More results...
CVE-2025-24054, a Windows NTLM hash disclosure vulnerability that Microsoft has issued patches for last month, has been leveraged by threat actors in campaigns targeting government and private institutions in Poland and Romania. “Active exploitat…
New vulnerabilities in Windows Task Scheduler’s schtasks.exe let attackers bypass UAC, alter metadata, modify event logs, and evade detection. These actions map to MITRE ATT&CK tactics: Persistence, Privilege Escalation, Execution, Lateral Mo…
A critical vulnerability in Microsoft Windows, identified as CVE-2025-24054, has been actively exploited in the wild since March 19, 2025, targets organizations worldwide. The flaw, which enables NTLM hash disclosure through spoofing, allows attackers …
A sophisticated cyber espionage campaign leveraging the newly identified BRICKSTORM malware variants has targeted European strategic industries since at least 2022. According to NVISO’s technical analysis, these backdoors previously confined to Linux v…
Security researchers and cybersecurity experts have recently uncovered new variants of the notorious HelloKitty ransomware, signaling its resurgence with attacks targeting Windows, Linux, and ESXi environments. HelloKitty ransomware, initially appearin…
A recent cybersecurity revelation has demonstrated how researchers successfully bypassed Windows Defender antivirus mechanisms using advanced techniques involving XOR encryption and direct system calls. This breakthrough has sparked discussions about t…
Microsoft warns CVE-2025-29824 lets attackers with user access escalate privileges to deploy ransomware via a flaw in Windows CLFS.
Microsoft has urgently patched a high-risk security vulnerability (CVE-2025-29810) in Windows Active Directory Domain Services (AD DS), which could allow attackers to escalate privileges and compromise entire network domains. Rated 7.5 (Important)…
WhatsApp users are urged to update the Windows client app to plug a serious security vulnerability (CVE-2025-30401) that may allow attackers to trick users into running malicious code. Meta classifies the vulnerability as a spoofing issue that makes al…
Microsoft has disclosed a new security vulnerability in Windows operating systems, tracked as CVE-2025-29809. This flaw, classified with Important severity, impacts the Kerberos authentication protocol, potentially enabling attackers to bypas…