WhatsApp malware campaign delivers VBScript and MSI backdoors

In this article 1. Attack chain overview 2. Mitigation and protection guidance 3. Hunting queries 4. Indicators of compromise Microsoft Defender Experts observed a campaign beginning in late February 2026 that uses WhatsApp messages to deliver malicious Visual Basic Script VBS files. Once execute...

WhatsApp malware campaign delivers VBScript and MSI backdoors

In this article 1. Attack chain overview 2. Mitigation and protection guidance 3. Hunting queries 4. Indicators of compromise Microsoft Defender Experts observed a campaign beginning in late February 2026 that uses WhatsApp messages to deliver malicious Visual Basic Script VBS files. Once execute...

EUVD-2020-2179

Malware in sbrugna...

Security Bulletin: Vulnerability found in Personal Communications through deployment of arbitrary MSI package.

Summary There is a vulnerability in found in Personal Communications through deployment of arbitrary MSI package. Personal Communications has addressed the applicable CVE-2025-1095. Vulnerability Details CVEID:CVE-2025-1095 DESCRIPTION: IBM Personal Communications includes a Windows service that ...

Bizarro: a banking Trojan full of nasty tricks

Researchers have discovered a new banking Trojan that has been found targeting customers of European and South American banks. They have dubbed the new Trojan Bizarro. How does Bizarro spread? The Bizarro malware spreads via Microsoft Installer MSI packages. Identified sources so far have been sp...

MSI Packages Symbolic Links Processing - Windows 10 Privilege Escalation

MSI Packages Symbolic Links Processing - Windows 10 Privilege Escalation Exploit Title: MSI Packages Symbolic Links Processing - Windows 10 Privilege Escalation Author: nu11secur1ty Date: 2020-02-14 Vendor: Microsoft Link:...

MSI Packages Symbolic Links Processing - Windows 10 Privilege Escalation Vulnerability

Exploit Title: MSI Packages Symbolic Links Processing - Windows 10 Privilege Escalation Author: nu11secur1ty Vendor: Microsoft Link: https://github.com/nu11secur1ty/Windows10Exploits/tree/master/Undefined/CVE-2020-0683/nu11secur1ty CVE: CVE-2020-0683 + Credits: Ventsislav Varbanovski @ nu11secur1...

Microsoft Windows 10 MSI Privilege Escalation

Exploit Title: MSI Packages Symbolic Links Processing - Windows 10 Privilege Escalation Author: nu11secur1ty Date: 2020-02-14 Vendor: Microsoft Link: https://github.com/nu11secur1ty/Windows10Exploits/tree/master/Undefined/CVE-2020-0683/nu11secur1ty CVE: CVE-2020-0683 + Credits: Ventsislav...

Windows Installer Elevation of Privilege Vulnerability

An elevation of privilege vulnerability exists in the Windows Installer when MSI packages process symbolic links. An attacker who successfully exploited this vulnerability could bypass access restrictions to add or remove files. To exploit this vulnerability, an attacker would first have to log o...