#windows

New SEO poisoning campaign exposed! FortiGuard Labs reveals how attackers trick users with fake websites to deliver Hiddengh0st…

Cybersecurity researchers have discovered a new ransomware strain dubbed HybridPetya that resembles the notorious Petya/NotPetya malware, while also incorporating the ability to bypass the Secure Boot mechanism in Unified Extensible Firmware Interface (UEFI) systems using a now-patched vulnerability disclosed earlier this year. Slovakian cybersecurity company ESET said the samples were uploaded

A new report from Cofense reveals that cybercriminals are blending phishing and malware, including Muck Stealer, Info Stealer,…

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a critical security flaw impacting Dassault Systèmes DELMIA Apriso Manufacturing Operations Management (MOM) software to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation. The vulnerability, tracked as CVE-2025-5086, carries a CVSS score of 9.0 out of 10.0. According to

U.S. Senator Ron Wyden has called on the Federal Trade Commission (FTC) to probe Microsoft and hold it responsible for what he called "gross cybersecurity negligence" that enabled ransomware attacks on U.S. critical infrastructure, including against healthcare networks. "Without timely action, Microsoft's culture of negligent cybersecurity, combined with its de facto monopolization of the

Alongside new iPhones, Apple released a new security architecture on Tuesday: Memory Integrity Enforcement aims to eliminate the most frequently exploited class of iOS bugs.

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global). View CSAF 1. EXECUTIVE SUMMARY CVSS v3 8.1 ATTENTION: Exploitable locally Vendor: Siemens Equipment: SIMOTION Tools Vulnerability: Improper Check for Unusual or Exceptional Conditions 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to execute arbitrary code with SYSTEM privileges when a legitimate user installs an application that uses the affected setup component. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS Siemens reports that the following products are affected: SIMATIC Technology Package TPCamGen (6ES7823-0FE30-1AA0): All versions SIMOTION OA MIIF (6AU1820-3DA20-0AB0): All versions SIMOTION OACAMGEN (6AU1820-3EA20-0AB0): All versions...

### Impact Due to a special entry being appended to `sys.path` during the bootstrap process of a PyInstaller-frozen application, and due to the bootstrap script attempting to load an optional module for bytecode decryption while this entry is still present in `sys.path`, an application built with PyInstaller < 6.0.0 may be tricked by an unprivileged attacker into executing arbitrary python code when **all** of the following conditions are met: 1. Application is built with PyInstaller < 6.0.0; both onedir and onefile mode are affected. 2. Optional bytecode encryption code feature was **not** enabled during the application build. 3. The attacker can create files/directories in the same directory where the executable is located. 4. The filesystem supports creation of files/directories that contain `?` in their name (i.e., non-Windows systems). 5. The attacker is able to determine the offset at which the PYZ archive is embedded in the executable. The attacker can create a directory (or ...

LevelBlue Labs reports AsyncRAT delivered through a fileless attack chain using ScreenConnect, enabling credential theft and persistence.

Cybersecurity researchers have discovered two new malware families, including a modular Apple macOS backdoor called CHILLYHELL and a Go-based remote access trojan (RAT) named ZynorRAT that can target both Windows and Linux systems. According to an analysis from Jamf Threat Labs, ChillyHell is written in C++ and is developed for Intel architectures. CHILLYHELL is the name assigned to a malware