-
The notorious FIN7 cybercriminal group, also known as Savage Ladybug, continues to rely on a sophisticated Windows SSH backdoor infrastructure with minimal modifications since 2022, according to threat intelligence analysis. The threat actor has mainta…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Security researchers have discovered a sophisticated attack technique that exploits Microsoft’s OneDrive application to execute malicious code without detection. The method, known as DLL sideloading, leverages the way Windows loads library files …
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Security researchers have identified a dangerous remote access trojan called SleepyDuck lurking in the Open VSX IDE extension marketplace, targeting developers who use code editors like Cursor and Windsurf. The malicious extension masqueraded as a legi…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Microsoft has acknowledged a critical issue affecting Windows Server 2025 systems enrolled in the Hotpatch program. A recent Windows Server Update Services (WSUS) patch was inadvertently distributed to machines configured to receive Hotpatch updates, c…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Security researchers at the SANS Internet Storm Center have detected a significant spike in suspicious network traffic targeting Windows Server Update Services (WSUS) infrastructure worldwide. The reconnaissance activity focuses specifically on TCP por…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Microsoft has released a non-security update for Windows 11 versions 24H2 and 25H2 that introduces an unusual bug affecting one of the operating system’s most essential utilities. The update, designated as KB5067036, is causing Task Manager to continue running in the background even after users close the application. This issue has been officially acknowledged by […] The post Windows 11 24H2/25H2 Update Causes Task Manager to be Active After Closure appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Microsoft has acknowledged a persistent bug affecting Windows 11 versions 24H2 and 25H2 that prevents Task Manager from properly terminating when users close the application. The issue causes multiple instances of the system monitoring tool to accumula…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A specialized Beacon Object File (BOF) designed to extract authentication cookies from Microsoft Teams without disrupting the application. This development builds on recent findings that expose how Teams stores sensitive access tokens, potentially allowing attackers to impersonate users and access chats, emails, and documents. The tool, released by Tier Zero Security, adapts an existing browser […] The post New BOF Tool Exploits Microsoft Teams’ Cookie Encryption allowing Attackers to Access User Chats appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Security researcher TwoSevenOneT has released EDR-Redir V2, an upgraded evasion tool that exploits Windows bind link technology to bypass endpoint detection and response solutions on Windows 11. The new version demonstrates a sophisticated approach to …
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
An upgraded release of tool EDR-Redir V2, designed to evade Endpoint Detection and Response (EDR) systems by exploiting Windows bind link technology in a novel way. According to the researcher TwoSevenOneT, the version targets the parent directories of EDR installations, such as Program Files, to create redirection loops that blind security software without disrupting legitimate […] The post New EDR-Redir V2 Blinds Windows Defender on Windows 11 With Fake Program Files appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
