Tag: windows
-
Attackers Bypass Windows >>Mark of the Web<< Protections Using LNK-Stomping
A sophisticated attack technique calledLNK Stompingis enabling cybercriminals to bypass Windows security protections designed to block malicious files downloaded from the internet. The technique exploits a vulnerability in Windows shortcuts that was patched in September 2024 as CVE-2024-38217. Windows shortcuts, known as LNK files, have become increasingly popular attack vectors since Microsoft strengthened macro blocking…
-
Hackers Deploy New EDR-Freeze Tool to Disable Security Software
A security researcher has released a new tool that can temporarily disable endpoint detection and response (EDR) systems and antivirus software without requiring vulnerable drivers, marking a significant evolution in attack techniques targeting security solutions. Advanced Evasion Through Windows Components The tool, dubbed EDR-Freeze and developed by researcher TwoSevenOneT, exploits Windows Error Reporting functionality to suspend security…
-
Microsoft starts rolling out Gaming Copilot on Windows 11 PCs
Microsoft has begun rolling out the beta version of its AI-powered Gaming Copilot to Windows 11 systems for users aged 18 or older, excluding those in mainland China. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/microsoft-starts-rolling-out-gaming-copilot-on-windows-11-pcs/
-
Microsoft thinks cloud PCs might be overkill, starts streaming just apps under Windows 365
As old-school virtual desktop player Omnissa distances itself further from VMware First seen on theregister.com Jump to article: www.theregister.com/2025/09/18/microsoft_cloud_apps_omnissa_update/
-
Steam will stop running on Windows 32-bit in January 2026
Valve has announced that its Steam digital distribution service will drop support for 32-bit versions of Windows starting January 2026. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/software/steam-will-stop-running-on-windows-32-bit-in-january-2026/
-
HybridPetya ransomware bypasses Windows Secure Boot
First seen on csoonline.com Jump to article: https://www.csoonline.com/article/4059815/hybridpetya-ransomware-knackt-windows-secure-boot-2.html
-
Windows 11 Notepad to Receive AI Upgrade for Free Text Writing and Summarizing
Microsoft has announced a significant upgrade to Windows 11 Notepad, introducing powerful artificial intelligence features that will revolutionize how users create and edit text. The update brings AI-powered writing assistance directly to the classic text editor, offering capabilities previously available only in premium applications. Windows 11 Notepad now features AI-powered options like write, rewrite, and summarize accessible…
-
Windows 11 Notepad to Receive AI Upgrade for Free Text Writing and Summarizing
Microsoft has announced a significant upgrade to Windows 11 Notepad, introducing powerful artificial intelligence features that will revolutionize how users create and edit text. The update brings AI-powered writing assistance directly to the classic text editor, offering capabilities previously available only in premium applications. Windows 11 Notepad now features AI-powered options like write, rewrite, and summarize accessible…
-
Windows 10 und Office 2016/2019 ab Oktober 2025 sicher betreiben Teil 2
In Teil 1 hatte ich erwählt, dass Windows 10 22H2 und Microsoft Office 2016 sowie Microsoft Office 2019 zum 14. Oktober 2025 aus dem Support fallen. In Teil 2 möchte ich auf die Implikationen eingehen und auch aufzeigen, welche Optionen … First seen on borncity.com Jump to article: www.borncity.com/blog/2025/09/19/windows-10-und-office-2016-2019-ab-oktober-2025-sicher-betreiben-teil-2/
-
Supportende für Windows 10 und Office 2016/2019 im Oktober 2025 Teil 1
Kurzer Hinweis für Benutzer von Windows 10 22H2 und Microsoft Office 2016 sowie Microsoft Office 2019. Microsoft hat kürzlich daran erinnert, dass der Support dieser Produkte zum 14. Oktober 2025 endet. An diesem Datum wird es letztmalig Sicherheitsupdates für Windows … First seen on borncity.com Jump to article: www.borncity.com/blog/2025/09/18/supportende-fuer-windows-10-und-office-2016-2019-im-oktober-2025/
