Tag: windows

Microsoft’s March Security Update of High-Risk Vulnerability Notice for Multiple Products

Mar 30, 2026 7:30 AM

Tags: cyber, microsoft, network, office, risk, sql, update, vulnerability, windows

Overview On March 11, NSFOCUS CERT detected that Microsoft released the March Security Update patch, which fixed 83 security issues involving widely used products such as Windows, Microsoft Office, Microsoft SQL Server, Azure, etc., including high-risk vulnerability types such as privilege escalation and remote code execution. Among the vulnerabilities fixed by Microsoft’s monthly update this…The…
Microsoft tells crusty old kernel drivers to get with the Windows Hardware Compatibility Program

Mar 29, 2026 1:30 PM

Tags: Hardware, microsoft, windows

Cross-signed code gets the cold shoulder as Redmond tightens trust First seen on theregister.com Jump to article: www.theregister.com/2026/03/27/microsoft_kernel_trust/
Fake Certificate Loader Hides BlankGrabber Malware Chain

Mar 28, 2026 10:31 AM

Tags: cyber, infection, malware, rust, service, tool, windows

BlankGrabber’s operators are now abusing a fake “certificate” loader to hide a multi”‘stage Rust and Python infection chain, making this commodity stealer significantly harder to spot on Windows endpoints. The new technique relies on built”‘in tools such as certutil.exe, heavily obfuscated PyInstaller stubs, and stealthy exfiltration via Telegram and public web services to evade both…
Attackers exploit critical Langflow RCE within hours as CISA sounds alarm

Mar 27, 2026 10:30 PM

Tags: access, advisory, ai, api, attack, cisa, cloud, credentials, cve, cvss, data, data-breach, detection, endpoint, exploit, flaw, framework, github, infrastructure, injection, kev, malicious, monitoring, nvd, open-source, rce, remote-code-execution, software, supply-chain, threat, update, vulnerability, windows

credentials, was weaponized within 20 hours of the open-source AI-pipeline tool disclosing it.According to a Sysdig report, crooks started hitting a fleet of honeypot nodes with vulnerable instances across multiple cloud providers and regions right after they went live. Sysdig observed four such attempts within hours of deployment, with one attacker progressing to environment variable exfiltration.”This is…
Windows 11 KB5079391 update rolls out Smart App Control improvements

Mar 27, 2026 10:30 PM

Tags: control, microsoft, update, windows

Microsoft has released the KB5079391 preview cumulative update for Windows 11 24H2 and 25H2, which includes 29 changes, such as Smart App Control and Display improvements. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/windows-11-kb5079391-update-rolls-out-smart-app-control-improvements/
Windows Error Reporting Vulnerability Exposes Systems to Privilege Escalation, Allowing SYSTEM Access

Mar 27, 2026 10:30 PM

Tags: access, cve, cyber, exploit, flaw, microsoft, service, vulnerability, windows

Microsoft recently patched a severe Elevation of Privilege (EoP) vulnerability in the Windows Error Reporting (WER) service, officially tracked as CVE-2026-20817. This flaw allows a local attacker with standard user rights to escalate to SYSTEM privileges by exploiting improper permission handling. The vulnerability was so significant that Microsoft chose to remove the affected feature entirely…
Bearlyfy Hits Russian Firms with Custom GenieLocker Ransomware

Mar 27, 2026 10:30 PM

Tags: attack, cyber, group, ransomware, russia, threat, ukraine, windows

A pro-Ukrainian group called Bearlyfy has been attributed to more than 70 cyber attacks targeting Russian companies since it first surfaced in the threat landscape in January 2025, with recent attacks leveraging a custom Windows ransomware strain codenamed GenieLocker.”Bearlyfy (also known as Labubu) operates as a dual-purpose group aimed at inflicting maximum damage upon Russian…
Attackers exploit critical Langflow RCE within hours as CISA sounds alarm

