SecurityWeek

No Patch for New PhantomRPC Privilege Escalation Technique in Windows

The PhantomRPC Windows vulnerability allows attackers to elevate their privileges to System by using a fake RPC server.
Windows Report

CISA Orders Urgent Patch for Actively Exploited Windows Shell Vulnerability

CISA orders urgent patching of a Windows Shell flaw actively exploited in zero-click attacks. Federal agencies must update by ...
Security Boulevard

Microsoft won’t patch PhantomRPC: Feature or bug?

A researcher has detailed five ways to exploit PhantomRPC, which Microsoft rates “moderate” and does not plan to fix.

CISA orders feds to patch BlueHammer flaw exploited as zero-day

CISA has ordered U.S. federal agencies to patch a Microsoft Defender privilege escalation flaw (dubbed BlueHammer) that has ...
Security Boulevard

Microsoft’s April Security Update of High-Risk Vulnerability Notice for Multiple Products

Overview On April 15, NSFOCUS CERT detected that Microsoft released the April Security Update patch, fixing 165 security issues involving Windows, Microsoft Office, Microsoft SQL Server, Microsoft ...
Dark Reading

UNC6692 Combines Social Engineering, Malware, Cloud Abuse

A newly discovered threat actor is using Microsoft Teams, AWS S3 buckets, and custom "Snow" malware in a multipronged ...
CSO Online

Researchers unearth industrial sabotage malware that predated Stuxnet by 5 years

Targeting high-precision floating-point arithmetic operations in engineering modeling software, Fast16 may now be the ...
TechJuice

Researchers Uncover Pre-Stuxnet Fast16 Malware Targeting Engineering Software From 2005

Researchers uncover Fast16 malware from 2005, a pre-Stuxnet cyberweapon targeting engineering systems and infrastructure.

Hackers Are Now Using Microsoft Teams to Breach Company Networks Without Using Any Exploits

A newly identified threat group, UNC6692, has been caught running a sophisticated cyberattack campaign that uses Microsoft ...

Anthropic's Mythos AI found over 2,000 unknown software vulnerabilities in just seven weeks of testing

Anthropic's Mythos AI discovered over 2,000 unknown software vulnerabilities in seven weeks, prompting the company to ...

Firefox and Tor Browser vulnerability allowed tracking in private mode

The vulnerability allowed tracking across sites, even in Private Mode.