-
Notepad gets free AI features on Copilot+ PCs with Windows 11
Microsoft is adding free AI-powered text writing capabilities to Notepad for customers with Copilot+ PCs running Windows 11. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/notepad-gets-free-ai-features-on-copilot-plus-pcs-with-windows-11/
-
SilentSync RAT Delivered via Two Malicious PyPI Packages Targeting Python Developers
Cybersecurity researchers have discovered two new malicious packages in the Python Package Index (PyPI) repository that are designed to deliver a remote access trojan called SilentSync on Windows systems.”SilentSync is capable of remote command execution, file exfiltration, and screen capturing,” Zscaler ThreatLabz’s Manisha Ramcharan Prajapati and Satyam Singh said. “SilentSync also extracts First seen on…
-
Stealth in Plain Sight: Cryptojackers Hijack PowerShell and Windows Processes to Evade Detection
Darktrace researchers uncovered a sophisticated cryptojacking attempt using PowerShell scripts to inject NBMiner into Windows processes. Experts warn that modern cryptomining malware is more than a nuisance”, posing risks to productivity, data security, and energy costs while exploiting “living off the land” tactics to evade detection. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/09/stealth-in-plain-sight-cryptojackers-hijack-powershell-and-windows-processes-to-evade-detection/
-
Windows Greenshot Vulnerability Lets Attackers Execute Malicious Code PoC Published
A critical security vulnerability in the popular Greenshot screenshot utility has been discovered that allows local attackers to execute arbitrary malicious code within the trusted application process. The vulnerability, tracked asCVE-2025-59050, affects Greenshot versions up to 1.3.300 and has been patched in version 1.3.301 released on September 16, 2025. Greenshot image editor interface showing capture…
-
Malicious PyPI Packages Deliver SilentSync RAT
IntroductionZscaler ThreatLabz regularly monitors for threats in the popular Python Package Index (PyPI), which contains open source libraries that are frequently used by many Python developers. In July 2025, a malicious Python package named termncolor was identified by ThreatLabz. Just a few weeks later, on August 4, 2025, ThreatLabz uncovered two more malicious Python packages…
-
APT37 greift Windows Systeme mit Rust-Backdoor und Python-Loader an
Das Sicherheitsteam von Zscaler ThreatLabz hat aktuelle Aktivitäten der Hackergruppe APT37 untersucht. Dabei wurde erstmals eine neue Backdoor identifiziert, die auf Windows-Systeme abzielt. First seen on it-daily.net Jump to article: www.it-daily.net/it-sicherheit/cybercrime/apt37-windows-system-rust-backdoor-python-loader
-
Python-Based “XillenStealer” Campaign Targets Windows Users’ Sensitive Data
A sophisticated Python-based information stealer named XillenStealer has emerged as a significant threat to Windows users, designed to harvest sensitive system data, browser credentials, and cryptocurrency wallet information. XillenStealer operates through a comprehensive builder framework called >>XillenStealer Builder V3.0,
-
BitPixie Windows Boot Manager Flaw Lets Hackers Escalate Privileges
A critical vulnerability nicknamed >>BitPixie
-
BitPixie Windows Boot Manager Flaw Lets Hackers Escalate Privileges
A critical vulnerability nicknamed >>BitPixie
-
WMIC will be removed after Windows 11 25H2 upgrade
Microsoft has announced that the Windows Management Instrumentation Command-line (WMIC) tool will be removed after upgrading to Windows 11 25H2 and later. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/microsoft-wmic-will-be-removed-after-windows-11-25h2-upgrade/
-
Windows Users Hit by VenomRAT in AI-Driven RevengeHotels Attack
RevengeHotels, also known as TA558, has escalated its long-standing cybercrime campaign by incorporating artificial intelligence into its infection chains, deploying the potent VenomRAT malware against Windows users. Active since 2015, this threat actor has traditionally targeted hotel guests and travelers, stealing payment card data through phishing emails. Recent campaigns, however, demonstrate a marked shift: AI-generated…
