen on darkreading.com Jump to article: www.darkreading.com/vulnerabilities-threats/unpatched-phantomrpc-flaw-windows-privilege-escalation
-
Microsoft Releases Enterprise Policy Option to Disable Windows 11 Copilot
Microsoft has introduced a new enterprise policy setting that allows IT administrators to silently uninstall the Microsoft Copilot app from managed Windows 11 devices, marking a significant shift in how organizations can control AI tool deployment across their fleets. The new RemoveMicrosoftCopilotApp policy setting became broadly available following the April 2026 Patch Tuesday security updates. It is…
-
Microsoft updates the Windows Update Experience: You can hit pause now
Keep the patches away for as long as you like First seen on theregister.com Jump to article: www.theregister.com/2026/04/27/microsoft_updates_the_windows_update/
-
Linux ELF Malware Generator Evades ML Detection With Semantic-Preserving Changes
As Linux continues to dominate high-performance computing, cloud services, and Internet of Things (IoT) devices, it has become a prime target for cybercriminals. However, while much research has focused on manipulating Windows executables to bypass security, the Linux Executable and Linkable Format (ELF) has largely been ignored. To address this gap, researchers at the Czech…
-
North Korean Hackers Target Pharma Firms with Malware-Laced Excel Attacks
North Korean state-backed hackers are using weaponized Excel-themed files to infect pharmaceutical and life science companies with malware, abusing Windows shortcut files, PowerShell, and cloud storage for stealthy data theft. The campaign begins with highly tailored spear”‘phishing emails sent to drug manufacturers and related life science organizations. Messages typically reference legitimate”‘sounding topics such as ERP…
-
North Korean Hackers Target Pharma Firms with Malware-Laced Excel Attacks
North Korean state-backed hackers are using weaponized Excel-themed files to infect pharmaceutical and life science companies with malware, abusing Windows shortcut files, PowerShell, and cloud storage for stealthy data theft. The campaign begins with highly tailored spear”‘phishing emails sent to drug manufacturers and related life science organizations. Messages typically reference legitimate”‘sounding topics such as ERP…
-
Panne bei RDP-Verbindungen: Windows-Update mit kaputter Warnmeldung verteilt
Neue Warnmeldungen sollen Windows-Nutzer eigentlich vor bösartigen RDP-Dateien schützen. Doch die sind manchmal weder gut lesbar noch bedienbar. First seen on golem.de Jump to article: www.golem.de/news/panne-bei-rdp-verbindungen-windows-update-mit-kaputter-warnmeldung-verteilt-2604-208037.html
-
Windows 11: Microsoft erlaubt unbegrenztes Pausieren von Updates
Microsoft reagiert auf Kritik: Nutzer von Windows 11 können Systemaktualisierungen künftig beliebig oft um jeweils 35 Tage verschieben. First seen on golem.de Jump to article: www.golem.de/news/windows-11-microsoft-erlaubt-unbegrenztes-pausieren-von-updates-2604-208031.html
-
Nessus Agent Windows Flaw Enables SYSTEM-Level Code Execution
Tenable has disclosed a high-severity security vulnerability in its Nessus Agent software for Windows that could allow attackers to execute malicious code with full SYSTEM-level privileges. The flaw, tracked as CVE-2026-33694, has been patched in the newly released Nessus Agent version 11.1.3. The vulnerability stems from improper link resolution before file access, classified under CWE-59 (>>Link Following<<). On…
-
ClickFix Attack Swaps PowerShell for Cmdkey, Remote Regsvr32 Payloads
A newly identified ClickFix attack variant is raising concerns among cybersecurity researchers after it was observed replacing traditional PowerShell-based delivery with a stealthier technique leveraging native Windows utilities. The infection begins with a familiar ClickFix tactic: a phishing page disguised as a CAPTCHA verification prompt. Victims are instructed to press Win + R, paste a…
-
Microsoft tackles quality control issues. Just kidding, it’s encouraging experienced workers to leave
Windows giant offers buyouts to eligible staffers willing to walk First seen on theregister.com Jump to article: www.theregister.com/2026/04/24/microsoft_seeks_quality_improvements_by/
-
Microsoft tackles quality control issues. Just kidding, it’s encouraging experienced workers to leave
Windows giant offers buyouts to eligible staffers willing to walk First seen on theregister.com Jump to article: www.theregister.com/2026/04/24/microsoft_seeks_quality_improvements_by/
-
Introducing Proactive Hardening and Attack Surface Reduction (PHASR) for Linux and macOS
<div cla As Linux dominates cloud-native infrastructure and macOS becomes the standard for high-value targets in development and executive leadership, the attack surface is no longer Windows-centric. Modern attack playbooks weaponize Living off the Land (LOTL) binariespre-installed, legitimate system toolsto blend malicious activity with normal operations and bypass standard detection telemetry. First seen on securityboulevard.com…
-
Microsoft rolls out revamped Windows Insider Program
Microsoft says it’s rolling out a revamped Windows Insider Program experience as part of the broader plans to address performance and reliability concerns affecting Windows 11. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/microsoft-rolls-out-revamped-windows-insider-program/
-
New ClickFix attack Hides in Native Windows Tools to Reduce Detection Risk
Fake CAPTCHA ClickFix attack tricks users into running malicious commands, using cmdkey and regsvr32 to maintain persistence and avoid detection on Windows First seen on hackread.com Jump to article: hackread.com/clickfix-variant-native-windows-tools-bypass-security/
-
Windows Update gets new controls to reduce forced restarts
Microsoft is rolling out Windows Update improvements that give users more control over how updates are installed while reducing disruption from frequent or poorly timed restarts. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/windows-update-gets-new-controls-to-reduce-forced-restarts/
-
Microsoft to roll out Entra passkeys on Windows in late April
Microsoft will roll out passkey support for phishing-resistant passwordless authentication to Microsoft Entra”‘protected resources from Windows devices starting late April. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/microsoft-to-roll-out-entra-passkeys-on-windows-in-late-april/