Tag: windows
-
Microsoft gives Windows 11 a fresh Start here’s how to get it
More convenient layout saves you a click First seen on theregister.com Jump to article: www.theregister.com/2025/10/29/microsofts_new_windows_start_menu/
-
Windows Server Update Service exploitation ensnares at least 50 victims
Researchers warn hackers could be gathering intelligence for future attacks, and authorities warn users to apply patches and check for compromise. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/windows-server-update-service-exploitation-50-victims/804362/
-
Unpatched Windows vulnerability continues to be exploited by APTs (CVE-2025-9491)
A Windows vulnerability (CVE-2025-9491, aka ZDI-CAN-25373) that state-sponsored threat actors and cybercrime groups have been quietly leveraging since at least 2017 continues … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/10/31/zdi-can-25373-cve-2025-9491-exploited-again/
-
Attackers Exploit Windows Server Update Services Flaw to Steal Sensitive Organizational Data
Tags: authentication, breach, cve, cyber, data, exploit, flaw, network, remote-code-execution, service, sophos, threat, update, vulnerability, windowsSophos researchers have identified real-world exploitation of a newly disclosed vulnerability in Windows Server Update Services (WSUS), where threat actors are harvesting sensitive data from organizations worldwide. The critical remote code execution flaw, tracked as CVE-2025-59287, has become a prime target for attackers seeking to breach enterprise networks and extract valuable information without authentication requirements.…
-
Attackers Exploit Windows Server Update Services Flaw to Steal Sensitive Organizational Data
Tags: authentication, breach, cve, cyber, data, exploit, flaw, network, remote-code-execution, service, sophos, threat, update, vulnerability, windowsSophos researchers have identified real-world exploitation of a newly disclosed vulnerability in Windows Server Update Services (WSUS), where threat actors are harvesting sensitive data from organizations worldwide. The critical remote code execution flaw, tracked as CVE-2025-59287, has become a prime target for attackers seeking to breach enterprise networks and extract valuable information without authentication requirements.…
-
Attackers Exploit Windows Server Update Services Flaw to Steal Sensitive Organizational Data
Tags: authentication, breach, cve, cyber, data, exploit, flaw, network, remote-code-execution, service, sophos, threat, update, vulnerability, windowsSophos researchers have identified real-world exploitation of a newly disclosed vulnerability in Windows Server Update Services (WSUS), where threat actors are harvesting sensitive data from organizations worldwide. The critical remote code execution flaw, tracked as CVE-2025-59287, has become a prime target for attackers seeking to breach enterprise networks and extract valuable information without authentication requirements.…
-
Attackers Exploit Windows Server Update Services Flaw to Steal Sensitive Organizational Data
Tags: authentication, breach, cve, cyber, data, exploit, flaw, network, remote-code-execution, service, sophos, threat, update, vulnerability, windowsSophos researchers have identified real-world exploitation of a newly disclosed vulnerability in Windows Server Update Services (WSUS), where threat actors are harvesting sensitive data from organizations worldwide. The critical remote code execution flaw, tracked as CVE-2025-59287, has become a prime target for attackers seeking to breach enterprise networks and extract valuable information without authentication requirements.…
-
China-Linked Hackers Exploit Windows Shortcut Flaw to Target European Diplomats
