-
A sophisticated malvertising campaign has been uncovered targeting unsuspecting users through “dangling commits” in a legitimate GitHub repository. Attackers are injecting promotional content for a counterfeit GitHub Desktop installer into popular deve…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A new kernel address leak vulnerability has been discovered in the latest versions of Windows 11 (24H2) and Windows Server 2022 (24H2). The flaw, identified as CVE-2025-53136, was ironically introduced by a Microsoft patch intended to fix a separate vulnerability, CVE-2024-43511. According to Crowdfense, the new bug undermines recent security enhancements in Windows, providing a […] The post Microsoft Patch for Old Flaw Reveals New Kernel Address Leak Vulnerability in Windows 11/Server 2022 24H2 appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Backdoor malware is a covert type of malicious software designed to bypass standard authentication mechanisms and provide persistent, unauthorized access to compromised systems. Unlike conventional malware that prioritizes immediate damage or data thef…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A new, sophisticated malware campaign has been uncovered that leverages Microsoft’s Azure Functions for its command-and-control (C2) infrastructure, a novel technique that complicates detection and takedown efforts. According to the Dmpdump report, the malware, first identified from a file uploaded to VirusTotal on August 28, 2025, from Malaysia, employs a multi-stage infection process involving DLL […] The post New Malware Using Azure Functions For Hosting Command And Control Infrastructure appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Recent threat campaigns have revealed an evolving use of BAT-based loaders to deliver Remote Access Trojans (RATs), including XWorm and Remcos. These campaigns typically begin with a ZIP archive—often hosted on seemingly legitimate platforms such as Im…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Microsoft has addressed four elevation of privilege vulnerabilities in its Windows Defender Firewall service, all rated as “Important” in severity. The security flaws were detailed in Microsoft’s September 9, 2025, security update release. If exploited, these vulnerabilities could allow an authenticated attacker to gain higher privileges on an affected system. The four vulnerabilities are tracked […] The post Windows Defender Firewall Vulnerabilities Let Attackers Escalate Privileges appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
In a striking evolution of its tactics, the Sidewinder advanced persistent threat (APT) group—also known as APT-C-24 or “Rattlesnake”—has adopted a novel delivery mechanism leveraging Windows shortcut (LNK) files to orchestrate complex, multi-stage int…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A critical security vulnerability has been discovered in the popular Axios HTTP client library that allows attackers to crash Node.js applications through malicious data URL handling. The flaw, tracked as CVE-2025-58754, affects all versions of Axios b…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Microsoft has officially announced a multi-phase plan to deprecate VBScript in Windows, a move that signals a significant shift for developers, particularly those working with Visual Basic for Applications (VBA). The change, first detailed in May 2024, will gradually phase out the legacy scripting language, requiring developers to adapt their projects to ensure future compatibility. […] The post Microsoft To Depreciate VBScript In Windows Warns Developers To Adapt Their Projects appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Apple has issued a warning regarding highly sophisticated “mercenary spyware” attacks targeting a select group of its users. The company’s threat notification system is designed to alert and support individuals who may have been targeted due to their profession or public profile, such as journalists, activists, politicians, and diplomats, CERT-FR said. These attacks are far […] The post Apple Warns Of Series Mercenary Spyware Attacks Targeting Users Devices appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
