Security
Headlines
HeadlinesLatestCVEs

Tag

#windows

Firefox Tests AI-Powered Perplexity Search Engine Directly in Browser

Mozilla Firefox experiments with AI-powered Perplexity Search Engine in its address bar for version 139, signalling a potential…

HackRead
Open in Source
#web#windows#google#intel#chrome#firefox
Fileless Remcos RAT Attack Evades Antivirus Using PowerShell Scripts

A new wave of attacks uses PowerShell and LNK files to secretly install Remcos RAT, enabling full remote…

CVE-2025-47161: Microsoft Defender for Endpoint Elevation of Privilege Vulnerability

**How can I verify that the update is installed?** Customers wanting to ensure the client has been updated can run the MDE Client Analyzer on the device. When running the analyzer on a Windows device that does not have the security update, the analyzer will present a warning (ID 121035) indicating missing patch and directing to relevant online article. Additionally, if the update is installed, but the Anti-Spoofing capability is not in a stable state, the analyzer will present warning (ID 121036) indicating an issue and providing additional online guidance or callout to reach out to Microsoft support if issue persists.

GHSA-pwm3-776c-8q7q: BoniGarcia WebDriverManager Affected By Improper Restriction of XML External Entity Reference

Improper Restriction of XML External Entity Reference vulnerability in bonigarcia webdrivermanager on Windows, MacOS, Linux (XML parsing components modules) allows Data Serialization External Entities Blowup. This vulnerability is associated with program files src/main/java/io/github/bonigarcia/wdm/WebDriverManager.java. This issue affects webdrivermanager: from 1.0.0 before 6.1.0.

Horabot Malware Targets 6 Latin American Nations Using Invoice-Themed Phishing Emails

Cybersecurity researchers have discovered a new phishing campaign that's being used to distribute malware called Horabot targeting Windows users in Latin American countries like Mexico, Guatemala, Colombia, Peru, Chile, and Argentina. The campaign is "using crafted emails that impersonate invoices or financial documents to trick victims into opening malicious attachments and can steal email

Microsoft Patch Tuesday for May 2025 — Snort rules and prominent vulnerabilities

Microsoft has released its monthly security update for May of 2025 which includes 78 vulnerabilities affecting a range of products, including 11 that Microsoft marked as “critical”.   Microsoft noted five vulnerabilities that have been observed to be exploited in the wild. CVE-2025-30397 is a remote code

Zoom Fixes High-Risk Flaw in Latest Update

Zoom fixes multiple security bugs in Workplace Apps, including a high-risk flaw. Users are urged to update to…

iClicker Website Hacked with Fake CAPTCHA in ClickFix Attack

Popular student engagement platform iClicker’s website was compromised with a ClickFix attack. A fake “I’m not a robot”…