Tag: windows
-
TotalRecall Reloaded tool finds a side entrance to Windows 11’s Recall database
“The vault is solid. The delivery truck is not.” First seen on arstechnica.com Jump to article: arstechnica.com/gadgets/2026/04/totalrecall-reloaded-tool-finds-a-side-entrance-to-windows-11s-recall-database/
-
Microsoft’s Windows Recall still allows silent data extraction
Exploitation risk: The barrier to weaponizing this technique is lower than Microsoft’s security messaging would suggest, Hagenah said.”They only need code running in the user’s context and a way to reuse the authorized Recall session,” he said. “That is a much lower bar than many people would assume from Microsoft’s security messaging.”While Recall’s limitation to…
-
Microsoft Fixes 167 Vulnerabilities in Latest Patch Tuesday Update
Microsoft’s Patch Tuesday April 2026 release has introduced one of the most extensive security update rollouts of the year, addressing a total of 167 vulnerabilities across Windows operating systems and associated software. First seen on thecyberexpress.com Jump to article: thecyberexpress.com/microsoft-patch-tuesday-april-2026/
-
Fake Claude AI Installer Targets Windows Users with PlugX Malware
Fake Claude AI installer mimicking Anthropic spreads PlugX malware on Windows, using DLL sideloading to gain persistent remote access to infected systems. First seen on hackread.com Jump to article: hackread.com/fake-claude-ai-installer-plugx-malware-windows-users/
-
Fake Claude AI Installer Targets Windows Users with PlugX Malware
Fake Claude AI installer mimicking Anthropic spreads PlugX malware on Windows, using DLL sideloading to gain persistent remote access to infected systems. First seen on hackread.com Jump to article: hackread.com/fake-claude-ai-installer-plugx-malware-windows-users/
-
Microsoft Issues Massive Windows Patch for 160+ Bugs, Including Two Zero-Days
Microsoft’s April 2026 Patch Tuesday fixes 165 vulnerabilities, including two zero-days, in one of the company’s largest monthly security updates. The post Microsoft Issues Massive Windows Patch for 160+ Bugs, Including Two Zero-Days appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-microsoft-windows-165-vulnerabilities-april-2026/
-
April Windows Server 2025 update may fail to install
Microsoft is investigating an issue causing this month’s KB5082063 security update to fail to install on some Windows Server 2025 systems. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/microsoft-april-windows-server-2025-update-may-fail-to-install/
-
April Windows Server 2025 update may fail to install
Microsoft is investigating an issue causing this month’s KB5082063 security update to fail to install on some Windows Server 2025 systems. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/microsoft-april-windows-server-2025-update-may-fail-to-install/
-
Fake ProtonVPN, game mod sites spread NWHStealer in new Windows malware campaign
Multiple ongoing malware campaigns are distributing a powerful information-stealing trojan, tracked as NWHStealer, through fake VPN installers, gaming mods, and system tools. Unlike typical phishing campaigns, these attacks exploit users’ trust in popular software. Threat actors are disguising malicious payloads as legitimate installers for tools such as Proton VPN, OhmGraphite, Sidebar Diagnostics, Pachtop, and HardwareVisualizer. The files are hosted…
-
‘Harmless’ Global Adware Transforms Into an AV Killer
A benign looking update Dragon Boss pushed out in March 2025 established persistence via scheduled tasks and arranged for future payloads to be excluded from Windows Defender. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/harmless-global-adware-av-killer
-
Microsoft’s Original Windows Secure Boot Certificate Is Expiring
The Secure Boot refresh is one of the largest coordinated security maintenance efforts across the Windows ecosystem, Microsoft said. Update those PCs soon. First seen on darkreading.com Jump to article: www.darkreading.com/endpoint-security/microsoftoriginal-windows-secure-boot-certificates-expire
-
Claude Mythos: Prepare for your board’s cybersecurity questions about the latest AI model from Anthropic
