Windows
-
Hackers Abuse Legitimate Inno Setup Installer to Deliver Malware
Cybercriminals are increasingly weaponizing legitimate software installer frameworks like Inno Setup to distribute malware, turning user-friendly tools into covert vehicles…
Read More » -
Surge in LNK File Weaponization by 50%, Fueling Four Major Malware Types
The weaponization of Windows shortcut (LNK) files for malware distribution has increased by an astounding 50%, according to telemetry data,…
Read More » -
New DEVMAN Ransomware by DragonForce Targets Windows 10 and 11 Users
A new ransomware variant, dubbed DEVMAN, has surfaced in the cyberthreat landscape, showcasing a complex lineage tied to the notorious…
Read More » -
Critical Vulnerability in Microsens Devices Exposes Systems to Hackers
A series of critical vulnerabilities have been discovered in MICROSENS NMP Web+, a widely used network management platform for industrial…
Read More » -
Hackers Deliver Remcos Malware Via .pif Files and UAC Bypass in Windows
A sophisticated phishing campaign has emerged, distributing the notorious Remcos Remote Access Trojan (RAT) through the DBatLoader malware. This attack…
Read More » -
Microsoft Teams to Auto-Detect Work Location Using Company Wi-Fi
Microsoft Teams is set to introduce a new feature that will automatically detect and set users’ work locations when they…
Read More » -
TeamViewer for Windows Vulnerability Lets Hackers Delete Files with SYSTEM Rights
A critical security vulnerability has been discovered in TeamViewer Remote Management for Windows, exposing systems to potential privilege escalation attacks.…
Read More » -
WinRAR Vulnerability Exploited with Malicious Archives to Execute Code
A newly disclosed vulnerability in RARLAB’s WinRAR, the widely used file compression utility for Windows, has put millions of users…
Read More » -
OpenVPN Driver Vulnerability Let Attackers Crash Windows Systems
Network administrators and cybersecurity experts will be pleased to learn that OpenVPN 2.7_alpha2 will be released on June 19, 2025,…
Read More » -
Prometei Botnet Targets Linux Servers for Cryptocurrency Mining Operations
Unit 42 researchers from Palo Alto Networks have identified a renewed wave of attacks by the Prometei botnet, specifically targeting…
Read More » -
Veeam Vulnerabilities Expose Backup Servers to Remote Attacks
Veeam, a leading provider of data protection and backup solutions, disclosed three critical vulnerabilities affecting its widely deployed backup software.…
Read More » -
New Sorillus RAT Targets European Organizations Through Tunneling Services
An important development discovered in March 2025 by Orange Cyberdefense’s Managed Threat Detection teams in Belgium was that a European…
Read More » -
Apache Tomcat Flaws Allow Auth Bypass and DoS Attacks
The Apache Software Foundation has released critical security updates to address four newly discovered vulnerabilities in Apache Tomcat, one of…
Read More » -
Acer Control Center Flaw Lets Attackers Run Malicious Code as Elevated User
A critical security flaw (CVE-2025-5491) in Acer ControlCenter allows remote attackers to execute arbitrary code with NT AUTHORITY\SYSTEM privileges via…
Read More » -
Microsoft Defender Spoofing Flaw Enables Privilege Escalation and AD Access
A newly disclosed spoofing vulnerability (CVE-2025-26685) in Microsoft Defender for Identity (MDI) enables unauthenticated attackers to capture Net-NTLM hashes of…
Read More » -
Spring Framework Flaw Enables Remote File Disclosure via “Content‑Disposition” Header
A medium-severity reflected file download (RFD) vulnerability (CVE-2025-41234) in VMware’s Spring Framework has been patched, affecting multiple versions of the…
Read More » -
NIST Releases New Guide – 19 Strategies for Building Zero Trust Architectures
The National Institute of Standards and Technology (NIST) has released groundbreaking guidance to help organizations implement Zero Trust Architectures (ZTAs)…
Read More » -
Microsoft Patch Tuesday June 2025 – 66 Vulnerabilities Patched Including 2 Zero-Day
Microsoft has released its June 2025 Patch Tuesday security updates, addressing a total of 66 vulnerabilities across its software ecosystem.…
Read More »