Tag: windows
-
Microsoft spots ClickFix campaign getting users to self-pwn on Windows Terminal
Crooks tweak familiar copy-paste ruse so that victims run malicious commands themselves First seen on theregister.com Jump to article: www.theregister.com/2026/03/06/microsoft_spots_clickfix_campaign_abusing/
-
Microsoft finally gets around to fixing Windows 10 Recovery Environment after breaking it in October
Released from the curse of the update bork fairy First seen on theregister.com Jump to article: www.theregister.com/2026/03/06/microsoft_finally_gets_around_to/
-
New Linux Rootkits Leverage Advanced eBPF and io_uring Techniques for Stealthy Attacks
Linux rootkits have historically received less attention than their Windows counterparts, but the rapid adoption of Linux in cloud infrastructure, containers, and IoT devices has shifted the threat landscape. Attackers are constantly innovating, and over the past two decades, Linux rootkits have evolved significantly. While early threats relied on easily detectable userland shared object injections…
-
China-Linked Hackers Use TernDoor, PeerTime, BruteEntry in South American Telecom Attacks
A China-linked advanced persistent threat (APT) actor has been targeting critical telecommunications infrastructure in South America since 2024, targeting Windows and Linux systems and edge devices with three different implants.The activity is being tracked by Cisco Talos under the moniker UAT-9244, describing it as closely associated with another cluster known as FamousSparrow.It’s worth First seen…
-
Chinese state hackers target telcos with new malware toolkit
A China-linked advanced persistent threat actor tracked as UAT-9244 has been targeting telecommunication service providers in South America since 2024, compromising Windows, Linux, and network-edge devices. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/chinese-state-hackers-target-telcos-with-new-malware-toolkit/
-
Where Multi-Factor Authentication Stops and Credential Abuse Starts
Organizations typically roll out multi-factor authentication (MFA) and assume stolen passwords are no longer enough to access systems. In Windows environments, that assumption is often wrong. Attackers still compromise networks every day using valid credentials. The issue is not MFA itself, but coverage. Enforced through an identity provider (IdP) such as Microsoft Entra ID, Okta,…
-
Nach Monaten gefixt: Microsoft gesteht Recovery-Panne unter Windows 10
Die Wiederherstellungsumgebung von Windows 10 ist auf einigen Systemen seit Oktober 2025 unbrauchbar. Eine Lösung gibt es erst jetzt. First seen on golem.de Jump to article: www.golem.de/news/nach-monaten-gefixt-microsoft-gesteht-recovery-panne-unter-windows-10-2603-206117.html
-
14 old software bugs that took way too long to squash
Tags: access, api, attack, authentication, automation, bug-bounty, communications, computer, control, credentials, cve, cvss, cyber, data, data-breach, dns, dos, encryption, exploit, flaw, hacker, Hardware, infosec, infrastructure, Internet, kaspersky, linux, malicious, malware, microsoft, mitigation, network, nist, open-source, password, programming, remote-code-execution, risk, service, software, stuxnet, supply-chain, technology, theft, threat, tool, update, usa, vulnerability, windows, zero-dayAge: 30 yearsDate introduced: 1995Date fixed: February 2026Researchers unearthed a legacy flaw in the widely used libpng open-source library that had existed since the technology was first released more than 30 years ago.The heap buffer overflow vulnerability (CVE-2026-25646) meant that applications using the flawed software would crash when presented with a maliciously constructed PNG raster…
-
14 old software bugs that took way too long to squash
