Tag: windows

Trend Micro Apex Central RCE Flaw Scores 9.8 CVSS in On-Prem Windows Versions

Jan 9, 2026 12:01 PM

Tags: cve, cvss, flaw, rce, remote-code-execution, update, vulnerability, windows

Trend Micro has released security updates to address multiple security vulnerabilities impacting on-premise versions of Apex Central for Windows, including a critical bug that could result in arbitrary code execution.The vulnerability, tracked as CVE-2025-69258, carries a CVSS score of 9.8 out of a maximum of 10.0. The vulnerability has been described as a case of…
GenDigital Research Exposes AuraStealer Infostealer Tactics

Jan 8, 2026 9:01 PM

Tags: data, tactics, windows

GenDigital researchers reveal how AuraStealer uses advanced evasion and a MaaS model to steal data from Windows systems. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/gendigital-research-exposes-aurastealer-infostealer-tactics/
New DocuSign-Themed Phishing Scam Delivers Stealth Malware to Windows Devices

Jan 8, 2026 7:02 PM

Tags: access, attack, cyber, email, malware, phishing, scam, windows

New research has uncovered asophisticated phishingcampaign that abusesDocuSign’sbrand to deliver Vidar malware and infect Windows systems. The operation uses a realistic phishing site, a fake signed installer, access-code checks, andtimebasedexecution barriers to evade both users and automated analysis. DocuSign-themed phishing setup The attack starts with a targeted phishing email that pretends to come fromDocuSignand urges…
How Attackers Hide Processes by Abusing Kernel Patch Protection

Jan 8, 2026 7:02 PM

Tags: api, cyber, data, malicious, microsoft, monitoring, tool, update, windows

Security researchers have identified a sophisticated technique that allows attackers to hide malicious processes from Windows Task Manager and system monitoring tools, even on systems with Microsoft’s most advanced kernel protections enabled. The bypass leverages legitimate Windows APIs to manipulate core data structures before integrity checks can detect tampering, circumventing both PatchGuard and Hypervisor-Protected Code…
WhatsApp Worm Spreads Astaroth Banking Trojan Across Brazil via Contact Auto-Messaging

Jan 8, 2026 7:02 PM

Tags: attack, banking, cybersecurity, malicious, malware, threat, windows, worm

Cybersecurity researchers have disclosed details of a new campaign that uses WhatsApp as a distribution vector for a Windows banking trojan called Astaroth in attacks targeting Brazil.The campaign has been codenamed Boto Cor-de-Rosa by Acronis Threat Research Unit.”The malware retrieves the victim’s WhatsApp contact list and automatically sends malicious messages to each contact to further…
A Single Browser Flaw, Millions at Risk: What the Chrome WebView Vulnerability Teaches Us About Exposure Windows

Jan 8, 2026 5:01 AM

Tags: android, application-security, browser, chrome, cybersecurity, flaw, google, malicious, risk, update, vulnerability, windows

A recent security update reveals that Google patched a high-severity Chrome WebView vulnerability that could allow attackers to bypass application security restrictions and execute malicious content within Android and enterprise applications, according to Cybersecurity News. Because Chrome WebView is embedded inside countless applications, the flaw expanded risk far beyond traditional browser usage. Many organizations were…
Windows Packer pkr_mtsi Powers Widespread Malvertising Campaigns with Multiple Malware

Jan 7, 2026 10:02 PM

Tags: cyber, malware, windows

A custom Windows packer dubbed pkr_mtsi is fueling large-scale malvertising and SEO”‘poisoning campaigns that deliver a broad range of information”‘stealing and remote”‘access malware, according to new research. First observed in the wild on April 24, 2025, the packer remains active and has continuously evolved over the past eight months, while retaining a stable behavioral core that makes it…
Malicious NPM Packages Deliver NodeCordRAT

