Tag: windows
-
Critical Security Issue Found in Windows Notepad
Microsoft patches CVE-2026-20841, a high-severity Windows Notepad flaw that could allow code execution via malicious Markdown files. The post Microsoft: Critical Security Issue Found in Windows Notepad appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/critical-windows-notepad-flaw-february-2026/
-
Facebook ads spread fake Windows 11 downloads that steal passwords and crypto wallets
Attackers are weaponizing Facebook ads to distribute password-stealing malware masked as a Windows download. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/02/facebook-ads-spread-fake-windows-11-downloads-that-steal-passwords-and-crypto-wallets/
-
CharlieKirk Grabber Malware Targets Windows Systems to Steal Login Credentials
CharlieKirk Grabber is a Python-based Windows infostealer that focuses on rapid “smash”‘and”‘grab” credential theft and data exfiltration rather than long-term system control or destructive behavior. It targets browser”‘stored passwords, Wi”‘Fi keys, Discord tokens, and gaming sessions, then exfiltrates the collected data via third”‘party file hosting and encrypted Discord or Telegram channels. File Name CharlieKirk.exe File…
-
Google Rushes Out Critical Chrome Update to Address Serious PDFium and V8 Vulnerabilities
Google has rushed out a vital security patch for Chrome, fixing three flaws that could let attackers run malicious code on users’ devices. The Stable Channel update bumps versions to 145.0.7632.109/.110 for Windows and Mac, and 144.0.7559.109 for Linux. High-severity issues in PDFium, the engine that handles PDF files in Chrome and V8, the speedy…
-
Microsoft Patches CVE-2026-26119 Privilege Escalation in Windows Admin Center
Microsoft has disclosed a now-patched security flaw in Windows Admin Center that could allow an attacker to escalate their privileges.Windows Admin Center is a locally deployed, browser-based management tool set that lets users manage their Windows Clients, Servers, and Clusters without the need for connecting to the cloud.The high-severity vulnerability, tracked as CVE-2026-26119, carries a…
-
Microsoft reveals critical Windows Admin Center vulnerability (CVE-2026-26119)
Microsoft has disclosed a privilege-escalation vulnerability in Windows Admin Center (WAC), a browser-based platform widely used by IT administrators and infrastructure teams … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/02/19/windows-admin-center-cve-2026-26119/
-
Remcos RAT Expands Real-Time Surveillance Capabilities
New Remcos RAT variant enhances real-time surveillance and evasion techniques to compromise Windows First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/remcos-rat-expands-real-time/
-
Buffer Overflow und UseFree – Schwachstellen in FreeRDP bedrohen Windows und Unix
First seen on security-insider.de Jump to article: www.security-insider.de/sicherheitsluecken-freerdp-windows-unix-a-772800b25cbbfbd1179fd5698fe27e18/
-
Critical Windows Admin Center Flaw Allows Privilege Escalation
A high-severity Windows Admin Center vulnerability (CVE-2026-26119) could allow privilege escalation in enterprise environments. Here’s what to know and how to mitigate risk. The post Microsoft: Critical Windows Admin Center Flaw Allows Privilege Escalation appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-windows-admin-center-privilege-escalation-february-2026/
-
Windows Admin Center Flaw Opens Door to Privilege Escalation
A Windows Admin Center vulnerability could allow authorized attackers to escalate privileges across enterprise environments. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/windows-admin-center-flaw-opens-door-to-privilege-escalation/
-
Windows Admin Center: Verbreitetes Microsoft-Verwaltungstool ist angreifbar
Administratoren sollten zügig das Windows Admin Center patchen. Denn Angreifer können eine Sicherheitslücke in der Authentifizierung ausnutzen. First seen on golem.de Jump to article: www.golem.de/news/remote-verwaltungstool-gefaehrliche-sicherheitsluecke-in-windows-admin-center-2602-205555.html
-
Remote-Verwaltungstool: Gefährliche Sicherheitslücke in Windows Admin Center
Administratoren sollten zügig das Windows Admin Center patchen. Denn Angreifer können eine Sicherheitslücke in der Authentifizierung ausnutzen. First seen on golem.de Jump to article: www.golem.de/news/remote-verwaltungstool-gefaehrliche-sicherheitsluecke-in-windows-admin-center-2602-205555.html
-
Windows-Patch behebt Probleme im Austausch für neue Bugs
Vor dem Update vom Februar 2026 konnten einige User ihr Windows nicht mehr booten. Nach dem Patch hängen sie in einer Boot-Schleife fest. First seen on golem.de Jump to article: www.golem.de/news/microsoft-windows-patch-behebt-probleme-im-austausch-fuer-neue-bugs-2602-205556.html
-
U.S. CISA adds Google Chromium CSS, Microsoft Windows, TeamT5 ThreatSonar Anti-Ransomware, and Zimbra flaws to its Known Exploited Vulnerabilities catalog
Tags: cisa, cybersecurity, exploit, flaw, google, infrastructure, kev, microsoft, ransomware, vulnerability, windowsU.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Google Chromium CSS, Microsoft Windows, TeamT5 ThreatSonar Anti-Ransomware, and Zimbra flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Google Chromium CSS, Microsoft Windows, TeamT5 ThreatSonar Anti-Ransomware, and Zimbra flaws to its Known Exploited Vulnerabilities (KEV) catalog. Below are the flaws…
-
Notepad++ secures update channel in wake of supply chain compromise
Notepad++, the popular text and source code editor for Windows whose update mechanism was hijacked last year, First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/02/18/notepad-secure-update-download/
-
Top Security Incidents of 2025: Chrome Browser 0-Day Vulnerability Exploitation
