Tag: windows
-
Dell SupportAssist Update Forces Windows Systems Into BSOD Loop
A faulty update to Dell’s SupportAssist Remediation service is triggering widespread system crashes, forcing thousands of Dell and Alienware devices into continuous Blue Screen of Death (BSOD) loops. Affected systems repeatedly crash with the “CRITICAL_PROCESS_DIED” error, often every 30 minutes, severely disrupting productivity and system stability. Dell has acknowledged the issue and confirmed that its…
-
Windows 11 and Microsoft Edge hacked at Pwn2Own Berlin 2026
On the first day of Pwn2Own Berlin 2026, security researchers collected $523,000 in cash awards after exploiting 24 unique zero-days. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/windows-11-and-microsoft-edge-hacked-on-first-day-of-pwn2own-berlin-2026/
-
Windows 11 and Microsoft Edge hacked at Pwn2Own Berlin 2026
On the first day of Pwn2Own Berlin 2026, security researchers collected $523,000 in cash awards after exploiting 24 unique zero-days. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/windows-11-and-microsoft-edge-hacked-on-first-day-of-pwn2own-berlin-2026/
-
Windows 11 and Microsoft Edge hacked at Pwn2Own Berlin 2026
On the first day of Pwn2Own Berlin 2026, security researchers collected $523,000 in cash awards after exploiting 24 unique zero-days. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/windows-11-and-microsoft-edge-hacked-on-first-day-of-pwn2own-berlin-2026/
-
Windows 11 and Microsoft Edge hacked at Pwn2Own Berlin 2026
On the first day of Pwn2Own Berlin 2026, security researchers collected $523,000 in cash awards after exploiting 24 unique zero-days. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/windows-11-and-microsoft-edge-hacked-on-first-day-of-pwn2own-berlin-2026/
-
Windows 11 and Microsoft Edge hacked at Pwn2Own Berlin 2026
On the first day of Pwn2Own Berlin 2026, security researchers collected $523,000 in cash awards after exploiting 24 unique zero-days. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/windows-11-and-microsoft-edge-hacked-on-first-day-of-pwn2own-berlin-2026/
-
Zero-day exploit completely defeats default Windows 11 BitLocker protections
It’s not entirely clear how the exploit works. Microsoft says it’s investigating. First seen on arstechnica.com Jump to article: arstechnica.com/security/2026/05/zero-day-exploit-completely-defeats-default-windows-11-bitlocker-protections/
-
Zero-day exploit completely defeats default Windows 11 BitLocker protections
It’s not entirely clear how the exploit works. Microsoft says it’s investigating. First seen on arstechnica.com Jump to article: arstechnica.com/security/2026/05/zero-day-exploit-completely-defeats-default-windows-11-bitlocker-protections/
-
Fake Job Interview Apps Drop JobStealer Malware on Windows and macOS
Hackers are using Fake interview apps to spread JobStealer malware on macOS and Windows to steal crypto wallets, browser data, and passwords. First seen on hackread.com Jump to article: hackread.com/fake-job-interview-jobstealer-malware-windows-macos/
-
Fake Job Interview Apps Drop JobStealer Malware on Windows and macOS
Hackers are using Fake interview apps to spread JobStealer malware on macOS and Windows to steal crypto wallets, browser data, and passwords. First seen on hackread.com Jump to article: hackread.com/fake-job-interview-jobstealer-malware-windows-macos/
-
BitUnlocker knackt BitLocker in unter fünf Minuten
Tags: windowsBitUnlocker knackt BitLocker auf Windows 11 in unter fünf Minuten. Betroffen sind TPM-only-Systeme ohne PIN. First seen on tarnkappe.info Jump to article: tarnkappe.info/artikel/it-sicherheit/bitunlocker-knackt-bitlocker-windows-11-329149.html
-
Windows DNS Client Security Flaw Exposes Systems to Remote Code Execution
Windows systems worldwide are at risk from a new critical flaw in the Windows DNS Client that could allow remote code execution without any user interaction. Tracked as CVE-2026-41096, the vulnerability has been rated critical with a CVSS base score of 9.8. It is patched in Microsoft’s May 12, 2026, security updates. Critical DNS client…
-
Dell confirms its SupportAssist software causes Windows BSOD crashes
Dell confirmed that its SupportAssist software is causing blue-screen crashes on some Windows systems following a wave of user reports about random reboots affecting Dell devices since Friday. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/software/dell-confirms-its-supportassist-software-causes-windows-bsod-crashes/
-
Windows Zero-Days Expose BitLocker Bypasses And CTFMON Privilege Escalation
An anonymous cybersecurity researcher who disclosed three Microsoft Defender vulnerabilities has returned with two more zero-days involving a BitLocker bypass and a privilege escalation impacting Windows Collaborative Translation Framework (CTFMON).The security defects have been codenamed YellowKey and GreenPlasma, respectively, by the researcher, who goes by the online aliases Chaotic Eclipse First seen on thehackernews.com Jump…
-
Microsoft releases Windows 10 KB5087544 extended security update
Microsoft has released the Windows 10 KB5087544 extended security update to fix the May 2026 Patch Tuesday vulnerabilities and resolve an issue with the new Remote Desktop warnings. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/microsoft-releases-windows-10-kb5087544-extended-security-update/
-
Windows 11 KB5089549 & KB5087420 cumulative updates released
Microsoft has released Windows 11 KB5089549 and KB5087420 cumulative updates for versions 25H2/24H2 and 23H2 to fix security vulnerabilities, bugs, and add new features. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/windows-11-kb5089549-and-kb5087420-cumulative-updates-released/
-
