A command injection flaw in the Windows Notepad App now gives remote attackers a path to execute code over a network, turning one of the most familiar programs on any PC into a potential entry point ...

CISA confirms active exploitation of CVE-2024-43468 in Microsoft Configuration Manager and urges immediate patching.

Microsoft has unveiled a new security feature in Windows 11 that fundamentally alters how administrator privileges operate on personal computers, signalling a decisive shift in the company’s approach ...

Threat actors are exploiting security gaps to weaponize Windows drivers and terminate security processes, and there may be no ...

By putting conflicting metadata in LNK files, a researcher found four new ways to spoof targets, hide arguments, and run unintended programs in Windows Explorer.

Fixes For Actively Exploited FlawsMicrosoft has released security updates for Windows and Office to address vulnerabilities that the company said are being ...

CISA has expanded its KEV catalog with new SolarWinds, Notepad++, and Apple flaws, including two exploited as zero-days.

This year’s Microsoft Digital Defense Report (MDDR) showcases the scale and sophistication of today’s cyber threats, the impact of emerging technologies on those threats, and the strategies that ...

Active exploitation of BeyondTrust enables unauthenticated RCE as CISA adds Apple, Microsoft, SolarWinds, and Notepad++ flaws ...

The vulnerability comes from the way Notepad handles Markdown hyperlinks. Attackers craft malicious .md files with embedded ...

Today, at Wild West Hackin' Fest, security researcher Wietze Beukema disclosed multiple vulnerabilities in Windows LK ...

The campaign exploits an Office vulnerability to deliver the modular XWorm RAT, chaining HTA, PowerShell, and in-memory .NET execution to sidestep detection and expand post-compromise control.