#windows

In this week’s newsletter, Thorsten muses on how search engines and AI quietly gather your data while trying to influence your buying choices. Explore privacy-friendly alternatives and get the scoop on why it's important to question the platforms you interact with online.

IBM recently released their 2025 X-Force Cloud Threat Intelligence Index Report.Within the report and in collaboration with Red Hat Insights, “IBM X-Force found that more than half of Red Hat Enterprise Linux customers' environments had not deployed a patch for at least one critical CVE in their environment, and 18% had not patched five or more. At the same time, IBM X-Force found the most active ransomware families (e.g., Akira, Clop, Lockbit and RansomHub) are now supporting both Windows and Linux versions of their ransomware.”Red Hat Insights can help you better understand your overall

The attacks have been going on since shortly after Microsoft patched the vulnerability in March.

Researchers discovered new variants of the malware, which is tied to a China-nexus threat group, targeting Windows environments of critical infrastructure networks in Europe.

Cybersecurity researchers have detailed four different vulnerabilities in a core component of the Windows task scheduling service that could be exploited by local attackers to achieve privilege escalation and erase logs to cover up evidence of malicious activities. The issues have been uncovered in a binary named "schtasks.exe," which enables an administrator to create, delete, query, change,

A critical resource that cybersecurity professionals worldwide rely on to identify, mitigate and fix security vulnerabilities in software and hardware is in danger of breaking down. The federally funded, non-profit research and development organization MITRE warned today that its contract to maintain the Common Vulnerabilities and Exposures (CVE) program -- which is traditionally funded each year by the Department of Homeland Security -- expires on April 16.

CloudSEK uncovers a sophisticated malware campaign where attackers impersonate PDFCandy.com to distribute the ArechClient2 information stealer. Learn how…

Microsoft held off on releasing the privacy-unfriendly feature after a swell of pushback last year. Now it’s trying again, with a few improvements that skeptics say still aren't enough.

A newly created inetpub folder turns out to be part of a Microsoft update against a vulnerability tracked as CVE-2025-21204

Attackers aren’t waiting for patches anymore — they are breaking in before defenses are ready. Trusted security tools are being hijacked to deliver malware. Even after a breach is detected and patched, some attackers stay hidden. This week’s events show a hard truth: it’s not enough to react after an attack. You have to assume that any system you trust today could fail tomorrow. In a world