Security
Headlines
HeadlinesLatestCVEs

Tag

#windows

Cisco, Hitachi, Microsoft, and Progress Flaws Actively Exploited—CISA Sounds Alarm

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added five security flaws impacting software from Cisco, Hitachi Vantara, Microsoft Windows, and Progress WhatsUp Gold to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation. The list of vulnerabilities is as follows - CVE-2023-20118 (CVSS score: 6.5) - A command injection

The Hacker News
Open in Source
#vulnerability#windows#microsoft#cisco#The Hacker News
Fake IT Support Calls Trick Microsoft Teams Users into Installing Ransomware

Cybercriminals pose as IT support, using fake calls and Microsoft Teams messages to trick users into installing ransomware through email floods and remote access.

New Malware Campaign Exploits Microsoft Graph API to Infect Windows

FortiGuard Labs discovers an advanced attack using modified Havoc Demon and SharePoint. Explore the attack's evasion techniques and security measures.

Hackers Impersonate Taiwan’s Tax Authority to Deploy Winos 4.0 Malware

FortiGuard Labs discovers Winos 4.0 malware targeting Taiwan via phishing. Learn how this advanced threat steals data and…

Lotus Blossom espionage group targets multiple industries with different versions of Sagerunex and hacking tools

Lotus Blossom espionage group targets multiple industries with different versions of Sagerunex and hacking tools

LightSpy Expands to 100+ Commands, Increasing Control Over Windows, macOS, Linux, and Mobile

Cybersecurity researchers have flagged an updated version of the LightSpy implant that comes equipped with an expanded set of data collection features to extract information from social media platforms like Facebook and Instagram. LightSpy is the name given to a modular spyware that's capable of infecting both Windows and Apple systems with an aim to harvest data. It was first documented in

Silver Fox APT Hides ValleyRAT in Trojanized Medical Imaging Software

Chinese Silver Fox APT exploits trojanized medical imaging software to spread ValleyRAT malware, posing a serious threat to…

2,500+ Truesight.sys Driver Variants Exploited to Bypass EDR and Deploy HiddenGh0st RAT

A large-scale malware campaign has been found leveraging a vulnerable Windows driver associated with Adlice's product suite to sidestep detection efforts and deliver the Gh0st RAT malware. "To further evade detection, the attackers deliberately generated multiple variants (with different hashes) of the 2.0.2 driver by modifying specific PE parts while keeping the signature valid," Check Point

February Linux Patch Wednesday

February Linux Patch Wednesday. There are 561 vulnerabilities in total. 338 in Linux Kernel. Formally, there is one vulnerability with a sign of exploitation in the wild: RCE – 7-Zip (CVE-2025-0411). But it is about Windows MoTW and, naturally, is not exploitable on Linux. There are public exploits for 21 vulnerabilities. Among them there are […]

Hardware Crypto Wallets vs. Mobile vs. Desktop: Which Should You Choose?

Crypto wallets are essential in keeping your cryptocurrency safe. There are different types of wallets available and choosing…