-
CobaltStrike’s AI-native successor, ‘Villager,’ makes hacking too easy
Tags: ai, attack, control, credentials, detection, exploit, framework, governance, hacking, identity, incident response, intelligence, network, pypi, RedTeam, risk, supply-chain, threat, update, vulnerability, windowsSupply chain and detection risks: Villager’s presence on a trusted public repository like PyPI, where it was downloaded over 10,000 times over the last two months, introduces a new vector for supply chain compromise. Jason Soroko, senior fellow at Sectigo, advised that organizations “focus first on package provenance by mirroring PyPI, enforcing allow lists for…
-
CobaltStrike’s AI-native successor, ‘Villager,’ makes hacking too easy
Tags: ai, attack, control, credentials, detection, exploit, framework, governance, hacking, identity, incident response, intelligence, network, pypi, RedTeam, risk, supply-chain, threat, update, vulnerability, windowsSupply chain and detection risks: Villager’s presence on a trusted public repository like PyPI, where it was downloaded over 10,000 times over the last two months, introduces a new vector for supply chain compromise. Jason Soroko, senior fellow at Sectigo, advised that organizations “focus first on package provenance by mirroring PyPI, enforcing allow lists for…
-
HybridPetya-Ransomware knackt Windows Secure Boot
Die Ransomware HybridPetya nutzt eine bereits gepatchte Microsoft-Lücke, um die UEFI Secure Boot-Funktion auszuhebeln.Forscher des Cybersicherheitsunternehmens ESET haben eine neue Ransomware namens HybridPetya aufgespürt, die der berüchtigten Petya- und NotPetya-Malware ähnelt. Wie ihre Vorgänger zielt die Schadsoftware auf die Master File Table (MFT) ab eine zentrale Datenbank auf NTFS-Partitionen, die alle Dateien und Verzeichnisse katalogisiert.Im…
-
HybridPetya-Ransomware knackt Windows Secure Boot
Die Ransomware HybridPetya nutzt eine bereits gepatchte Microsoft-Lücke, um die UEFI Secure Boot-Funktion auszuhebeln.Forscher des Cybersicherheitsunternehmens ESET haben eine neue Ransomware namens HybridPetya aufgespürt, die der berüchtigten Petya- und NotPetya-Malware ähnelt. Wie ihre Vorgänger zielt die Schadsoftware auf die Master File Table (MFT) ab eine zentrale Datenbank auf NTFS-Partitionen, die alle Dateien und Verzeichnisse katalogisiert.Im…
-
APT37 greift Windows-Systeme mit Rust-Backdoor und Python-Loader an
Das Zscaler-ThreatLabz-Team hat APT37 (auch bekannt als Scarcruft, Ruby-Sleet und Velvet-Chollima) unter die Lupe genommen, da über die Backdoor Rustonotto erstmals auch Windows-Systeme angegriffen werden. APT37 zielt in erster Linie auf südkoreanische Aktivisten ab, die mit dem nordkoreanischen Regime in Verbindung stehen oder sich für Menschenrechte engagieren, und nutzt dabei speziell entwickelte Malware und neue…
-
Microsoft Resolves Bluetooth Audio Problem in Windows 11 24H2 Update
Microsoft has addressed a widespread audio issue affecting Bluetooth speakers, headsets, and integrated laptop speakers in Windows 11 version 24H2. The problem stemmed from an incompatibility with Dirac Audio software on certain devices, causing audio devices to go silent and applications to stop recognizing them. Resolves Bluetooth Audio Problem Following reports from users and IT…
-
Dirac audio glitch finally silenced in Windows 11 24H2
Microsoft removes safeguard hold thanks to updated drivers First seen on theregister.com Jump to article: www.theregister.com/2025/09/15/windows_11_dirac_audio/
-
Microsoft to force install the Microsoft 365 Copilot app in October
Next month, Microsoft will begin automatically installing the Microsoft 365 Copilot app on Windows devices that have the Microsoft 365 desktop client apps. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/microsoft-to-force-install-the-microsoft-365-copilot-app-in-october/
-
SEO Poisoning Targets Chinese Users with Fake Software Sites
SEO poisoning attack has been observed targeting Chinese Windows users via lookalike domains, installing Hiddengh0st and Winos First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/seo-poisoning-targets-china/