A China-affiliated threat actor known as UNC6384 has been linked to a fresh set of attacks exploiting an unpatched Windows shortcut vulnerability to target European diplomatic and government entities between September and October 2025.The activity targeted diplomatic organizations in Hungary, Belgium, Italy, and the Netherlands, as well as government agencies in Serbia, Arctic Wolf said…
-
China-Linked Hackers Exploit Windows Shortcut Flaw to Target European Diplomats
A China-affiliated threat actor known as UNC6384 has been linked to a fresh set of attacks exploiting an unpatched Windows shortcut vulnerability to target European diplomatic and government entities between September and October 2025.The activity targeted diplomatic organizations in Hungary, Belgium, Italy, and the Netherlands, as well as government agencies in Serbia, Arctic Wolf said…
-
Cyberspionage gegen diplomatische Einrichtungen in Europa durch chinesische APT-Gruppe
Arctic Wolf hat eine laufende Cyberspionagekampagne des chinesisch-affiliierten Bedrohungsakteurs UNC6384 aufgedeckt, die sich im September und Oktober gezielt gegen diplomatische Einrichtungen in Ungarn, Belgien und weiteren europäischen Staaten richtete. Die Angreifer kombinieren eine neu entdeckte Windows-Schwachstelle (ZDI-CAN-25373) mit der seit Jahren aktiven Spionage-Malware PlugX und setzen dabei auf täuschend echte Phishing-Mails mit EU- und NATO-Konferenzthemen.…
-
Cyberspionage gegen diplomatische Einrichtungen in Europa durch chinesische APT-Gruppe
Arctic Wolf hat eine laufende Cyberspionagekampagne des chinesisch-affiliierten Bedrohungsakteurs UNC6384 aufgedeckt, die sich im September und Oktober gezielt gegen diplomatische Einrichtungen in Ungarn, Belgien und weiteren europäischen Staaten richtete. Die Angreifer kombinieren eine neu entdeckte Windows-Schwachstelle (ZDI-CAN-25373) mit der seit Jahren aktiven Spionage-Malware PlugX und setzen dabei auf täuschend echte Phishing-Mails mit EU- und NATO-Konferenzthemen.…
-
Chinese-Linked Hackers Exploit Windows Flaw to Spy on Belgian and Hungarian Diplomats
A new UNC6384 campaign highlights the threat actor’s growing sophistication and geographic expansion First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/chinese-hackers-windows-flaw-spy/
-
Chinese-Linked Hackers Exploit Windows Flaw to Spy on Belgian and Hungarian Diplomats
A new UNC6384 campaign highlights the threat actor’s growing sophistication and geographic expansion First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/chinese-hackers-windows-flaw-spy/
-
Cyberspionage gegen diplomatische Einrichtungen in Europa durch chinesische APT-Gruppe
Arctic Wolf hat eine laufende Cyberspionagekampagne des chinesisch-affiliierten Bedrohungsakteurs UNC6384 aufgedeckt, die sich im September und Oktober gezielt gegen diplomatische Einrichtungen in Ungarn, Belgien und weiteren europäischen Staaten richtete. Die Angreifer kombinieren eine neu entdeckte Windows-Schwachstelle (ZDI-CAN-25373) mit der seit Jahren aktiven Spionage-Malware PlugX und setzen dabei auf täuschend echte Phishing-Mails mit EU- und NATO-Konferenzthemen.…
-
Windows zero-day actively exploited to spy on European diplomats
A China-linked hacking group is exploiting a Windows zero-day in attacks targeting European diplomats in Hungary, Belgium, and other European nations. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/chinese-hackers-exploit-windows-zero-day-to-spy-on-european-diplomats/
-
Windows zero-day actively exploited to spy on European diplomats
A China-linked hacking group is exploiting a Windows zero-day in attacks targeting European diplomats in Hungary, Belgium, and other European nations. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/chinese-hackers-exploit-windows-zero-day-to-spy-on-european-diplomats/
-
QNAP-Warnung von ASP.NET-Schwachstelle in Backup-Software
QNAP warnt Kunden vor einer kritischen ASP.NET-Schwachstelle die auch seinen NetBak PC Agent-Software für Windows betrifft. Das ist ein Windows-Dienstprogramm zum Sichern von Daten auf einem QNAP-Netzwerkspeichergerät (NAS). Es handelt sich um die Schwachstelle CVE-2025-55315 im Core von ASP.NET, die mit … First seen on borncity.com Jump to article: www.borncity.com/blog/2025/10/31/qnap-warnung-von-asp-net-schwachstelle-in-backup-software/