Tags: ai, api, application-security, attack, authentication, automation, best-practice, business, ceo, cisa, cloud, compliance, container, control, cve, cvss, cyber, cybersecurity, data, data-breach, endpoint, exploit, fedramp, finance, flaw, framework, governance, group, HIPAA, identity, injection, insurance, kev, law, linkedin, linux, LLM, macOS, network, PCI, risk, service, soc, software, strategy, technology, threat, update, vulnerability, vulnerability-management, windows, zero-day, zero-trustWith the Federal Reserve Chairman meeting with bank CEOs to discuss the security implications of Claude Mythos, you can bet that your board of directors will ask you about the impact of the AI model on your cybersecurity strategy. Here’s how to prepare. Key takeaways Anthropic announced Claude Mythos Preview, its most powerful general-purpose frontier…
-
Microsoft adds Windows protections for malicious Remote Desktop files
Microsoft has introduced new Windows protections to defend against phishing attacks that abuse Remote Desktop connection (.rdp) files, adding warnings and disabling risky shared resources by default. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/microsoft-adds-windows-protections-for-malicious-remote-desktop-files/
-
Microsoft’s April 2026 Patch Tuesday Addresses 163 CVEs (CVE-2026-32201)
Tags: advisory, api, attack, best-practice, cloud, container, cve, cvss, cyber, data, exploit, firewall, firmware, flaw, framework, github, Internet, malicious, microsoft, mitigation, office, powershell, rce, remote-code-execution, service, software, sql, startup, tool, update, vulnerability, windows, zero-day8Critical 154Important 1Moderate 0Low Microsoft addresses 163 CVEs in the April 2026 Patch Tuesday release, including two zero-day vulnerabilities, one of which was exploited in the wild. Microsoft patched 163 CVEs in its April 2026 Patch Tuesday release, with eight rated critical, 154 rated as important and one rated as moderate. This is the second…
-
Microsoft releases Windows 10 KB5082200 extended security update
Microsoft has released the Windows 10 KB5082200 extended security update to fix the April 2026 Patch Tuesday vulnerabilities, including 2 zero-days. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/microsoft-releases-windows-10-kb5082200-extended-security-update/
-
Windows 11 cumulative updates KB5083769 & KB5082052 released
Microsoft has released Windows 11 KB5083769 and KB5082052 cumulative updates for versions 25H2/24H2 and 23H2 to fix security vulnerabilities, bugs, and add new features. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/windows-11-cumulative-updates-kb5083769-and-kb5082052-released/
-
Microsoft rolls out fast-track to reinstate Windows hardware dev accounts
Microsoft has rolled out a fast-track process to help developers regain access to accounts recently suspended from its Windows Hardware Program, following widespread complaints that they were locked out without warning. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/microsoft-rolls-out-fast-track-to-reinstate-windows-hardware-dev-accounts/
-
Botnet Exposed: Hackers Leave Worker Access and Root Passwords Wide Open
Hackers have left a live Twitter/X credential”‘stuffing botnet effectively unlocked, exposing its full command”‘and”‘control stack, worker fleet, and root passwords to anyone who knows where to look. The C2 runs on a Windows Server 2019 instance hosted by Hetzner in Falkenstein, Germany, with RDP, SMB, and WinRM all exposed alongside the Flask panel, indicating a…
-
Q1 2026 Open Source Malware Index: Adaptive Attacks, Familiar Weaknesses
Tags: access, ai, api, attack, automation, cloud, credentials, crypto, data, github, guide, intelligence, kubernetes, linux, macOS, malicious, malware, open-source, pypi, risk, software, supply-chain, tactics, theft, tool, update, windows, worm<div cla TL;DR Sonatype identified 21,764 open source malware packages in Q1 2026, bringing the total logged since 2017 to 1,346,867. npm accounted for 75% of malicious packages this quarter. Trojans dominated, with most activity focused on credential theft, host reconnaissance, and staged payload delivery. The quarter’s defining pattern was trust abuse: attackers succeeded by…