Jan 7, 2026 9:02 PM

Tags: access, api, attack, breach, browser, chrome, cloud, control, credentials, crypto, data, email, endpoint, infrastructure, linux, login, macOS, malicious, malware, network, open-source, password, powershell, rat, service, software, supply-chain, theft, threat, vulnerability, windows

IntroductionZscaler ThreatLabz regularly monitors the npm database for suspicious packages. In November 2025, ThreatLabz identified three malicious packages: bitcoin-main-lib, bitcoin-lib-js, and bip40. The bitcoin-main-lib and bitcoin-lib-js packages execute a postinstall.cjs script during installation, which installs bip40, the package that contains the malicious payload. This final payload, named NodeCordRAT by ThreatLabz, is a remote access trojan (RAT) with data-stealing capabilities. It is also possible to download bip40…
Malicious NPM Packages Deliver NodeCordRAT

Jan 7, 2026 9:02 PM

Tags: access, api, attack, breach, browser, chrome, cloud, control, credentials, crypto, data, email, endpoint, infrastructure, linux, login, macOS, malicious, malware, network, open-source, password, powershell, rat, service, software, supply-chain, theft, threat, vulnerability, windows

IntroductionZscaler ThreatLabz regularly monitors the npm database for suspicious packages. In November 2025, ThreatLabz identified three malicious packages: bitcoin-main-lib, bitcoin-lib-js, and bip40. The bitcoin-main-lib and bitcoin-lib-js packages execute a postinstall.cjs script during installation, which installs bip40, the package that contains the malicious payload. This final payload, named NodeCordRAT by ThreatLabz, is a remote access trojan (RAT) with data-stealing capabilities. It is also possible to download bip40…
Versatile Malware Loader pkr_mtsi Delivers Diverse Payloads

Jan 7, 2026 7:01 PM

Tags: malicious, malware, windows

Malicious Windows packer named pkr_mtsi used as a flexible malware loader in malvertising campaigns First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/malware-loader-pkrmtsi-payloads/
Gratis-Versprechen, teurer Fehler: Hacker kapert über Windows-Aktivierungstool tausende Krypto-Transfers

Jan 6, 2026 4:52 PM

Tags: crypto, hacker, windows

First seen on t3n.de Jump to article: t3n.de/news/windows-aktivierungstool-infiziert-pc-1724021/
Copilot, Recall, and Other AI Tools Can Be Removed from Windows 11 with New Tool

Jan 6, 2026 3:52 PM

Tags: ai, control, cyber, microsoft, tool, windows

A new community tool is giving Windows 11 users far more control over Microsoft’s growing stack of AI features. An open”‘source project called RemoveWindowsAI now lets administrators and power users disable or strip out components such as Copilot, Recall, and other AI integrations that are tightly integrated with the operating system and Microsoft apps. The tool targets…
Fake Windows BSODs check in at Europe’s hotels to con staff into running malware

Jan 6, 2026 3:52 PM

Tags: control, malware, phishing, windows

Phishers posing as Booking.com use panic-inducing blue screens to bypass security controls First seen on theregister.com Jump to article: www.theregister.com/2026/01/06/russia_hackers_hotel_bsods/
How to Set Up Azure Trusted Signing to Sign an EXE?

Jan 6, 2026 1:52 PM

Tags: antivirus, cloud, tool, windows

Introduction Code signing is no longer an optional process Windows, antivirus engines, and enterprise security tools all expect executables to be digitally signed. Previously, developers purchased an EV Code Signing Certificate, stored it on a USB token or HSM, and had to maintain it for years. Azure Trusted Signing reimagines the process with cloud-based”¦ Read…
Malware im Anmarsch: Hacker tricksen Windows-Nutzer mit Fake-Bluescreens aus

Jan 6, 2026 11:52 AM

Tags: hacker, malware, windows

Ein Bluescreen, der gleich die Problemlösung mitliefert? Zu schön, um wahr zu sein. Es droht eine gefährliche Malware-Infektion. First seen on golem.de Jump to article: www.golem.de/news/malware-im-anmarsch-hacker-tricksen-windows-nutzer-mit-fake-bluescreens-aus-2601-203847.html
Product showcase: Blokada for Android gives users control over network traffic

