Researchers discovered new variants of the malware, which is tied to a China-nexus threat group, targeting Windows environments of critical infrastructure networks in Europe. The […]
Author: cyberbytes
Multiple Groups Exploit NTLM Flaw in Microsoft Windows
The attacks have been going on since shortly after Microsoft patched the vulnerability in March. The original article found on darkreading Read More
2 Apple Zero-Day Vulnerabilities Actively Exploited in “Extremely” Sophisticated iOS Attacks
Apple has urgently rolled out iOS 18.4.1 and iPadOS 18.4.1 to patch two zero-day vulnerabilities that were actively exploited in “extremely sophisticated” attacks aimed at […]
Ransomware gang ‘CrazyHunter’ Targets Critical Taiwanese Orgs
Trend Micro researchers detailed an emerging ransomware campaign by a new group known as “CrazyHunter” that is targeting critical sectors in Taiwan. The original article […]
Windows Task Scheduler Vulnerabilities Allow Attackers Gain Admin Account Control
New vulnerabilities in Windows Task Scheduler’s schtasks.exe let attackers bypass UAC, alter metadata, modify event logs, and evade detection. These actions map to MITRE ATT&CK […]
CISA Extend Funding to MITRE to Keep CVE Program Running
The Cybersecurity and Infrastructure Security Agency (CISA) has extended funding to the MITRE Corporation, ensuring the continued operation of the Common Vulnerabilities and Exposures (CVE) […]
Experts Uncover Four New Privilege Escalation Flaws in Windows Task Scheduler
Cybersecurity researchers have detailed four different vulnerabilities in a core component of the Windows task scheduling service that could be exploited by local attackers to […]
Server-Side Phishing Attacks Target Employee and Member Portals to Steal Login Credentials
Attackers have been deploying server-side phishing schemes to compromise employee and member login portals across various enterprises. This strategic shift to server-side operations is designed […]
Windows NTLM Vulnerability (CVE-2025-24054) Actively Exploit in the Wild to Hack Systems
A critical vulnerability in Microsoft Windows, identified as CVE-2025-24054, has been actively exploited in the wild since March 19, 2025, targets organizations worldwide. The flaw, […]
Cloud, Cryptography Flaws in Mobile Apps Leak Enterprise Data
Cloud misconfigurations and cryptography flaws plague some of the top apps used in work environments, exposing organizations to risk and intrusion. The original article found […]