-
Janela RAT Spreads via Fake MSI Installers, Malicious Extensions
Janela Remote Access Trojan (RAT) campaign using fake Windows MSI installers and malicious browser extensions to infiltrate financial networks and exfiltrate sensitive data. The latest Janela RAT samples are being distributed through public GitLab repositories, where attackers host MSI installation files disguised as legitimate software installers. Unsuspecting users in Chile, Colombia, and Mexico the campaign’s primary targets are lured into downloading these…
-
CISA Alerts on Exploited Microsoft Exchange and Windows CLFS Security Flaws
Tags: cisa, cyber, cybersecurity, exploit, flaw, infrastructure, kev, microsoft, vulnerability, windowsThe Cybersecurity and Infrastructure Security Agency (CISA) has issued a high-priority alert regarding two actively exploited security vulnerabilities in Microsoft products. Added to the Known Exploited Vulnerabilities (KEV) catalog on April 13, 2026, these flaws impact the Microsoft Windows Common Log File System (CLFS) and Microsoft Exchange Server. Federal agencies and private organizations are strongly…
-
Ransomware-Linked ViperTunnel Malware Hits UK and US Businesses
ViperTunnel is a Python-based backdoor linked to DragonForce ransomware that targets businesses using Windows servers across the US and the UK. First seen on hackread.com Jump to article: hackread.com/ransomware-vipertunnel-malware-uk-us-businesses/
-
U.S. CISA adds Adobe, Fortinet, Microsoft Exchange Server, and Microsoft Windows flaws to its Known Exploited Vulnerabilities catalog
Tags: adobe, apple, cisa, cybersecurity, exploit, flaw, fortinet, infrastructure, kev, microsoft, vulnerability, windowsU.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Adobe, Fortinet, Microsoft Exchange Server, and Microsoft Windows flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Apple, Laravel Livewire and Craft CMS flaws to its Known Exploited Vulnerabilities (KEV) catalog. Below are the flaws added to the catalog: Last week,…
-
Windows 11: Microsoft testet freie Datumswahl für Updates
Microsoft testet unter Windows 11 eine Kalender-Auswahl für Update-Pausen. Ab Mai 2026 soll zudem Hotpatching störende Neustarts minimieren. First seen on golem.de Jump to article: www.golem.de/news/windows-11-microsoft-testet-freie-datumswahl-fuer-updates-2604-207525.html
-
âš¡ Weekly Recap: Fiber Optic Spying, Windows Rootkit, AI Vulnerability Hunting and More
Monday is back, and the weekend’s backlog of chaos is officially hitting the fan. We are tracking a critical zero-day that has been quietly living in your PDFs for months, plus some aggressive state-sponsored meddling in infrastructure that is finally coming to light. It is one of those mornings where the gap between a quiet…
-
Hackers Exploit MSBuild LOLBin to Evade Detection in Fileless Windows Attacks
Cyber attackers are increasingly using Living Off the Land Binaries (LOLBins) to bypass security detection. By leveraging legitimate system tools, these attacks avoid signature-based defenses and operate without dropping traditional malware files. One such LOLBin now gaining attention is MSBuild.exe, a native Windows development tool signed by Microsoft. Originally designed to build and run C# code from XML-based…
-
Kein Fix erwartet: Uhr auf Windows-Sperrbildschirm geht absichtlich nach
Die Uhrzeit auf dem Lockscreen von Windows aktualisiert sich teilweise verzögert. Microsoft will daran nichts ändern. Das Verhalten sei beabsichtigt. First seen on golem.de Jump to article: www.golem.de/news/kein-fix-erwartet-uhr-auf-windows-sperrbildschirm-geht-absichtlich-nach-2604-207497.html
-
Adobe Fixes Actively Exploited Zero-Day in Acrobat Reader
Adobe has released an emergency security update to address a critical zero-day vulnerability in Acrobat and Reader for Windows and macOS. According to Adobe’s APSB26-43 bulletin, the flaw is currently being exploited in the wild, prompting a Priority 1 rating from the company. Designated as CVE-2026-34621, this vulnerability is an Improperly Controlled Modification of Object…