Windows

Attackers use Windows App-V scripts to slip infostealer past enterprise defenses

Attackers use Windows App-V scripts to slip infostealer past enterprise defenses 2026-01-27 at 17:17 By Zeljka Zorz A malware delivery campaign detailed by Blackpoint researchers employs an impressive array of tricks to deliver an infostealer to employees without triggering enterprise defenses or close examination by security researchers. The attackers aim to get the Amatera Stealer […]

Attackers use Windows App-V scripts to slip infostealer past enterprise defenses Read More »

Microsoft introduces winapp, an open-source CLI for building Windows apps

Microsoft introduces winapp, an open-source CLI for building Windows apps 2026-01-23 at 07:24 By Anamarija Pogorelec Microsoft has released winapp, a new command line interface aimed at simplifying the process of building Windows applications. The open-source tool targets developers who rely on terminal based workflows and want a consistent way to create, configure, and manage

Microsoft introduces winapp, an open-source CLI for building Windows apps Read More »

Microsoft Patches Exploited Windows Zero-Day, 111 Other Vulnerabilities

Microsoft Patches Exploited Windows Zero-Day, 111 Other Vulnerabilities 2026-01-13 at 21:52 By Eduard Kovacs Two vulnerabilities patched this month by Microsoft were disclosed publicly before fixes were released. The post Microsoft Patches Exploited Windows Zero-Day, 111 Other Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Microsoft Patches Exploited Windows Zero-Day, 111 Other Vulnerabilities Read More »

40 open-source tools redefining how security teams secure the stack

40 open-source tools redefining how security teams secure the stack 2025-12-11 at 09:07 By Anamarija Pogorelec Open source security software has become a key way for teams to get flexibility, transparency, and capability without licensing costs. The free tools in this roundup address problems security teams deal with, from managing large environments to catching misconfigurations

40 open-source tools redefining how security teams secure the stack Read More »

Microsoft Patches 57 Vulnerabilities, Three Zero-Days

Microsoft Patches 57 Vulnerabilities, Three Zero-Days 2025-12-10 at 00:44 By Ionut Arghire Microsoft has addressed a Windows vulnerability exploited as zero-day that allows attackers to obtain System privileges. The post Microsoft Patches 57 Vulnerabilities, Three Zero-Days appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Microsoft Patches 57 Vulnerabilities, Three Zero-Days Read More »

Microsoft Silently Mitigated Exploited LNK Vulnerability

Microsoft Silently Mitigated Exploited LNK Vulnerability 2025-12-03 at 14:35 By Ionut Arghire Windows now displays in the properties tab of LNK files critical information that could reveal malicious code. The post Microsoft Silently Mitigated Exploited LNK Vulnerability appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Microsoft Silently Mitigated Exploited LNK Vulnerability Read More »

Fake “Windows Update” screens fuels new wave of ClickFix attacks

Fake “Windows Update” screens fuels new wave of ClickFix attacks 2025-11-25 at 15:02 By Zeljka Zorz A convincing (but fake) “Windows Update” screen can be the perfect lure for tricking users into infecting their computers with malware. Add a multi-stage delivery chain with some offbeat techniques, and infostealer operators have everything they need to slip

Fake “Windows Update” screens fuels new wave of ClickFix attacks Read More »

Microsoft Highlights Security Risks Introduced by New Agentic AI Feature

Microsoft Highlights Security Risks Introduced by New Agentic AI Feature 2025-11-24 at 15:32 By Ionut Arghire Without proper security controls, AI agents could perform malicious actions, such as data exfiltration and malware installation. The post Microsoft Highlights Security Risks Introduced by New Agentic AI Feature appeared first on SecurityWeek. This article is an excerpt from

Microsoft Highlights Security Risks Introduced by New Agentic AI Feature Read More »

7-Zip vulnerability is being actively exploited, NHS England warns (CVE-2025-11001)

7-Zip vulnerability is being actively exploited, NHS England warns (CVE-2025-11001) 2025-11-19 at 16:46 By Zeljka Zorz NHS England Digital, the technology arm of the publicly-funded health service for England, has issued a warning about a 7-Zip vulnerability (CVE-2025-11001) being exploited by attackers. “Active exploitation of CVE-2025-11001 has been observed in the wild,” the alert says,

7-Zip vulnerability is being actively exploited, NHS England warns (CVE-2025-11001) Read More »

Patch Tuesday: Microsoft fixes actively exploited Windows kernel vulnerability (CVE-2025-62215)

Patch Tuesday: Microsoft fixes actively exploited Windows kernel vulnerability (CVE-2025-62215) 2025-11-12 at 14:44 By Zeljka Zorz Microsoft has delivered a rather light load of patches for November 2025 Patch Tuesday: some 60+ vulnerabilities have received a fix, among them an actively exploited Windows Kernel flaw (CVE-2025-62215). CVE-2025-62215 CVE-2025-62215 is a memory corruption issue that stems

Patch Tuesday: Microsoft fixes actively exploited Windows kernel vulnerability (CVE-2025-62215) Read More »

