Tuesday, April 29, 2025

Windows

Windows 11 25H2 Expected to Launch with Minor Changes

Microsoft is quietly preparing the next update to its flagship operating system, Windows 11 25H2, with new evidence pointing toward a September–October 2025 release. Unlike the much-anticipated Windows 11 24H2-the major...

Microsoft Defender XDR False Positive Leaked Massive 1,700+ Sensitive Documents to Publish

An alarming data leak involving Microsoft Defender XDR has exposed more than 1,700 sensitive documents from hundreds of organizations, following a chain reaction triggered...

Microsoft’s Patch for Symlink Vulnerability Introduces New Windows Denial-of-Service Flaw

Microsoft’s recent attempt to resolve a critical privilege escalation vulnerability has inadvertently introduced a new denial-of-service (DoS) flaw in Windows systems, leaving organizations vulnerable...

Hackers Exploit Weaponized Word Docs to Steal Windows Login Credentials

A sophisticated phishing campaign has been uncovered by Fortinet’s FortiGuard Labs, targeting Windows users with malicious Word documents designed to steal sensitive data. Disguised as...

Critical Flaw in Windows Update Stack Enables Code Execution and Privilege Escalation

A newly discovered vulnerability in the Windows Update Stack, tracked as CVE-2025-21204, has sent shockwaves through the cybersecurity community after researchers revealed it could...

Hackers Bypassed Windows Defender Policies Using WinDbg Preview via Microsoft Store

A newly documented technique reveals how attackers can exploit the WinDbg Preview debugger to bypass even the strictest Windows Defender Application Control (WDAC) policies,...

CISA Warns of Active Exploitation of Windows NTLM Vulnerability

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) alerted organizations to active exploitation of a newly disclosed Microsoft Windows vulnerability tracked as CVE-2025-24054. The flaw...

LummaStealer Exploits Windows Utility to Run Remote Code Disguised as .mp4 File

The Cybereason Global Security Operations Center (GSOC) has shed light on the sophisticated tactics used by the LummaStealer malware to evade detection and execute...

Windows Task Scheduler Vulnerabilities Allow Attackers Gain Admin Account Control

New vulnerabilities in Windows Task Scheduler's schtasks.exe let attackers bypass UAC, alter metadata, modify event logs, and evade detection. These actions map to MITRE...

Windows NTLM Vulnerability (CVE-2025-24054) Actively Exploit in the Wild to Hack Systems

A critical vulnerability in Microsoft Windows, identified as CVE-2025-24054, has been actively exploited in the wild since March 19, 2025, targets organizations worldwide. The flaw,...

Chinese Hackers Unleash New BRICKSTORM Malware to Target Windows and Linux Systems

A sophisticated cyber espionage campaign leveraging the newly identified BRICKSTORM malware variants has targeted European strategic industries since at least 2022. According to NVISO’s...