Jan 6, 2026 7:52 AM

Tags: android, control, macOS, network, privacy, windows

Blokada is a network privacy and ad-blocking application available on Android, iOS, Windows, macOS, and Linux. It is designed to reduce ads, block trackers, and limit unwanted … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/01/06/product-showcase-blokada-android-control-network-traffic/
ClickFix attack uses fake Windows BSOD screens to push malware

Jan 5, 2026 10:52 PM

Tags: attack, malware, social-engineering, windows

A new ClickFix social engineering campaign is targeting the hospitality sector in Europe, using fake Windows Blue Screen of Death (BSOD) screens to trick users into manually compiling and executing malware on their systems. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/clickfix-attack-uses-fake-windows-bsod-screens-to-push-malware/
Windows Users at Risk as Critical Zoom Vulnerability Exploited

Jan 5, 2026 5:52 PM

Tags: data, exploit, risk, theft, update, vulnerability, windows

A critical Zoom vulnerability put Windows users at risk of data theft and system compromise. Zoom has patched the flaw. Users should update immediately. The post Windows Users at Risk as Critical Zoom Vulnerability Exploited appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-zoom-flaw-windows-users-at-risk/
Windows 11 ohne Cloud-Zwang – Mehr Datenschutz: Windows 11 ohne Microsoft-Konto nutzen

Jan 5, 2026 12:52 PM

Tags: cloud, microsoft, windows

First seen on security-insider.de Jump to article: www.security-insider.de/mehr-datenschutz-windows-11-ohne-microsoft-konto-nutzen-a-83bbe731e453a9198535dd4b6be6025f/
Windows und Office: Aktivierungstool infiziert 2,8 Millionen Systeme mit Malware

Jan 5, 2026 11:52 AM

Tags: malware, office, windows

Ein 29-Jähriger soll unzählige PCs mit Malware verseucht haben. Opfer wurden mit einer kostenlosen Aktivierung für Windows und Office gelockt. First seen on golem.de Jump to article: www.golem.de/news/windows-und-office-aktivierungstool-infiziert-2-8-millionen-systeme-mit-malware-2601-203792.html
APT36 Uses Malicious Windows Shortcuts to Target Indian Government

Jan 2, 2026 8:52 PM

Tags: government, india, malicious, windows

APT36 is targeting Indian government entities using malicious Windows shortcut files disguised as PDFs. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/apt36-uses-malicious-windows-shortcuts-to-target-indian-government/
Transparent Tribe Launches New RAT Attacks Against Indian Government and Academia

Jan 2, 2026 3:52 PM

Tags: access, attack, control, government, india, rat, threat, windows

The threat actor known as Transparent Tribe has been attributed to a fresh set of attacks targeting Indian governmental, academic, and strategic entities with a remote access trojan (RAT) that grants them persistent control over compromised hosts.”The campaign employs deceptive delivery techniques, including a weaponized Windows shortcut (LNK) file masquerading as a legitimate PDF document…
Transparent Tribe Launches New RAT Attacks Against Indian Government and Academia

Jan 2, 2026 3:52 PM

Tags: access, attack, control, government, india, rat, threat, windows

The threat actor known as Transparent Tribe has been attributed to a fresh set of attacks targeting Indian governmental, academic, and strategic entities with a remote access trojan (RAT) that grants them persistent control over compromised hosts.”The campaign employs deceptive delivery techniques, including a weaponized Windows shortcut (LNK) file masquerading as a legitimate PDF document…
Transparent Tribe Launches New RAT Attacks Against Indian Government and Academia

