Security
Headlines
HeadlinesLatestCVEs

Tag

#windows

CVE-2026-20831: Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability

Time-of-check time-of-use (toctou) race condition in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.

Microsoft Security Response Center
Open in Source
#vulnerability#windows#auth#Windows Ancillary Function Driver for WinSock#Security Vulnerability
CVE-2026-20828: Windows rndismp6.sys Information Disclosure Vulnerability

Out-of-bounds read in Windows Internet Connection Sharing (ICS) allows an unauthorized attacker to disclose information with a physical attack.

CVE-2026-20833: Windows Kerberos Information Disclosure Vulnerability

Use of a broken or risky cryptographic algorithm in Windows Kerberos allows an authorized attacker to disclose information locally.

CVE-2026-20834: Windows Spoofing Vulnerability

Absolute path traversal in Windows Shell allows an unauthorized attacker to perform spoofing with a physical attack.

Cybersecurity in the Public Sector: Challenges, Strategies and Best Practices

Public sector cybersecurity faces outdated systems, budget gaps, and rising attacks. Learn key challenges, defense strategies, and proven best practices.

⚡ Weekly Recap: AI Automation Exploits, Telecom Espionage, Prompt Poaching & More

This week made one thing clear: small oversights can spiral fast. Tools meant to save time and reduce friction turned into easy entry points once basic safeguards were ignored. Attackers didn’t need novel tricks. They used what was already exposed and moved in without resistance. Scale amplified the damage. A single weak configuration rippled out to millions. A repeatable flaw worked again and

Celebrating reviews and recognitions for Malwarebytes in 2025

In 2025, Malwarebytes was repeatedly tested against real-world threats. Here’s what those tests found.

MuddyWater Launches RustyWater RAT via Spear-Phishing Across Middle East Sectors

The Iranian threat actor known as MuddyWater has been attributed to a spear-phishing campaign targeting diplomatic, maritime, financial, and telecom entities in the Middle East with a Rust-based implant codenamed RustyWater. "The campaign uses icon spoofing and malicious Word documents to deliver Rust based implants capable of asynchronous C2, anti-analysis, registry persistence, and modular

China-Linked Hackers Exploit VMware ESXi Zero-Days to Escape Virtual Machines

Chinese-speaking threat actors are suspected to have leveraged a compromised SonicWall VPN appliance as an initial access vector to deploy a VMware ESXi exploit that may have been developed as far back as February 2024. Cybersecurity firm Huntress, which observed the activity in December 2025 and stopped it before it could progress to the final stage, said it may have resulted in a ransomware