Tags: access, api, attack, authentication, automation, bug-bounty, communications, computer, control, credentials, cve, cvss, cyber, data, data-breach, dns, dos, encryption, exploit, flaw, hacker, Hardware, infosec, infrastructure, Internet, kaspersky, linux, malicious, malware, microsoft, mitigation, network, nist, open-source, password, programming, remote-code-execution, risk, service, software, stuxnet, supply-chain, technology, theft, threat, tool, update, usa, vulnerability, windows, zero-dayAge: 30 yearsDate introduced: 1995Date fixed: February 2026Researchers unearthed a legacy flaw in the widely used libpng open-source library that had existed since the technology was first released more than 30 years ago.The heap buffer overflow vulnerability (CVE-2026-25646) meant that applications using the flawed software would crash when presented with a maliciously constructed PNG raster…
-
Bitwarden adds support for passkey login on Windows 11
Bitwarden announced support for logging into Windows 11 devices using passkeys stored in the manager’s vault, enabling phishing-resistant authentication. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/bitwarden-adds-support-for-passkey-login-on-windows-11/
-
Bitwarden adds support for passkey login on Windows 11
Bitwarden announced support for logging into Windows 11 devices using passkeys stored in the manager’s vault, enabling phishing-resistant authentication. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/bitwarden-adds-support-for-passkey-login-on-windows-11/
-
Windows 10 KB5075039 update fixes broken Recovery Environment
Microsoft has released the KB5075039 Windows Recovery Environment update for Windows 10 to fix a long-standing issue that prevented some users from accessing the Recovery environment. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/windows-10-kb5075039-update-fixes-broken-recovery-environment/
-
NDSS 2025 Detecting Server-Induced Client Vulnerabilities In Windows Remote IPC
Tags: china, computing, conference, cve, data, detection, Internet, network, technology, tool, vulnerability, windowsSession 14C: Vulnerability Detection Authors, Creators & Presenters: (Except Where Noted – The Following Authors Are From The Institute of Information Engineering, Chinese Academy Of Sciences) Fangming Gu, Qingli Guo, Jie Lu (Institute of Computing Technology, Chinese Academy of Sciences), Qinghe Xie , Beibei Zhao, Kangjie Lu (University of Minnesota), Hong Li, Xiaorui Gong PAPER…
-
Bootleg Windows, Office scheme crashes, triggers 22-month lockup for Florida woman
Heidi Richards paid more than $5M for certificate of authenticity labels in five years First seen on theregister.com Jump to article: www.theregister.com/2026/03/03/windows_office_software_scalper/
-
Perplexity’s Comet Browser Breached Through Calendar Invite Attack
Security researchers at Zenity Labs disclosed a critical flaw in Perplexity’s Comet “agentic” browser that allowed attackers to steal local files using a malicious Google Calendar invite. The issue, dubbed PerplexedBrowser and grouped under Zenity’s “PleaseFix” family, affected Comet on macOS, Windows, and Android and was rated P1 (critical) in Bugcrowd. The attack required no…
-
U.S. CISA adds Qualcomm and Broadcom VMware Aria Operations flaws to its Known Exploited Vulnerabilities catalog
Tags: cisa, cybersecurity, exploit, flaw, google, infrastructure, kev, microsoft, ransomware, vmware, vulnerability, windowsU.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Qualcomm and Broadcom VMware Aria Operations flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Google Chromium CSS, Microsoft Windows, TeamT5 ThreatSonar Anti-Ransomware, and Zimbra flaws to its Known Exploited Vulnerabilities (KEV) catalog. Below are the flaws added to the catalog: In…
-
Fake Laravel Packages on Packagist Deploy RAT on Windows, macOS, and Linux
Cybersecurity researchers have flagged malicious Packagist PHP packages masquerading as Laravel utilities that act as a conduit for a cross-platform remote access trojan (RAT) that’s functional on Windows, macOS, and Linux systems.The names of the packages are listed below -nhattuanbl/lara-helper (37 Downloads)nhattuanbl/simple-queue (29 Downloads)nhattuanbl/lara-swagger (49 Downloads) First seen on thehackernews.com Jump to article: thehackernews.com/2026/03/fake-laravel-packages-on-packagist.html
-
Fake Laravel Packages on Packagist Deploy RAT on Windows, macOS, and Linux
