-
Microsoft has addressed a critical privilege escalation vulnerability affecting Windows environments worldwide. Attackers can exploit misconfigured Service Principal Names (SPNs) combined with Kerberos reflection attacks to gain SYSTEM-level access on …
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Microsoft addressed a critical race condition vulnerability affecting its Windows Cloud Files Minifilter driver in October 2025. The flaw, assigned CVE-2025-55680, was originally discovered in March 2024 and represents a significant security concern fo…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Microsoft has patched a critical race condition vulnerability in its Windows Cloud Files Minifilter driver, known as CVE-2025-55680, which enables local attackers to escalate privileges and create arbitrary files across the system. Discovered by researchers at Exodus Intelligence in March 2024, the flaw was addressed in the October 2025 Patch Tuesday updates, earning a CVSS […] The post Microsoft Windows Cloud Files Minifilter Privilege Escalation Vulnerability Exploited appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Threat intelligence researchers have identified a new ransomware-as-a-service (RaaS) operation called The Gentlemen’s RaaS, being actively recruited on underground hacking forums by an operator using the handle zeta88. The cross-platform threat r…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A persistent vulnerability related to DLL hijacking has been identified in the Narrator accessibility tool, which has been a significant concern over time. This flaw allows malicious actors to exploit the tool, potentially compromising the security of systems that rely on it for accessibility features. Noted initially in reports dating back to 2013 by expert […] The post Windows Accessibility Flaw Allows Stealthy Persistence and Lateral Movement via Narrator DLL Hijack appeared first on Cyber Security News.
·
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The cybersecurity landscape continues to face persistent threats from emerging ransomware groups, with Gunra representing a significant concern since its emergence in April 2025. This threat actor has launched systematic attacks across multiple industr…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Active Directory domain join accounts are systematically exposing enterprise environments to compromise, even when administrators follow Microsoft’s official guidance. A comprehensive security analysis reveals that these specialized accounts inhe…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Microsoft is enhancing Windows 11’s stability with a new feature that prompts users for a quick memory diagnostic scan following blue screen of death (BSOD) incidents. This proactive tool aims to detect and mitigate memory corruption issues that often lead to unexpected restarts, potentially reducing future system crashes. Announced in recent Windows Insider builds, the […] The post Windows Introduces Quick Memory Scan Feature During Restart After BSOD Crashes appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Cybercriminals are increasingly using a technique known as “ClickFix” to deploy the NetSupport remote administration tool (RAT) for malicious purposes. According to a new report from eSentire’s Threat Response Unit (TRU), threat actors have…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Cybersecurity researchers are sounding the alarm after discovering that hackers are actively exploiting a critical remote code execution (RCE) vulnerability in Microsoft’s Windows Server Update Services (WSUS). The flaw, tracked as CVE-2025-59287…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
