Windows

Patch Tuesday: Microsoft fixes actively exploited Windows kernel vulnerability (CVE-2025-62215)

Don't miss, Hot stuff, Immersive, Ivanti, Microsoft, MS Office, News, Patch Tuesday, Rapid7, security update, Trend Micro, Windows /

Patch Tuesday: Microsoft fixes actively exploited Windows kernel vulnerability (CVE-2025-62215) 2025-11-12 at 14:44 By Zeljka Zorz Microsoft has delivered a rather light load of patches for November 2025 Patch Tuesday: some 60+ vulnerabilities have received a fix, among them an actively exploited Windows Kernel flaw (CVE-2025-62215). CVE-2025-62215 CVE-2025-62215 is a memory corruption issue that stems […]

Patch Tuesday: Microsoft fixes actively exploited Windows kernel vulnerability (CVE-2025-62215) Read More »

ProxyBridge: Open-source proxy routing for Windows applications

Don't miss, GitHub, News, open source, Proxy, software, Windows /

ProxyBridge: Open-source proxy routing for Windows applications 2025-11-12 at 10:44 By Sinisa Markovic ProxyBridge is a lightweight, open-source tool that lets Windows users route network traffic from specific applications through SOCKS5 or HTTP proxies. It can redirect both TCP and UDP traffic and gives users the option to route, block, or allow connections on a

ProxyBridge: Open-source proxy routing for Windows applications Read More »

Microsoft Patches Actively Exploited Windows Kernel Zero-Day

exploited, Featured, Vulnerabilities, vulnerability, Windows, Zero-Day /

Microsoft Patches Actively Exploited Windows Kernel Zero-Day 2025-11-11 at 23:07 By Eduard Kovacs Microsoft’s latest Patch Tuesday updates address more than 60 vulnerabilities in Windows and other products. The post Microsoft Patches Actively Exploited Windows Kernel Zero-Day appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Microsoft Patches Actively Exploited Windows Kernel Zero-Day Read More »

Unpatched Windows vulnerability continues to be exploited by APTs (CVE-2025-9491)

Arctic Wolf Networks, China, cyber espionage, Don't miss, government-backed attacks, Hot stuff, News, Trend Micro, vulnerability, Windows /

Unpatched Windows vulnerability continues to be exploited by APTs (CVE-2025-9491) 2025-10-31 at 17:09 By Zeljka Zorz A Windows vulnerability (CVE-2025-9491, aka ZDI-CAN-25373) that state-sponsored threat actors and cybercrime groups have been quietly leveraging since at least 2017 continues to be exploited for attacks. “Arctic Wolf Labs assesses with high confidence that [the campaign they detected]

Unpatched Windows vulnerability continues to be exploited by APTs (CVE-2025-9491) Read More »

Chinese APT Exploits Unpatched Windows Flaw in Recent Attacks

China APT, Europe, exploited, LNK, Malware, Malware & Threats, Windows /

Chinese APT Exploits Unpatched Windows Flaw in Recent Attacks 2025-10-31 at 12:37 By Ionut Arghire The Windows shortcut vulnerability has been seen in attacks conducted by Mustang Panda to drop the PlugX malware. The post Chinese APT Exploits Unpatched Windows Flaw in Recent Attacks appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

Chinese APT Exploits Unpatched Windows Flaw in Recent Attacks Read More »

Italian-made spyware Dante linked to Chrome zero-day exploitation campaign

0-day, APT, Chrome, Don't miss, exploit, Hacking Team, Hot stuff, Kaspersky, Memento Labs, News, spyware, Windows /

Italian-made spyware Dante linked to Chrome zero-day exploitation campaign 2025-10-28 at 16:28 By Zeljka Zorz CVE-2025-2783, a Chrome zero-day vulnerability that was detected being exploited in March 2025 and was subsequently fixed by Google, was used by unknown attackers to deliver LeetAgent, suspected commercial spyware. An analysis of the malware’s code and the campaign’s infrastructure

Italian-made spyware Dante linked to Chrome zero-day exploitation campaign Read More »

Critical Windows Server WSUS Vulnerability Exploited in the Wild 

CVE-2025-59287, exploited, Featured, Microsoft, Vulnerabilities, Windows, Windows Server, Wsus /

