-
A sophisticated cryptojacking campaign that hijacks Windows’ native Character Map utility (“charmap.exe”) to evade Windows Defender and covertly mine cryptocurrency on compromised machines. First detected in late August 2025, this attack exploits legit…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A sophisticated new botnet called NightshadeC2 that employs an innovative “UAC Prompt Bombing” technique to evade Windows Defender and compromise endpoint security systems. In August 2025, eSentire’s Threat Response Unit (TRU) identif…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A recently patched vulnerability in a core Windows driver could allow a local attacker to execute code with the highest system privileges, effectively taking full control of a target machine. The flaw, identified as CVE-2025-53149, is a heap-based buffer overflow discovered in the Kernel Streaming WOW Thunk Service Driver (ksthunk.sys). Microsoft addressed the issue in […] The post Windows Heap-based Buffer Overflow Vulnerability Let Attackers Elevate Privileges appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A critical security vulnerability has been discovered in Microsoft Windows systems that allows attackers to escalate their privileges and potentially gain complete control over affected machines. The vulnerability, designated CVE-2025-53149, affec…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
ESET security researchers have uncovered a sophisticated cyber threat campaign targeting Windows servers across multiple countries, with attackers deploying custom malware tools designed for both remote access and search engine manipulation. Cybersecur…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A newly identified hacking group, dubbed “GhostRedirector” by cybersecurity researchers, has compromised at least 65 Windows servers across the globe, deploying custom malware designed to manipulate search engine results for financial gain. According to a new report from ESET, the threat actor utilizes a malicious module for Microsoft’s Internet Information Services (IIS) to conduct a […] The post GhostRedirector Hackers Compromise Windows Servers With Malicious IIS Module To Manipulate Search Results appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Microsoft has officially acknowledged a significant User Account Control (UAC) bug that is causing widespread installation issues across Windows 10 and Windows 11 systems. The problem stems from a security update released in August 2025 and affects mil…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Microsoft has officially acknowledged a significant bug in recent Windows security updates that is causing application installation and repair failures across multiple versions of Windows 10, Windows 11, and Windows Server. The issue stems from a security enhancement in the August 2025 updates, which now incorrectly triggers User Account Control (UAC) prompts for standard, non-administrator […] The post Microsoft Confirms UAC Bug Breaks App Install On Windows 11 And 10 Versions appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The recently emerged DireWolf ransomware group has launched a sophisticated new campaign targeting Windows systems worldwide, employing ruthless tactics to delete event logs, erase backup-related data, and thwart recovery efforts. First sighted in May …
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Inf0s3c Stealer, a stealthy Python-based grabber built to harvest system information and user data from Windows hosts. Packed as a 64-bit PE file compressed with UPX and bundled via PyInstaller, the executable imports a suite of Windows API functions t…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