Tags: apt, attack, browser, chrome, control, cyber, cybersecurity, exploit, google, group, network, security-incident, vulnerability, windows, zero-dayBackground In March 2025, cybersecurity researchers disclosed a highly sophisticated targeted attack campaign named “Operation ForumTroll.” Orchestrated by an unidentified state-sponsored APT group, the operation leveraged a Google Chrome 0-day vulnerability (CVE-2025-2783) as its core weapon. This vulnerability enabled sandbox escape, allowing arbitrary code execution on victims’ Windows systems and granting full control over the targeted…The…
-
Critical Flaw in Windows Admin Center Exposes Systems to Privilege Escalation Attacks
Microsoft has officially released a security update addressing a severe vulnerability found within the Windows Admin Center. Tracking under the identifier CVE-2026-26119, this critical flaw presents a significant risk to enterprise environments relying on the platform for server management. The vulnerability, described as an Elevation of Privilege issue, allows authorised attackers to escalate their permissions…
-
Critical Flaw in Windows Admin Center Exposes Systems to Privilege Escalation Attacks
Microsoft has officially released a security update addressing a severe vulnerability found within the Windows Admin Center. Tracking under the identifier CVE-2026-26119, this critical flaw presents a significant risk to enterprise environments relying on the platform for server management. The vulnerability, described as an Elevation of Privilege issue, allows authorised attackers to escalate their permissions…
-
Scam Guard for desktop: A second set of eyes for suspicious moments
Malwarebytes Scam Guard is now on Windows and Mac, bringing AI-powered scam detection to your desktop. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/02/scam-guard-for-desktop-a-second-set-of-eyes-for-suspicious-moments/
-
Scam Guard for desktop: A second set of eyes for suspicious moments
Malwarebytes Scam Guard is now on Windows and Mac, bringing AI-powered scam detection to your desktop. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/02/scam-guard-for-desktop-a-second-set-of-eyes-for-suspicious-moments/
-
Umfrage von Eset – Fast jeder zweite PC nutzt noch veraltetes Windows 10
Tags: windowsFirst seen on security-insider.de Jump to article: www.security-insider.de/veraltete-windows-10-nutzung-in-deutschen-haushalten-a-c481917bd661ea5645aa9695676f4f5d/
-
New ‘ClickFix’ Malware Payload Targets Browser Cache, Warns Cybersecurity Experts
Threat actors on underground forums are now promoting a new “ClickFix” payload-delivery technique that hides malware in the browser cache to evade endpoint detection and response (EDR) tools. The seller pitches the method as an evolution of existing ClickFix/FileFix social”‘engineering chains, claiming it can execute malicious code via Windows File Explorer without generating obvious network…
-
Zentrale Verarbeitung von Ereignisdaten in Serverumgebungen und Event-Management mit Windows-Ereignisweiterleitung
Tags: windowsFirst seen on security-insider.de Jump to article: www.security-insider.de/logfile-event-management-windows-ereignisweiterleitung-a-5c188f29e16a1840658b6b55dd9a9f98/
-
Malicious Fork of Legitimate Triton App Discovered on GitHub, Exposing New Malware Threat
Attackers have weaponized a malicious fork of the legitimate Triton macOS client for omg.lol, turning a trusted open-source project into a delivery channel for Windows malware hosted on GitHub. The campaign abuses GitHub’s forking model, misleading README content, and obscure asset paths to trick users into downloading a trojanized archive named Software_3.1.zip. The malicious actor…
-
Malicious Fork of Legitimate Triton App Discovered on GitHub, Exposing New Malware Threat
Attackers have weaponized a malicious fork of the legitimate Triton macOS client for omg.lol, turning a trusted open-source project into a delivery channel for Windows malware hosted on GitHub. The campaign abuses GitHub’s forking model, misleading README content, and obscure asset paths to trick users into downloading a trojanized archive named Software_3.1.zip. The malicious actor…
-
Hackers Abuse ScreenConnect to Hijack PCs via Fake Social Security Emails
Forcepoint X-labs reveals how hackers use fake SSA emails and hijacked ScreenConnect tools to bypass Windows security to target UK, US, and Canadian organisations. First seen on hackread.com Jump to article: hackread.com/hackers-screenconnect-hijack-pcs-fake-social-security-emails/
-
Hackers Abuse ScreenConnect to Hijack PCs via Fake Social Security Emails
Forcepoint X-labs reveals how hackers use fake SSA emails and hijacked ScreenConnect tools to bypass Windows security to target UK, US, and Canadian organisations. First seen on hackread.com Jump to article: hackread.com/hackers-screenconnect-hijack-pcs-fake-social-security-emails/
-
Fake CAPTCHA Scam Tricks Windows Users Into Installing Malware
A fake CAPTCHA scam is tricking Windows users into running PowerShell commands that install StealC malware and steal passwords, crypto wallets, and more. The post Fake CAPTCHA Scam Tricks Windows Users Into Installing Malware appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-fake-captcha-scam-stealc-malware-windows/
-
BeyondTrust RCE Exploited for Domain Control
CVE-2026-1731 is being exploited to gain full Windows domain control in self-hosted BeyondTrust deployments. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/beyondtrust-rce-exploited-for-domain-control/
-
ClickFix Campaign Uses Fake CAPTCHA Pages to Deliver StealC Malware on Windows
A ClickFix campaign uses fake CAPTCHA pages to trick Windows users into launching StealC malware. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/clickfix-campaign-uses-fake-captcha-pages-to-deliver-stealc-malware-on-windows/