Zoom Rooms and Workplace Flaws Expose Users to Elevated Access Attacks
A newly disclosed batch of vulnerabilities in Zoom’s software suite could give attackers the leverage they need to hijack systems. Zoom has released critical security updates to patch three distinct flaws affecting its Windows and iOS applications. The most dangerous of these vulnerabilities allows authenticated attackers to elevate their system privileges, effectively turning a standard…
-
Frustrierende Updates: Wie Microsoft Windows-11-Updates weniger nervig machen will
Wenige Dinge sind frustrierender, als sich an den PC zu setzen und festzustellen, dass er ein Update benötigt, schreibt Microsoft. First seen on golem.de Jump to article: www.golem.de/news/frustrierende-updates-wie-microsoft-windows-11-updates-weniger-nervig-machen-will-2605-208563.html
-
BitUnlocker Downgrade Attack Bypasses Windows 11 Disk Encryption in Minutes
A proof-of-concept (PoC) exploit that demonstrates how attackers can bypass Windows 11 BitLocker disk encryption in under 5 minutes. Dubbed the >>BitUnlocker<< attack, this physical downgrade technique exploits a known vulnerability, CVE-2025-48804. Initially documented by the Microsoft STORM team in July 2025, the flaw exposes a critical weakness in how Secure Boot interacts with legacy…
-
New GhostLock tool abuses Windows API to block file access
A security researcher has released a proof-of-concept tool named GhostLock that demonstrates how a legitimate Windows file API can be abused in attacks to block access to files stored locally or on SMB network shares. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/new-ghostlock-tool-abuses-windows-api-to-block-file-access/
-
Malicious Hugging Face model masquerading as OpenAI release hits 244K downloads
Part of a broader AI supply chain targeting: HiddenLayer, in its advisory, said that it identified six additional Hugging Face repositories uploaded under a separate account that used nearly identical loader logic and shared infrastructure with the campaign.The researchers also linked elements of the operation to earlier software supply-chain attacks involving npm typosquatting campaigns and…
-
Official JDownloader site served malware to Windows and Linux users between May 6 and May 7
JDownloader website was hacked to distribute malicious Windows and Linux installers carrying a Python RAT between May 67, 2026. JDownloader official website was compromised in a supply chain attack that replaced legitimate Windows and Linux installers with malicious files between May 6 and May 7, 2026. JDownloader is a free, open-source download management application designed…
-
Rustinel: Open-source endpoint detection for Windows and Linux
Open-source endpoint detection has long been split between Windows-focused tools built around Sysmon and Linux tools built around eBPF or auditd. Defenders running mixed … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/05/11/rustinel-open-source-endpoint-detection-windows-linux/
-
Fake Claude Campaign Uses PlugX-Style DLL Sideloading Chain
Hackers are abusing a fake Claude AI download site to deliver a PlugX”‘style DLL sideloading chain that ultimately deploys a new Windows backdoor dubbed “Beagle.” The campaign blends malvertising, a trojanized installer, and signed security software components to achieve stealthy persistence and remote control. Attackers registered claude-pro[.]com, a site that visually imitates Anthropic’s legitimate Claude…
-
Trending Hugging Face Repo With 200K Downloads Spreads Windows Malware
A malicious Hugging Face repository, Open-OSS/privacy-filter, that abused the platform’s trust and trending algorithm to deliver a sophisticated Rust-based infostealer to Windows users. The project briefly reached the #1 trending position with roughly 244,000 downloads and hundreds of likes before Hugging Face took it down, strongly suggesting the threat actor artificially boosted its popularity to…
-
Fake OpenAI Privacy Filter Repo Hits #1 on Hugging Face, Draws 244K Downloads
A malicious Hugging Face repository managed to take a spot in the platform’s trending list by impersonating OpenAI’s Privacy Filter open-weight model to deliver a Rust-based information stealer to Windows users.The project, named Open-OSS/privacy-filter, masqueraded as its legitimate counterpart, released by OpenAI late last month (openai/privacy-filter), including copying the entire First seen on thehackernews.com Jump…
-
Wenn die Hardware ‘offiziell” nicht mehr unterstützt wird – FlyOOBE: Windows 11 ohne TPM installieren
First seen on security-insider.de Jump to article: www.security-insider.de/flyoobe-windows-11-ohne-tpm-installieren-a-e12e371476208b034a4ee4db02880915/
-
CloudZ RAT Abuses Windows Phone Link to Steal OTPs
Cisco Talos discovered the CloudZ RAT exploiting Microsoft Phone Link to intercept SMS-based OTPs from Windows endpoints. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/cloudz-rat-abuses-windows-phone-link-to-steal-otps/
-
Microsoft-Edge speichert Passwörter im RAM als Klartext
Windows 10 und 11 nutzen eine Speicherisolation, damit Prozesse in voneinander getrennten virtuellen Adressräumen ausgeführt werden. Unter bestimmten Bedingungen kann jedoch ein gewöhnlicher Anwendungsprozess weiterhin auf den Speicher eines anderen Prozesses im Benutzermodus zugreifen. Das wirft die Befürchtung auf, dass Malware, die mit normalen Benutzerrechten ausgeführt wird, sensible Informationen wie Passwörter und Authentifizierungs-Tokens direkt aus…
-
Fake Claude AI Site Drops Beagle Backdoor on Windows Users
Sophos finds fake Claude site spreading DonutLoader and a new Beagle backdoor via DLL sideloading First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/fake-claude-site-beagle-backdoor/