-
Cybersecurity researchers at Tier Zero Security have released a specialised Beacon Object File (BOF) tool that exploits a critical weakness in Microsoft Teams cookie encryption, enabling attackers to steal user chat messages and other sensitive communi…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Multiple vulnerabilities in Microsoft’s Graphics Device Interface (GDI), a core component of the Windows operating system responsible for rendering graphics. These flaws, discovered by Check Point through an intensive fuzzing campaign targeting Enhanced Metafile (EMF) formats, could enable remote attackers to execute arbitrary code or steal sensitive data. The issues were responsibly disclosed to Microsoft […] The post Windows Graphics Vulnerabilities Allow Remote Attackers to Execute Arbitrary Code appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A Ukrainian national accused of participating in one of the most damaging ransomware campaigns in history has been extradited from Ireland to face charges in the United States. Oleksii Oleksiyovych Lytvynenko, 43, appeared in federal court in Tennessee…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Microsoft has acknowledged a persistent bug affecting Windows 11 versions 24H2 and 25H2 that prevents Task Manager from properly terminating when users close the application. The issue causes multiple instances of the system monitoring tool to accumula…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A specialized Beacon Object File (BOF) designed to extract authentication cookies from Microsoft Teams without disrupting the application. This development builds on recent findings that expose how Teams stores sensitive access tokens, potentially allowing attackers to impersonate users and access chats, emails, and documents. The tool, released by Tier Zero Security, adapts an existing browser […] The post New BOF Tool Exploits Microsoft Teams’ Cookie Encryption allowing Attackers to Access User Chats appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Security researcher TwoSevenOneT has released EDR-Redir V2, an upgraded evasion tool that exploits Windows bind link technology to bypass endpoint detection and response solutions on Windows 11. The new version demonstrates a sophisticated approach to …
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
OpenAI has announced the launch of Aardvark, an autonomous AI security agent powered by GPT-5 that aims to revolutionize how organizations discover and fix software vulnerabilities. The new tool, currently available in private beta, represents a signif…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Privacy-focused technology company Proton has issued a warning about the escalating data breach crisis, revealing that hundreds of millions of stolen login credentials are actively circulating on the dark web. Through its Data Breach Observatory initia…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
This week’s cybersecurity roundup highlights escalating threats from misconfigurations, software flaws, and advanced malware. Key incidents demand immediate attention from IT teams and executives. ISC patched CVE-2025-5470 in BIND 9 (versions 9.16.0–9.18.26), a DoS vulnerability (CVSS 8.6) allowing server crashes through malformed DNS queries. It risks amplification attacks on global infrastructure—update DNS servers urgently. Google […] The post Cybersecurity News Weekly Newsletter – EY Data Leak, Bind 9, Chrome Vulnerability, and Aardvar ChatGPT Agent appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
An upgraded release of tool EDR-Redir V2, designed to evade Endpoint Detection and Response (EDR) systems by exploiting Windows bind link technology in a novel way. According to the researcher TwoSevenOneT, the version targets the parent directories of EDR installations, such as Program Files, to create redirection loops that blind security software without disrupting legitimate […] The post New EDR-Redir V2 Blinds Windows Defender on Windows 11 With Fake Program Files appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