-
NHS left with sick PCs as suppliers resist Windows 11 treatment
Hospitals told to upgrade, but some medical device makers haven’t prescribed compatibility yet First seen on theregister.com Jump to article: www.theregister.com/2025/10/31/nhs_windows_11_issues/
-
Warnungen für Explorer, Windows & Teams – Vier aktiv ausgenutzte Microsoft-Schwachstellen und Angriffe mit Teams
First seen on security-insider.de Jump to article: www.security-insider.de/microsoft-warnt-gefaelschte-teams-installation-ransomware-angriffe-a-31caea165dfee037a31c30cedd325e06/
-
Wie die Schwachstelle in Microsoft WSUS ausgenutzt wird
Forscher der Sophos Counter Threat Unit (CTU) haben eine Angriffswelle entdeckt, bei der Cyberkriminelle gezielt die Sicherheitslücke in Microsofts Windows Server Update Services (WSUS) ausnutzen. First seen on it-daily.net Jump to article: www.it-daily.net/it-sicherheit/cybercrime/kritische-schwachstelle-microsoft-wsus
-
Suspected Chinese snoops weaponize unpatched Windows flaw to spy on European diplomats
Expired security cert, real Brussels agenda, plus PlugX malware finish the job First seen on theregister.com Jump to article: www.theregister.com/2025/10/30/suspected_chinese_snoops_abuse_unpatched/
-
Suspected Chinese snoops weaponize unpatched Windows flaw to spy on European diplomats
Expired security cert, real Brussels agenda, plus PlugX malware finish the job First seen on theregister.com Jump to article: www.theregister.com/2025/10/30/suspected_chinese_snoops_abuse_unpatched/
-
LotL Attack Hides Malware in Windows Native AI Stack
Security programs trust AI data files, but they shouldn’t: they can conceal malware more stealthily than most file types. First seen on darkreading.com Jump to article: www.darkreading.com/vulnerabilities-threats/lotl-attack-malware-windows-native-ai-stack
-
Trick, treat, repeat
Thor gets into the Halloween spirit, sharing new CVE trends, a “treat” for European Windows 10 users, and a reminder that patching is your best defense against zombie vulnerabilities. First seen on blog.talosintelligence.com Jump to article: blog.talosintelligence.com/trick-treat-repeat/
-
Docker Compose vulnerability opens door to host-level writes patch pronto
Windows Desktop installer also fixed after DLL hijack flaw rated 8.8 severity First seen on theregister.com Jump to article: www.theregister.com/2025/10/30/docker_compose_desktop_flaws/
-
Docker Compose vulnerability opens door to host-level writes patch pronto
Windows Desktop installer also fixed after DLL hijack flaw rated 8.8 severity First seen on theregister.com Jump to article: www.theregister.com/2025/10/30/docker_compose_desktop_flaws/
-
WSUS-Schwachstelle CVE-2025-59287 wird angegriffen
Zum 23. Oktober 2025 hat Microsoft Out-of-Band-Updates für den Windows Server Update Services (WSUS) veröffentlicht. Die Updates patchen den WSUS um die Schwachstelle CVE-2025-59287 weiter abzusichern. Inzwischen mehren sich die Angriffe auf diese WSUS-Sicherheitslücke. Out-of-Band-Updates für WSUS Microsoft hatte zum … First seen on borncity.com Jump to article: www.borncity.com/blog/2025/10/30/wsus-schwachstelle-cve-2025-59287-wird-angegriffen/
-
Schwachstelle bei Windows Server Update Services im Visier der Cyberkriminellen
Forscher der Sophos Counter Threat Unit (CTU) haben aufgedeckt, wie Angreifer eine Schwachstelle in Windows Server Update Services (WSUS) ausnutzen, um sensible Daten von Unternehmen zu stehlen. Die Experten untersuchen die Ausnutzung einer Sicherheitslücke (CVE-2025-59287) zur Remotecodeausführung im Windows Server Update Service (WSUS) von Microsoft, einem systemeigenen IT-Verwaltungstool für Windows-Systemadministratoren. Am 14. Oktober 2025 veröffentlichte…