Critical Windows Server WSUS Vulnerability Exploited in the Wild  2025-10-24 at 17:56 By Eduard Kovacs CVE-2025-59287 allows a remote, unauthenticated attacker to execute arbitrary code and a PoC exploit is available. The post Critical Windows Server WSUS Vulnerability Exploited in the Wild  appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original

Critical Windows Server WSUS Vulnerability Exploited in the Wild  Read More »

Microsoft blocks risky file previews in Windows File Explorer

credentials, Don't miss, Hot stuff, News, Windows /

Microsoft blocks risky file previews in Windows File Explorer 2025-10-24 at 15:38 By Zeljka Zorz Along with fixing many code-based vulnerabilities, the October 2025 Windows updates also change how File Explorer handles files downloaded from the internet. The change affects the file management tool’s Preview Pane, which lets users see the contents of a file

Microsoft blocks risky file previews in Windows File Explorer Read More »

Microsoft Disables Downloaded File Previews to Block NTLM Hash Leaks

Endpoint Security, File Explorer, Microsoft, NTLM, preview, Security Feature, Windows /

Microsoft Disables Downloaded File Previews to Block NTLM Hash Leaks 2025-10-24 at 15:38 By Ionut Arghire In files downloaded from the internet, HTML tags referencing external paths could be used to leak NTLM hashes during file previews. The post Microsoft Disables Downloaded File Previews to Block NTLM Hash Leaks appeared first on SecurityWeek. This article

Microsoft Disables Downloaded File Previews to Block NTLM Hash Leaks Read More »

CISA warns of Windows SMB flaw under active exploitation (CVE-2025-33073)

CISA, Don't miss, GuidePoint Security, Hot stuff, News, PoC, Synacktiv, WatchTowr, Windows, Windows Server /

CISA warns of Windows SMB flaw under active exploitation (CVE-2025-33073) 2025-10-21 at 19:13 By Zeljka Zorz CVE-2025-33073, a Windows SMB Client vulnerability that Microsoft fixed in June 2025, is being exploited by attackers. The confirmation comes from the Cybersecurity and Infrastructure Security Agency (CISA), which has added the flaw to its Known Exploited Vulnerabilities catalog,

CISA warns of Windows SMB flaw under active exploitation (CVE-2025-33073) Read More »

Microsoft patches three zero-days actively exploited by attackers

0patch, Don't miss, drivers, Hot stuff, Immersive, Microsoft, Microsoft Exchange, MS Office, News, Patch Tuesday, Tenable, Trend Micro, Windows /

Microsoft patches three zero-days actively exploited by attackers 2025-10-15 at 13:18 By Zeljka Zorz On October 2025 Patch Tuesday, Microsoft released fixes for 175+ vulnerabilities, including three zero-days under active attack: CVE-2025-24990, CVE-2025-59230, and CVE-2025-47827. The actively exploited vulnerabilities are an unusual mix CVE-2025-24990 is in the third-party driver (ltmdm64.sys) for the software-based Agere Modem,

Microsoft patches three zero-days actively exploited by attackers Read More »

Windows 10 Still on Over 40% of Devices as It Reaches End of Support

Endpoint Security, Featured, Microsoft, Windows, Windows 10, Windows 10 EOS /

Windows 10 Still on Over 40% of Devices as It Reaches End of Support 2025-10-14 at 13:03 By Eduard Kovacs Users can continue receiving important security updates for Windows 10 by enrolling in the ESU program. The post Windows 10 Still on Over 40% of Devices as It Reaches End of Support appeared first on

Windows 10 Still on Over 40% of Devices as It Reaches End of Support Read More »

Google Drive for desktop will spot, stop and remedy ransomware damage

cloud storage, Don't miss, Encryption, Google, Google Drive, Hot stuff, macOS, News, Ransomware, Windows /

Google Drive for desktop will spot, stop and remedy ransomware damage 2025-10-01 at 16:33 By Zeljka Zorz Google has rolled out AI-powered ransomware detection and file restoration features in Drive for desktop, Google’s official file syncing and access app for Windows and macOS. Currently in open beta, this new layer of defense is not meant

Google Drive for desktop will spot, stop and remedy ransomware damage Read More »

European Windows 10 users get an additional year of free security updates

consumer, Don't miss, Europe, Hot stuff, Microsoft, News, security update, Windows /