Mar 27, 2026 10:30 PM

Tags: access, advisory, ai, api, attack, cisa, cloud, credentials, cve, cvss, data, data-breach, detection, endpoint, exploit, flaw, framework, github, infrastructure, injection, kev, malicious, monitoring, nvd, open-source, rce, remote-code-execution, software, supply-chain, threat, update, vulnerability, windows

credentials, was weaponized within 20 hours of the open-source AI-pipeline tool disclosing it.According to a Sysdig report, crooks started hitting a fleet of honeypot nodes with vulnerable instances across multiple cloud providers and regions right after they went live. Sysdig observed four such attempts within hours of deployment, with one attacker progressing to environment variable exfiltration.”This is…
New ClickFix Attack Exploits Windows Run Dialog and macOS Terminal to Deploy Malware

Mar 26, 2026 4:47 PM

Tags: attack, cyber, exploit, group, macOS, malware, threat, windows

Threat actors are standardizing a powerful ClickFix-based attack that abuses the Windows Run dialog box and macOS Terminal to deliver malware while sidestepping traditional browser protections. Insikt Group has tracked five distinct ClickFix activity clusters active since at least May 2024, with lures impersonating brands such as Intuit QuickBooks and Booking.com. Using Recorded Future’s HTML…
Kein Patch verfügbar: Forscher demonstrieren Windows-Passwortklau über den Browser

Mar 26, 2026 1:46 PM

Tags: phishing, update, windows

Ein Forscherteam hat vor zwei Jahren eine Phishing-Technik entdeckt, die einen geschickten Passwortklau ermöglicht. Lösen will das Problem offenbar keiner. First seen on golem.de Jump to article: www.golem.de/news/kein-patch-verfuegbar-forscher-demonstrieren-windows-passwortklau-ueber-den-browser-2603-206956.html
IDrive for Windows Vulnerability Allows Attackers to Escalate Privileges and Gain Unauthorized Access

Mar 26, 2026 10:46 AM

Tags: access, backup, cloud, cve, cyber, flaw, unauthorized, vulnerability, windows

A critical security flaw has been identified in the IDrive Cloud Backup Client for Windows, exposing users to local privilege escalation attacks. Tracked as CVE-2026-1995, this vulnerability allows authenticated, low-privilege attackers to execute arbitrary code with the highest system permissions, potentially leading to a complete compromise of the targeted device. IDrive is a widely used…
When Data Mining Conti Leaks Leads to Actual Binaries and to a Hardcoded C2 With an Encryption Key on Tripod.com Part Five

Mar 25, 2026 3:48 PM

Tags: backdoor, control, data, detection, encryption, infrastructure, leak, malicious, malware, network, resilience, software, windows

Dear blog readers, Continuing the “When Data Mining Conti Leaks Leads to Actual Binaries and to a Hardcoded C2 With an Encryption Key on Tripod.com – Part Four” blog post series in this post I’ll continue analyzing the next malicious software binary which I obtained by data mining Conti Leaks with a lot of success. …
Linux Ransomware Pay2Key Targets Servers, Virtualization Hosts, and Cloud Workloads

Mar 25, 2026 12:47 PM

Tags: cloud, cyber, linux, ransomware, service, vmware, windows

Linux-focused ransomware Pay2Key is actively targeting enterprise servers, VMware ESXi virtualization hosts, and cloud workloads, underscoring how far Linux ransomware has evolved beyond simple file lockers. Originally known for fast, human-operated Windows intrusions against Israeli and Brazilian organizations, Pay2Key has re-emerged as a ransomware-as-a-service (RaaS) with explicit support for Linux environments. Recent research shows that newer…
Linux Ransomware Pay2Key Targets Servers, Virtualization Hosts, and Cloud Workloads