Jan 2, 2026 3:52 PM

Tags: access, attack, control, government, india, rat, threat, windows

The threat actor known as Transparent Tribe has been attributed to a fresh set of attacks targeting Indian governmental, academic, and strategic entities with a remote access trojan (RAT) that grants them persistent control over compromised hosts.”The campaign employs deceptive delivery techniques, including a weaponized Windows shortcut (LNK) file masquerading as a legitimate PDF document…
Support-Ende Windows 10, Azure & Co – Diese Produkte mustert Microsoft 2026 aus

Jan 2, 2026 7:52 AM

Tags: microsoft, windows

First seen on security-insider.de Jump to article: www.security-insider.de/microsoft-support-ende-ausmusterung-2026-windows-office-azure-a-8ea68ba18b8ce897d7e6866f03c0021d/
Top 10 Cybersecurity Predictions for 2026

Jan 1, 2026 10:52 AM

Tags: access, ai, api, application-security, attack, authentication, automation, awareness, backdoor, backup, best-practice, blockchain, breach, business, ceo, china, ciso, cloud, communications, compliance, computer, computing, conference, control, corporate, crypto, cryptography, cyber, cyberattack, cybercrime, cybersecurity, data, data-breach, deep-fake, defense, detection, disinformation, email, encryption, espionage, exploit, extortion, finance, fraud, governance, government, group, hacker, hacking, healthcare, identity, incident response, infrastructure, intelligence, Internet, iran, korea, law, linkedin, LLM, malicious, malware, mfa, military, monitoring, msp, mssp, network, nist, north-korea, organized, phishing, privacy, programming, ransom, ransomware, regulation, risk, risk-management, russia, scam, service, skills, soc, social-engineering, software, strategy, supply-chain, tactics, technology, theft, threat, tool, training, ukraine, update, vulnerability, vulnerability-management, warfare, windows, zero-day

Top 10 Cybersecurity Predictions for 2026 The year AI changes cybersecurity forever Cybersecurity predictions are an opportunity to look forward instead of back, to be proactive instead of reactive, and to consider how changes in attackers, technology, and the security industry will impact the sustainability of managing cyber risks. Gaining future insights to the threats, targets,…
APT36 Targets Indian Government Systems Using Malicious Windows LNK Files

Dec 31, 2025 6:52 PM

Tags: cyber, detection, espionage, government, india, infection, malicious, threat, windows

A sophisticated cyber-espionage operation attributed to APT36, also known as Transparent Tribe, has been identified targeting Indian governmental, academic, and strategic entities through weaponized Windows shortcut files designed to evade detection and establish persistent remote access. The Pakistan-aligned threat actor deployed a deceptive LNK-based infection chain that leverages trusted system binaries and fileless execution techniques…
New AI-Enhanced Crypter Promoted as Capable of Evading Windows Defender

Dec 31, 2025 6:51 AM

Tags: ai, cyber, cybersecurity, dark-web, endpoint, malware, threat, tool, windows

Cybersecurity researchers have spotted a new high-sophistication malware loader being advertised on dark web forums, marketed as a commercial solution for evading modern endpoint protection. The tool, dubbed InternalWhisper x ImpactSolutions, is being promoted by a threat actor known as >>ImpactSolutions.
Aufrüsten oder neu kaufen? 10-Support-Ende: Viele Nutzer vor Geräte-Neukauf

Dec 29, 2025 2:55 PM

Tags: windows

First seen on security-insider.de Jump to article: www.security-insider.de/windows-10-support-ende-viele-nutzer-vor-geraete-neukauf-a-9e870edd7f707dd86da0b5bdfdb097c2/
Aufrüsten oder neu kaufen? 10-Support-Ende: Viele Nutzer vor Geräte-Neukauf

Dec 29, 2025 2:55 PM

Tags: windows

First seen on security-insider.de Jump to article: www.security-insider.de/windows-10-support-ende-viele-nutzer-vor-geraete-neukauf-a-9e870edd7f707dd86da0b5bdfdb097c2/