European Windows 10 users get an additional year of free security updates 2025-09-25 at 21:26 By Zeljka Zorz Windows 10 users in the European Economic Area (EEA) will be able to receive extended security updates until October 14, 2026, without having to pay for them or to back up their settings, apps, or credentials to

European Windows 10 users get an additional year of free security updates Read More »

Win-DDoS: Attackers can turn public domain controllers into DDoS agents

DDoS, Don't miss, DoS, enterprise, Hot stuff, News, SafeBreach, vulnerability, Windows, Windows Server /

Win-DDoS: Attackers can turn public domain controllers into DDoS agents 2025-08-11 at 16:02 By Zeljka Zorz SafeBreach researchers have released details on several vulnerabilities that could be exploited by attackers to crash Windows Active Directory domain controllers (DCs), one one of which (CVE-2025-32724) can also be leveraged to force public DCs to participate in distributed

Win-DDoS: Attackers can turn public domain controllers into DDoS agents Read More »

Microsoft rolls out Windows 11 “quick recovery” feature

automation, consumer, Don't miss, enterprise, Hot stuff, News, SMBs, Windows /

Microsoft rolls out Windows 11 “quick recovery” feature 2025-07-23 at 18:31 By Zeljka Zorz With the latest Windows 11 update, Microsoft is saying goodbye to the infamous “Blue Screen of Death” and has enabled the quick machine recovery feature by default for Home users. “For nearly four decades, the blue screen shown during an unexpected

Microsoft rolls out Windows 11 “quick recovery” feature Read More »

Microsoft fixes critical wormable Windows flaw (CVE-2025-47981)

Don't miss, Hot stuff, Ivanti, Microsoft Edge, MS Office, News, Patch Tuesday, Qualys, SharePoint, Tenable, Trend Micro, Windows, Windows Server /

Microsoft fixes critical wormable Windows flaw (CVE-2025-47981) 2025-07-09 at 14:31 By Zeljka Zorz For July 2025 Patch Tuesday, Microsoft has released patches for 130 vulnerabilities, among them one that’s publicly disclosed (CVE-2025-49719) and a wormable RCE bug on Windows and Windows Server (CVE-2025-47981). CVE-2025-49719 and CVE-2025-49717, in Microsoft SQL Server CVE-2025-49719 is an uninitialized memory

Microsoft fixes critical wormable Windows flaw (CVE-2025-47981) Read More »

Windows’ Infamous ‘Blue Screen of Death’ Will Soon Turn Black

BSOD, Endpoint Security, Featured, Microsoft, Windows /

Windows’ Infamous ‘Blue Screen of Death’ Will Soon Turn Black 2025-06-27 at 19:43 By Associated Press After more than 40 years of being set against a very recognizable blue, the updated error message will soon be displayed across a black background. The post Windows’ Infamous ‘Blue Screen of Death’ Will Soon Turn Black appeared first

Windows’ Infamous ‘Blue Screen of Death’ Will Soon Turn Black Read More »

Microsoft to Preview New Windows Endpoint Security Platform After CrowdStrike Outage 

CrowdStrike, Endpoint Security, kernel, Microsoft, Windows /

Microsoft to Preview New Windows Endpoint Security Platform After CrowdStrike Outage  2025-06-27 at 14:50 By Eduard Kovacs Microsoft is preparing a private preview of new Windows endpoint security platform capabilities to help antimalware vendors create solutions that run outside the kernel. The post Microsoft to Preview New Windows Endpoint Security Platform After CrowdStrike Outage  appeared

Microsoft to Preview New Windows Endpoint Security Platform After CrowdStrike Outage  Read More »

Microsoft Offers Free Windows 10 Extended Security Update Options as EOS Nears

Endpoint Security, ESU, Extended Security Updates, Microsoft, Windows, Windows ESU /

Microsoft Offers Free Windows 10 Extended Security Update Options as EOS Nears 2025-06-25 at 16:29 By Eduard Kovacs With end of support scheduled for October 2025, Windows 10 users will be able to continue receiving important security updates.  The post Microsoft Offers Free Windows 10 Extended Security Update Options as EOS Nears appeared first on

Microsoft Offers Free Windows 10 Extended Security Update Options as EOS Nears Read More »

Scroll to Top