Mar 25, 2026 12:47 PM

Tags: cloud, cyber, linux, ransomware, service, vmware, windows

Linux-focused ransomware Pay2Key is actively targeting enterprise servers, VMware ESXi virtualization hosts, and cloud workloads, underscoring how far Linux ransomware has evolved beyond simple file lockers. Originally known for fast, human-operated Windows intrusions against Israeli and Brazilian organizations, Pay2Key has re-emerged as a ransomware-as-a-service (RaaS) with explicit support for Linux environments. Recent research shows that newer…
Linux Ransomware Pay2Key Targets Servers, Virtualization Hosts, and Cloud Workloads

Mar 25, 2026 12:47 PM

Tags: cloud, cyber, linux, ransomware, service, vmware, windows

Linux-focused ransomware Pay2Key is actively targeting enterprise servers, VMware ESXi virtualization hosts, and cloud workloads, underscoring how far Linux ransomware has evolved beyond simple file lockers. Originally known for fast, human-operated Windows intrusions against Israeli and Brazilian organizations, Pay2Key has re-emerged as a ransomware-as-a-service (RaaS) with explicit support for Linux environments. Recent research shows that newer…
Linux Ransomware Pay2Key Targets Servers, Virtualization Hosts, and Cloud Workloads

Mar 25, 2026 12:47 PM

Tags: cloud, cyber, linux, ransomware, service, vmware, windows

Linux-focused ransomware Pay2Key is actively targeting enterprise servers, VMware ESXi virtualization hosts, and cloud workloads, underscoring how far Linux ransomware has evolved beyond simple file lockers. Originally known for fast, human-operated Windows intrusions against Israeli and Brazilian organizations, Pay2Key has re-emerged as a ransomware-as-a-service (RaaS) with explicit support for Linux environments. Recent research shows that newer…
Google’s TurboQuant cuts AI memory use without losing accuracy

Mar 25, 2026 8:47 AM

Tags: ai, google, windows

Large language models carry a persistent scaling problem. As context windows grow, the memory required to store key-value (KV) caches expands proportionally, consuming GPU … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/03/25/google-turboquant-ai-model-compression/
FBI Warns of Iran’s Handala Hack Group Using Fake Apps to Spy on Windows Users

Mar 24, 2026 5:47 PM

Tags: group, iran, spy, windows

The FBI has issued a warning about Iran-linked Handala Hack Group, targeting Windows users through fake versions of WhatsApp and Telegram. First seen on hackread.com Jump to article: hackread.com/fbi-iran-handala-hack-group-fake-apps-spy-windows/
SilentConnect Uses Fake Invites to Deploy ScreenConnect RAT

Mar 24, 2026 7:46 AM

Tags: access, attack, cloud, cyber, rat, service, social-engineering, tool, windows

SILENTCONNECT is a new multi-stage Windows loader that abuses fake online invitations and trusted cloud services to silently deploy the ConnectWise ScreenConnect remote access tool on victim systems. The campaign blends social engineering, living-off-the-land binaries, and low-level evasion techniques to achieve hands-on keyboard access while remaining difficult to spot in traditional monitoring. The attack starts…
Chrome Security Update Fixes 8 Vulnerabilities That Could Enable Remote Code Execution

Mar 24, 2026 6:50 AM

Tags: browser, chrome, cyber, google, linux, remote-code-execution, update, vulnerability, windows

Google has released a crucial security update for its Chrome browser, addressing eight high-severity vulnerabilities. Users are strongly advised to update their browsers immediately to protect their systems from potential remote code execution attacks. The stable channel update rolls out versions 146.0.7680.164 and 146.0.7680.165 for Windows and Mac users, while Linux users will receive version…
Windows 11 Patch Triggers Sign-In Failures Across Microsoft Apps

Mar 23, 2026 4:47 PM

Tags: microsoft, update, windows

A Windows 11 security update triggered Microsoft app sign-in failures, prompting an emergency patch and a manual workaround for affected users. The post Windows 11 Patch Triggers Sign-In Failures Across Microsoft Apps appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-windows-11-update-login-error-march-2026/
Microsoft fixes broken Windows update days after vowing fewer broken updates

