#windows

A vishing scam via Microsoft Teams led to attackers misusing TeamViewer to drop malware and stay hidden using simple but effective techniques.

### Summary The contents of arbitrary files can be returned to the browser. ### Impact Only apps explicitly exposing the Vite dev server to the network (using `--host` or [`server.host` config option](https://vitejs.dev/config/server-options.html#server-host)) are affected. ### Details - base64 encoded content of non-allowed files is exposed using `?inline&import` (originally reported as `?import&?inline=1.wasm?init`) - content of non-allowed files is exposed using `?raw?import` `/@fs/` isn't needed to reproduce the issue for files inside the project root. ### PoC Original report (check details above for simplified cases): The ?import&?inline=1.wasm?init ending allows attackers to read arbitrary files and returns the file content if it exists. Base64 decoding needs to be performed twice ``` $ npm create vite@latest $ cd vite-project/ $ npm install $ npm run dev ``` Example full URL `http://localhost:5173/@fs/C:/windows/win.ini?import&?inline=1.wasm?init`

The threat actors behind the zero-day exploitation of a recently-patched security vulnerability in Microsoft Windows have been found to deliver two new backdoors called SilentPrism and DarkWisp. The activity has been attributed to a suspected Russian hacking group called Water Gamayun, which is also known as EncryptHub and LARVA-208. "The threat actor deploys payloads primarily by means of

A vulnerability has been found that can be exploited through every browser as long as its running on a Windows system

Mozilla has released updates to address a critical security flaw impacting its Firefox browser for Windows, merely days after Google patched a similar flaw in Chrome that came under active exploitation as a zero-day. The security vulnerability, CVE-2025-2857, has been described as a case of an incorrect handle that could lead to a sandbox escape. "Following the recent Chrome sandbox escape (

Disney’s latest Snow White movie, with a 1.6/10 IMDb rating, isn’t just the biggest flop the company has…

Discover the novel QWCrypt ransomware used by RedCurl in targeted hypervisor attacks. This article details their tactics, including…

An advanced persistent threat (APT) group with ties to Pakistan has been attributed to the creation of a fake website masquerading as India's public sector postal system as part of a campaign designed to infect both Windows and Android users in the country. Cybersecurity company CYFIRMA has attributed the campaign with medium confidence to a threat actor called APT36, which is also known as

**What is the version information for this release?** Microsoft Edge Version Date Released Based on Chromium Version 134.0.3124.93 3/26/2025 134.0.6998.177/.178

The Trump cabinet’s shocking leak of its plans to bomb Yemen raises myriad confidentiality and legal issues. The security of the encrypted messaging app Signal is not one of them.