Cybersecurity researchers have flagged malicious Packagist PHP packages masquerading as Laravel utilities that act as a conduit for a cross-platform remote access trojan (RAT) that’s functional on Windows, macOS, and Linux systems.The names of the packages are listed below -nhattuanbl/lara-helper (37 Downloads)nhattuanbl/simple-queue (29 Downloads)nhattuanbl/lara-swagger (49 Downloads) First seen on thehackernews.com Jump to article: thehackernews.com/2026/03/fake-laravel-packages-on-packagist.html
-
Check Point identifiziert Cyberspionagekampagne
Tags: windowsEin charakteristisches Merkmal von Silver Dragon ist seine Persistenz. Anstatt offensichtlich bösartige Dienste einzusetzen, kapert die Gruppe legitime Windows-Dienste, stoppt sie und erstellt sie neu, um bösartigen Code unter vertrauenswürdigen Namen zu laden. First seen on infopoint-security.de Jump to article: www.infopoint-security.de/check-point-identifiziert-cyberspionagekampagne/a43933/
-
Kaum Infos, doch wahrscheinliche Ausnutzung – Rechteausweitung im Windows Admin Center möglich
Tags: windowsFirst seen on security-insider.de Jump to article: www.security-insider.de/windows-admin-center-cve-2026-26119-sicherheitsluecke-gepatcht-a-89d7d0dae37f67495d4fc9fbf75c159b/
-
Windows 11 23H2 to 25H2 Upgrade Reportedly Disrupts Internet Connectivity for Users
A persistent bug in Windows 11 in-place upgrades is reportedly wiping critical 802.1X wired authentication configurations, leaving enterprise workstations completely offline until manual intervention occurs. System administrators across Reddit’s r/sysadmin community are raising alarms, warning that this issue has reappeared across annual Windows 11 version updates, including the 23H2-to-24H2 and recent 23H2-to-25H2 upgrade paths. How…
-
Microsoft’s February Security Update of High-Risk Vulnerability Notice for Multiple Products
Tags: cyber, microsoft, network, office, remote-code-execution, risk, update, vulnerability, windowsOverview On February 11, 2026, NSFOCUS CERT monitored Microsoft’s release of its February security update patches, addressing 59 security issues across widely used products such as Windows, Azure, Microsoft Office, and Visual Studio Code. These vulnerabilities include privilege escalation, remote code execution, and other high-risk vulnerabilities. In this monthly update, 5 vulnerabilities are rated as…The…
-
Fake Zoom and Google Meet Pages Trick Users Into Installing Monitoring Tool
Fake Zoom and Google Meet pages trick users into installing a monitoring software on Windows systems through phishing links and fake updates. First seen on hackread.com Jump to article: hackread.com/zoom-google-meet-phishing-monitoring-tool/
-
NDSS 2025 Be Careful Of What You Embed: Demystifying OLE Vulnerabilities
Tags: conference, cve, data, detection, exploit, Internet, malicious, microsoft, network, office, remote-code-execution, risk, tool, vulnerability, windowsSession 14C: Vulnerability Detection Authors, Creators & Presenters: Yunpeng Tian (Huazhong University of Science and Technology), Feng Dong (Huazhong University of Science and Technology), Haoyi Liu (Huazhong University of Science and Technology), Meng Xu (University of Waterloo), Zhiniang Peng (Huazhong University of Science and Technology; Sangfor Technologies Inc.), Zesen Ye (Sangfor Technologies Inc.), Shenghui Li…
-
New Defender deployment tool streamlines Windows device onboarding with single executable
Microsoft’s Defender deployment tool for Windows helps administrators manage device onboarding at scale with updated progress visibility and additional controls. Simplified … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/03/03/microsoft-defender-deployment-tool-for-windows-update/
-
Phishing Pages for Zoom and Google Meet Install Monitoring Tool
Fake Zoom and Google Meet pages trick users into installing Teramind monitoring software on Windows systems through phishing links and fake updates. First seen on hackread.com Jump to article: hackread.com/zoom-google-meet-phishing-teramind-monitoring-tool/
-
Phishing Pages for Zoom and Google Meet Install Teramind Monitoring Tool
Fake Zoom and Google Meet pages trick users into installing Teramind monitoring software on Windows systems through phishing links and fake updates. First seen on hackread.com Jump to article: hackread.com/zoom-google-meet-phishing-teramind-monitoring-tool/