Windows
-
QNAP: Windows NetBak PC Agent affected by critical ASP.NET Core flaw
QNAP warned that its NetBak PC Agent for Windows is impacted by CVE-2025-55315, a critical ASP.NET Core vulnerability in the Kestrel web server that can enable credential hijacking or request-smuggling attacks, and urged users to reinstall the agent or install the latest ASP.NET Core runtime.
-
CISA says Windows SMB privilege-escalation bug CVE-2025-33073 is being exploited
CISA warned that threat actors are actively exploiting CVE-2025-33073, a high-severity SMB privilege-escalation bug affecting Windows Server, Windows 10 and Windows 11 up to 24H2. Microsoft patched the flaw in June 2025 and attributed discovery to multiple researchers, while CISA added the vulnerability to its Known Exploited Vulnerabilities Catalog and set a Nov. 10 deadline…
-
Trend Micro: SORVEPOTEL self‑propagating malware spreads via WhatsApp, hits Brazil hard
Trend Micro researchers said a self‑propagating malware campaign called SORVEPOTEL is spreading via WhatsApp and email to Windows desktops, concentrating in Brazil; it propagates through malicious ZIP attachments and PowerShell, aims for rapid spread rather than data theft, and has led to mass spam and account suspensions.
-
Critical Docker Desktop vulnerability could let attackers hijack Windows hosts, researchers say
A critical vulnerability in Docker Desktop for Windows and macOS could allow attackers to hijack the host by running a malicious container, even with Enhanced Container Isolation, tracked as CVE-2025-9074 (SSRF) and rated 9.3. The flaw has been patched in Docker Desktop 4.44.3, after demonstrations of a PoC that could access the Docker Engine from…
-
PipeMagic backdoor used in RansomExx attacks tied to patched Windows vulnerability CVE-2025-29824
Security researchers say the PipeMagic backdoor, used in RansomExx attacks, exploits a patched Windows vulnerability (CVE-2025-29824) and leverages a modular loader to deploy additional payloads, with activity spanning Saudi Arabia, Brazil and beyond.
-
Emergence of Chaos RAT Malware Poses New Threats to Windows and Linux Systems
A new variant of the Chaos RAT malware is raising alarms among cybersecurity experts as it targets both Windows and Linux systems. Distributed under the guise of a network utility, this potent RAT showcases features that allow extensive control over compromised devices, signaling a troubling evolution in cyber threats.
-
New Malware Variant Uses Corrupted Headers to Evade Detection
Fortinet researchers have discovered a new strain of malware that evades detection by manipulating its DOS and PE headers, effectively functioning as a remote access trojan capable of controlling infected systems.
-
New Tool ‘Defendnot’ Manipulates Windows Security to Disable Microsoft Defender
The newly developed tool ‘Defendnot’ exploits a Windows Security API to disable Microsoft Defender by masquerading as a fake antivirus product, raising significant security concerns about system manipulations.
-
Windows Zero-Day Exploit Traced to EncryptHub, Delivering Diverse Malware
EncryptHub is exploiting a critical zero-day vulnerability in Microsoft Windows, deploying a range of malware, including data stealers, as detailed by Trend Micro. This exploit takes advantage of the Microsoft Management Console’s functionality, posing significant risks to users.
