PoC Exploit Released for Windows Registry Privilege Elevation Vulnerability
A critical Windows Registry Elevation of Privilege vulnerability, identified as CVE-2024-43641. This flaw, which affects various editions of Windows Server 2025, Windows 10, and Windows 11, has been assigned a CVSS v3.1 score of...
New “NotLockBit” Ransomware Attack Windows and macOS
A sophisticated new ransomware family, dubbed NotLockBit, is creating waves in the cybersecurity world with its advanced capabilities and cross-platform functionality. Mimicking the techniques of the infamous LockBit ransomware, NotLockBit has proven to be...
Hackers Exploit Microsoft Management Console to Drop Backdoor Payloads on Windows
Securonix Threat Research team has uncovered a sophisticated tax-related phishing campaign that employs Microsoft Common Console Document (MSC) files and advanced obfuscation techniques to deliver a stealthy backdoor payload.
Dubbed the "FLUX#CONSOLE campaign," this...
CISA Warns of Adobe & Windows Kernel Driver Exploited in Attacks
The Cybersecurity and Infrastructure Security Agency (CISA) has issued an important warning after adding two critical vulnerabilities to its Known Exploited Vulnerabilities Catalog.
These vulnerabilities flagged due to active evidence of exploitation, highlight the...
Windows Kernel Vulnerability Actively Exploits in Attacks to Gain System Access
The Cybersecurity and Infrastructure Security Agency (CISA) has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, one of which belongs to a Windows kernel vulnerability actively used in attacks.
This update follows verified...
Windows Remote Desktop Services Vulnerability Let Attackers Execute Remote Code
On December 10, 2024, Microsoft disclosed a critical vulnerability in its Windows Remote Desktop Services, tracked as CVE-2024-49115.
This security flaw allows attackers to execute remote code on affected systems, posing a severe threat to...
Windows Common Log File System Zero-day (CVE-2024-49138) Exploited in the Wild
A new high-severity security vulnerability, CVE-2024-49138, has been identified as a zero-day in the Windows Common Log File System (CLFS) Driver.
Microsoft confirmed that this vulnerability is categorized as an Elevation of Privilege issue and...
Microsoft December 2024 Patch Tuesday – 71 Vulnerabilities Fixed, Including 1 Zero-day & 30...
Microsoft released a security as part of the December Patch Tuesday that addressed 72 vulnerabilities, including 30 classified as critical Remote Code Execution (RCE) vulnerabilities.
These fixes are crucial for securing Windows operating systems and...
Critical Windows Zero-Day Vulnerability Exploited in the Wild – PoC Released
Microsoft has patched a critical zero-day vulnerability (CVE-2024-38193) that the notorious North Korean hacker group Lazarus APT actively exploited. Gen Threat Labs discovered and reported the flaw, which posed a severe threat to Windows...
Critical Windows Zero-Day Vulnerability Lets Attackers Steal Users NTLM Credentials
Security researchers have publicly revealed a newly discovered critical vulnerability that affects all Windows Workstation and Server versions, from Windows 7 and Server 2008 R2 to the latest Windows 11 (v24H2) and Server 2022....
Recent Posts
CyTwist Launches Advanced Security Solution to identify AI-Driven Cyber Threats in...
CyTwist, a leader in advanced next-generation threat detection solutions, has launched its patented detection engine to combat the insidious rise of AI-generated malware.
The cybersecurity...