Windows
-
Critical Docker Desktop vulnerability could let attackers hijack Windows hosts, researchers say
A critical vulnerability in Docker Desktop for Windows and macOS could allow attackers to hijack the host by running a malicious container, even with Enhanced Container Isolation, tracked as CVE-2025-9074 (SSRF) and rated 9.3. The flaw has been patched in Docker Desktop 4.44.3, after demonstrations of a PoC that could access the Docker Engine from…
-
PipeMagic backdoor used in RansomExx attacks tied to patched Windows vulnerability CVE-2025-29824
Security researchers say the PipeMagic backdoor, used in RansomExx attacks, exploits a patched Windows vulnerability (CVE-2025-29824) and leverages a modular loader to deploy additional payloads, with activity spanning Saudi Arabia, Brazil and beyond.
-
Emergence of Chaos RAT Malware Poses New Threats to Windows and Linux Systems
A new variant of the Chaos RAT malware is raising alarms among cybersecurity experts as it targets both Windows and Linux systems. Distributed under the guise of a network utility, this potent RAT showcases features that allow extensive control over compromised devices, signaling a troubling evolution in cyber threats.
-
New Malware Variant Uses Corrupted Headers to Evade Detection
Fortinet researchers have discovered a new strain of malware that evades detection by manipulating its DOS and PE headers, effectively functioning as a remote access trojan capable of controlling infected systems.
-
New Tool ‘Defendnot’ Manipulates Windows Security to Disable Microsoft Defender
The newly developed tool ‘Defendnot’ exploits a Windows Security API to disable Microsoft Defender by masquerading as a fake antivirus product, raising significant security concerns about system manipulations.
-
Windows Zero-Day Exploit Traced to EncryptHub, Delivering Diverse Malware
EncryptHub is exploiting a critical zero-day vulnerability in Microsoft Windows, deploying a range of malware, including data stealers, as detailed by Trend Micro. This exploit takes advantage of the Microsoft Management Console’s functionality, posing significant risks to users.