MSHTML
-
HijackLoader Evolves: Researchers Decode the Latest Evasion Methods
The threat actors behind a loader malware called HijackLoader have added new techniques for defense evasion, as the malware continues…
Read More » -
Beware: Experts Reveal New Details on Zero-Click Outlook RCE Exploits
Technical details have emerged about two now-patched security flaws in Microsoft Windows that could be chained by threat actors to…
Read More » -
Microsoft’s Final 2023 Patch Tuesday: 33 Flaws Fixed, Including 4 Critical
Microsoft released its final set of Patch Tuesday updates for 2023, closing out 33 flaws in its software, making it…
Read More » -
Hackers Using MSIX App Packages to Infect Windows PCs with GHOSTPULSE Malware
A new cyber attack campaign has been observed using spurious MSIX Windows app package files for popular software such as…
Read More » -
Microsoft Releases Patch for Two New Actively Exploited Zero-Days Flaws
Microsoft has released software fixes to remediate 59 bugs spanning its product portfolio, including two zero-day flaws that have been…
Read More » -
Microsoft Releases Patches for 132 Vulnerabilities, Including 6 Under Active Attack
Microsoft on Tuesday released updates to address a total of 132 new security flaws spanning its software, including six zero-day…
Read More » -
Experts Detail New Zero-Click Windows Vulnerability for NTLM Credential Theft
Cybersecurity researchers have shared details about a now-patched security flaw in Windows MSHTML platform that could be abused to bypass…
Read More » -
Hackers Using PowerPoint Mouseover Trick to Infect System with Malware
The Russian state-sponsored threat actor known as APT28 has been found leveraging a new code execution method that makes use…
Read More » -
Hackers Increasingly Using ‘Browser-in-the-Browser’ Technique in Ukraine Related Attacks
A Belarusian threat actor known as Ghostwriter (aka UNC1151) has been spotted leveraging the recently disclosed browser-in-the-browser (BitB) technique as…
Read More » -
Google Uncovers ‘Initial Access Broker’ Working with Conti Ransomware Gang
Google’s Threat Analysis Group (TAG) took the wraps off a new initial access broker that it said is closely affiliated…
Read More »