Mar 23, 2026 12:47 PM

Tags: microsoft, update, windows

The era of reliability begins… right after this out-of-band patch First seen on theregister.com Jump to article: www.theregister.com/2026/03/23/emergency_fix_windows_11/
Removing some Copilots will improve Windows 11

Mar 23, 2026 11:47 AM

Tags: microsoft, windows

‘Doze boss admits quality is down, promises smaller memory footprint and fixes for many well-known issues First seen on theregister.com Jump to article: www.theregister.com/2026/03/23/windows_quality_commitment/
Behavioral XDR and threat intel nab North Korean fake IT worker within 10 days of hire

Mar 23, 2026 11:47 AM

Tags: access, authentication, business, china, ciso, control, data, edr, firewall, iam, identity, Internet, jobs, korea, login, monitoring, north-korea, service, software, threat, update, vpn, windows

Key signs of NK-linked insider infiltration: SpiderLabs has found that these threat actors commonly operate from China rather than North Korea because the internet is more stable and they can employ VPN services to conceal their true geographic origin.Astrill VPN has the ability to bypass China’s Great Firewall and allows threat actors to tunnel traffic…
Erstes Update beim Patchday im März 2026 – Überraschendes Notfall-Update für Windows 11

Mar 23, 2026 7:46 AM

Tags: update, windows

First seen on security-insider.de Jump to article: www.security-insider.de/windows-11-hotpatch-kb5084597-rras-sicherheitsluecken-ohne-neustart-a-4da1f08a79a0230dd39c21f6cec7a669/
When Data Mining Conti Leaks Leads to Actual Binaries and to a Hardcoded C2 With an Encryption Key on Tripod.com Part Three

Mar 22, 2026 9:10 PM

Tags: access, api, data, detection, encryption, group, injection, leak, malicious, malware, monitoring, network, risk, software, threat, tool, windows

Dear blog readers, Continuing the “When Data Mining Conti Leaks Leads to Actual Binaries and to a Hardcoded C2 With an Encryption Key on Tripod.com – Part Two” blog post series in this post I’ll continue analyzing the next malicious software binary which I obtained by data mining Conti Leaks with a lot of success. …
NVIDIA’s BlueField-4 STX Aims to Fix the Storage Problem AI Agents Keep Running Into

Mar 21, 2026 8:10 PM

Tags: ai, Hardware, nvidia, windows

The AI industry has a storage problem. As AI agents take on longer sessions, multi-step reasoning and expanding context windows, the GPUs doing the heavy lifting keep waiting on data. Traditional storage architectures weren’t built for this kind of sustained, real-time demand, and the result is expensive hardware sitting underutilized. NVIDIA’s answer is BlueField-4 STX,..…
Microsoft breaks Microsoft account sign-ins in Windows 11 with latest update

Mar 21, 2026 5:11 AM

Tags: Internet, microsoft, office, update, windows

OneDrive, Office, Teams Free users greeted with phantom ‘no internet’ errors, restart may help if you’re lucky First seen on theregister.com Jump to article: www.theregister.com/2026/03/20/microsoft_account_not_working_have/
6 Best Open Source Password Managers for Windows in 2026

Mar 20, 2026 5:10 PM

Tags: open-source, password, windows

Discover the top open-source password managers for Windows. Learn about the features and benefits of each to determine which one is the best fit for your needs. The post 6 Best Open Source Password Managers for Windows in 2026 appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/best-password-manager-open-source-windows/
New Fake Zoom Meeting Invite Scam Spreads Malware on Windows PCs

Mar 20, 2026 3:09 PM

Tags: cybersecurity, malware, scam, windows

Cybersecurity researchers at Sublime Security have discovered a new scam that uses realistic, interactive JavaScript-based Zoom meeting invites to trick users into installing malware. First seen on hackread.com Jump to article: hackread.com/fake-zoom-meeting-invite-scam-windows-pc-malware/