The urgency is palpable for Windows and Linux users, who must urgently update cryptographic keys to safeguard their systems from firmware-based UEFI infections. This type of malware is particularly insidious, as it executes before the operating system and antimalware solutions can activate, making it especially challenging to detect and eradicate.…
UEFI Bootkits: A Growing Cybersecurity Concern In recent years, the landscape of cybersecurity threats has evolved significantly, marked notably by the introduction of bootkits targeting Unified Extensible Firmware Interface (UEFI) systems. These sophisticated forms of malware represent a new layer of vulnerability for both individual users and corporate environments, disrupting…
Microsoft Releases Critical Security Updates Addressing 39 Vulnerabilities In a significant move this December, Microsoft has released security patches addressing a total of 39 vulnerabilities across its Windows operating systems and applications during its year-end Patch Tuesday. Among these, ten vulnerabilities have been designated as critical, emphasizing the potential severe…
A recently uncovered campaign attributed to the China-based cybercrime group known as Silver Fox—also referred to as Monarch, SwimSnake, The Great Thief of Valley, UTG-Q-1000, and Void Arachne—has targeted organizations in Russia and India with new malware identified as ABCDoor. The operation has prominently involved the use of phishing emails…
Targeted Supply Chain Attack on DAEMON Tools Software Discovered A recent investigation by Kaspersky has revealed a sophisticated supply chain attack targeting DAEMON Tools software. The attack involves tampering with the software’s installers, which are distributed through the official DAEMON Tools website and are signed with valid digital certificates from…
Critical Vulnerabilities Discovered in Open-Source VNC Remote Desktop Applications Recent findings reveal that four widely used open-source VNC (Virtual Network Computing) remote desktop applications are susceptible to a staggering 37 security vulnerabilities. Many of these vulnerabilities have remained undetected for the last two decades, with the most severe posing the…
Recent Cyberattack Targets Dozens of Organizations with Sophisticated Backdoors In a concerning development within the cybersecurity landscape, a follow-on payload identified by Kaspersky as a “minimalistic backdoor” has infiltrated nearly a dozen organizations. This malware possesses capabilities to execute commands, download files, and deploy shellcode within memory, complicating detection efforts…
Security Vulnerabilities Discovered in Popular Antivirus Solutions, Risking System Integrity Cybersecurity experts have recently uncovered significant security vulnerabilities in widely-used antivirus software, potentially allowing attackers to escalate privileges and solidify malware presence on compromised systems. A report from CyberArk researcher Eran Shimony, shared with The Hacker News, highlights the critical…
Cybersecurity researchers have revealed that threat actors are exploiting a now-patched vulnerability in Microsoft Windows to deploy the PipeMagic malware during RansomExx ransomware attacks. This exploitation hinges on CVE-2025-29824, a privilege escalation vulnerability affecting the Windows Common Log File System (CLFS), which Microsoft addressed in April 2025, according to a report from Kaspersky and BI.ZONE. First identified in 2022, PipeMagic has been utilized in RansomExx attacks targeting industrial sectors in Southeast Asia, functioning as a backdoor that allows remote access and execution of various commands on compromised systems. Past incidents have shown attackers exploiting CVE-2017-0144, a remote code execution vulnerability in Windows SMB, to breach victim networks. Notably, infection chains observed in October 2024 in Saudi Arabia were linked to a fraudulent OpenAI ChatGPT application.
Microsoft Windows Vulnerability Exploited to Deploy PipeMagic RansomExx Malware On August 18, 2025, cybersecurity experts revealed that threat actors exploited a recently patched vulnerability in Microsoft Windows to distribute the PipeMagic malware within RansomExx ransomware operations. This malicious activity specifically took advantage of CVE-2025-29824, a privilege escalation flaw affecting the…
Cybersecurity researchers have revealed that threat actors are exploiting a now-patched vulnerability in Microsoft Windows to deploy the PipeMagic malware during RansomExx ransomware attacks. This exploitation hinges on CVE-2025-29824, a privilege escalation vulnerability affecting the Windows Common Log File System (CLFS), which Microsoft addressed in April 2025, according to a report from Kaspersky and BI.ZONE. First identified in 2022, PipeMagic has been utilized in RansomExx attacks targeting industrial sectors in Southeast Asia, functioning as a backdoor that allows remote access and execution of various commands on compromised systems. Past incidents have shown attackers exploiting CVE-2017-0144, a remote code execution vulnerability in Windows SMB, to breach victim networks. Notably, infection chains observed in October 2024 in Saudi Arabia were linked to a fraudulent OpenAI ChatGPT application.
