Windows Security

Microsoft Warns of WhatsApp-Delivered VBS Malware Exploiting UAC Bypass on Windows

Microsoft has issued a warning about a newly discovered cyber campaign that uses WhatsApp to distribute malicious Visual Basic Script (VBS) files. The attack chain is designed to compromise Windows systems, establish persistence, and gain elevated privileges through stealth techniques. Attack Begins with Social Engineering The campaign, first observed in late February 2026, relies heavily on social engineering […]

Microsoft Warns of WhatsApp-Delivered VBS Malware Exploiting UAC Bypass on Windows Read More »

DeepLoad Malware

DeepLoad Malware Leverages ClickFix and WMI Persistence to Steal Browser Credentials

Cybersecurity researchers have identified a newly emerging malware campaign distributing a previously undocumented loader called DeepLoad, leveraging ClickFix social engineering techniques to infect systems and steal sensitive data. ClickFix Lure Initiates the Attack Chain The infection begins with a deceptive ClickFix prompt that convinces users to execute a PowerShell command manually. Victims are instructed to

DeepLoad Malware Leverages ClickFix and WMI Persistence to Steal Browser Credentials Read More »

54 EDR Killers Leverage BYOVD to Exploit 35 Signed Vulnerable Drivers and Disable Security

A new cybersecurity analysis has revealed that dozens of endpoint detection and response (EDR) killer tools are actively exploiting trusted system components to disable security protections. Researchers have identified 54 such tools leveraging the Bring Your Own Vulnerable Driver (BYOVD) technique by abusing at least 35 signed but vulnerable drivers. According to ESET, these tools

54 EDR Killers Leverage BYOVD to Exploit 35 Signed Vulnerable Drivers and Disable Security Read More »

Microsoft Patches 84

Microsoft Fixes 84 Security Flaws in March Patch Tuesday, Including Two Public Zero Days

Microsoft has rolled out security updates addressing 84 new vulnerabilities across multiple software components, with two of them publicly disclosed. Of these vulnerabilities, eight are classified as Critical and 76 as Important. Most patches (46) relate to privilege escalation, followed by 18 remote code execution flaws, 10 information disclosure issues, four spoofing weaknesses, four denial-of-service

Microsoft Fixes 84 Security Flaws in March Patch Tuesday, Including Two Public Zero Days Read More »

Microsoft-Reveals-ClickFix

Microsoft Uncovers ClickFix Campaign Leveraging Windows Terminal to Deploy Lumma Stealer

Microsoft security researchers have revealed a large scale ClickFix social engineering campaign that abuses the Windows Terminal application to execute malicious commands and ultimately deploy the Lumma Stealer malware. The campaign, detected in February 2026, introduces a new technique where attackers persuade victims to run commands inside Windows Terminal (wt.exe) instead of the commonly abused Windows Run dialog. Social Engineering Through Trusted Tools

Microsoft Uncovers ClickFix Campaign Leveraging Windows Terminal to Deploy Lumma Stealer Read More »

Microsoft Fixes CVE-2026-26119 Privilege Escalation Flaw in Windows Admin Center

Microsoft has addressed a high-severity security vulnerability in Windows Admin Center that could allow attackers to escalate privileges on affected systems. The flaw, tracked as CVE-2026-26119, carried a CVSS score of 8.8 out of 10, highlighting its potential risk to enterprise environments. About the Vulnerability Windows Admin Center is a locally deployed, browser-based management suite enabling administrators

Microsoft Fixes CVE-2026-26119 Privilege Escalation Flaw in Windows Admin Center Read More »

First Malicious Outlook Add-In Discovered Stealing Over 4,000 Microsoft Credentials

Cybersecurity researchers have uncovered what is believed to be the first malicious Microsoft Outlook add-in observed in active attacks. The discovery highlights a new evolution in supply chain threats targeting trusted software marketplaces. According to security firm Koi Security, an unidentified attacker hijacked a previously legitimate but abandoned Outlook add-in domain to host a fraudulent

First Malicious Outlook Add-In Discovered Stealing Over 4,000 Microsoft Credentials Read More »

Microsoft Fixes 59 Security Flaws, Including Six Actively Exploited Zero Days

Microsoft has released security updates addressing 59 vulnerabilities across its software, including six zero-day flaws currently exploited in the wild. The patch rollout was announced on Tuesday, highlighting the urgent need for users and organizations to apply fixes. Severity Breakdown Of the 59 vulnerabilities, five are marked Critical, 52 Important, and two Moderate. Privilege escalation

Microsoft Fixes 59 Security Flaws, Including Six Actively Exploited Zero Days Read More »

BeyondTrust Patches Critical Pre-Auth RCE Flaw in Remote Support and PRA Products

BeyondTrust has released security updates to remediate a critical vulnerability affecting its Remote Support (RS) and Privileged Remote Access (PRA) products. If exploited, the flaw could allow unauthenticated attackers to achieve remote code execution on vulnerable systems. In a security advisory published on February 6, 2026, BeyondTrust confirmed that Remote Support and certain legacy versions of Privileged Remote Access

BeyondTrust Patches Critical Pre-Auth RCE Flaw in Remote Support and PRA Products Read More »

Google Warns of Active Exploitation of WinRAR Vulnerability CVE-2025-8088

Google has warned that multiple threat actors are actively exploiting a critical security vulnerability in WinRAR, despite the issue being patched months ago. The attacks involve a mix of nation state groups and financially motivated cybercriminals using the flaw to gain initial system access and deploy malware. According to the Google Threat Intelligence Group (GTIG), the vulnerability

Google Warns of Active Exploitation of WinRAR Vulnerability CVE-2025-8088 Read More »