ProxyBridge: Open-source proxy routing for Windows applications

ProxyBridge: Open-source proxy routing for Windows applications 2025-11-12 at 10:44 By Sinisa Markovic ProxyBridge is a lightweight, open-source tool that lets Windows users route network traffic from specific applications through SOCKS5 or HTTP proxies. It can redirect both TCP and UDP traffic and gives users the option to route, block, or allow connections on a

ProxyBridge: Open-source proxy routing for Windows applications Read More »

Microsoft Patches Actively Exploited Windows Kernel Zero-Day

Microsoft Patches Actively Exploited Windows Kernel Zero-Day 2025-11-11 at 23:07 By Eduard Kovacs Microsoft’s latest Patch Tuesday updates address more than 60 vulnerabilities in Windows and other products. The post Microsoft Patches Actively Exploited Windows Kernel Zero-Day appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Microsoft Patches Actively Exploited Windows Kernel Zero-Day Read More »

Unpatched Windows vulnerability continues to be exploited by APTs (CVE-2025-9491)

Unpatched Windows vulnerability continues to be exploited by APTs (CVE-2025-9491) 2025-10-31 at 17:09 By Zeljka Zorz A Windows vulnerability (CVE-2025-9491, aka ZDI-CAN-25373) that state-sponsored threat actors and cybercrime groups have been quietly leveraging since at least 2017 continues to be exploited for attacks. “Arctic Wolf Labs assesses with high confidence that [the campaign they detected]

Unpatched Windows vulnerability continues to be exploited by APTs (CVE-2025-9491) Read More »

Chinese APT Exploits Unpatched Windows Flaw in Recent Attacks

Chinese APT Exploits Unpatched Windows Flaw in Recent Attacks 2025-10-31 at 12:37 By Ionut Arghire The Windows shortcut vulnerability has been seen in attacks conducted by Mustang Panda to drop the PlugX malware. The post Chinese APT Exploits Unpatched Windows Flaw in Recent Attacks appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

Chinese APT Exploits Unpatched Windows Flaw in Recent Attacks Read More »

Italian-made spyware Dante linked to Chrome zero-day exploitation campaign

Italian-made spyware Dante linked to Chrome zero-day exploitation campaign 2025-10-28 at 16:28 By Zeljka Zorz CVE-2025-2783, a Chrome zero-day vulnerability that was detected being exploited in March 2025 and was subsequently fixed by Google, was used by unknown attackers to deliver LeetAgent, suspected commercial spyware. An analysis of the malware’s code and the campaign’s infrastructure

Italian-made spyware Dante linked to Chrome zero-day exploitation campaign Read More »

Critical Windows Server WSUS Vulnerability Exploited in the Wild 

Critical Windows Server WSUS Vulnerability Exploited in the Wild  2025-10-24 at 17:56 By Eduard Kovacs CVE-2025-59287 allows a remote, unauthenticated attacker to execute arbitrary code and a PoC exploit is available. The post Critical Windows Server WSUS Vulnerability Exploited in the Wild  appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original

Critical Windows Server WSUS Vulnerability Exploited in the Wild  Read More »

Microsoft blocks risky file previews in Windows File Explorer

Microsoft blocks risky file previews in Windows File Explorer 2025-10-24 at 15:38 By Zeljka Zorz Along with fixing many code-based vulnerabilities, the October 2025 Windows updates also change how File Explorer handles files downloaded from the internet. The change affects the file management tool’s Preview Pane, which lets users see the contents of a file

Microsoft blocks risky file previews in Windows File Explorer Read More »

Microsoft Disables Downloaded File Previews to Block NTLM Hash Leaks

Microsoft Disables Downloaded File Previews to Block NTLM Hash Leaks 2025-10-24 at 15:38 By Ionut Arghire In files downloaded from the internet, HTML tags referencing external paths could be used to leak NTLM hashes during file previews. The post Microsoft Disables Downloaded File Previews to Block NTLM Hash Leaks appeared first on SecurityWeek. This article

Microsoft Disables Downloaded File Previews to Block NTLM Hash Leaks Read More »

CISA warns of Windows SMB flaw under active exploitation (CVE-2025-33073)

CISA warns of Windows SMB flaw under active exploitation (CVE-2025-33073) 2025-10-21 at 19:13 By Zeljka Zorz CVE-2025-33073, a Windows SMB Client vulnerability that Microsoft fixed in June 2025, is being exploited by attackers. The confirmation comes from the Cybersecurity and Infrastructure Security Agency (CISA), which has added the flaw to its Known Exploited Vulnerabilities catalog,

CISA warns of Windows SMB flaw under active exploitation (CVE-2025-33073) Read More »

Microsoft patches three zero-days actively exploited by attackers

Microsoft patches three zero-days actively exploited by attackers 2025-10-15 at 13:18 By Zeljka Zorz On October 2025 Patch Tuesday, Microsoft released fixes for 175+ vulnerabilities, including three zero-days under active attack: CVE-2025-24990, CVE-2025-59230, and CVE-2025-47827. The actively exploited vulnerabilities are an unusual mix CVE-2025-24990 is in the third-party driver (ltmdm64.sys) for the software-based Agere Modem,

Microsoft patches three zero-days actively exploited by attackers Read More »

Scroll to Top