Patch Tuesday and the Enduring Challenge of Windows’ Backwards Compatibility

Introduction If you received an email with the subject “I LOVE YOU” and an attachment called “LOVE-LETTER-FOR-YOU.TXT”, would you open it? Probably not, but back in the year 2000, plenty of people did exactly that. The internet learned a hard lesson about the disproportionate power available to a...

PT-2025-28516

Name of the Vulnerable Software and Affected Versions Windows versions affected versions not specified Description A critical vulnerability exists in the Windows SPNEGO Extended Negotiation NEGOEX security mechanism. This flaw is a heap-based buffer overflow that allows an unauthorized attacker t...

CVE-2025-46719 Open WebUI vulnerable to stored XSS via unescaped markdown token in MarkdownTokens.svelte leading to full account takeover and RCE via functions

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to version 0.6.6, a vulnerability in the way certain html tags in chat messages are rendered allows attackers to inject JavaScript code into a chat transcript. The JavaScript code will be...

BlackByte blends tried-and-true tradecraft with newly disclosed vulnerabilities to support ongoing attacks

The BlackByte ransomware group continues to leverage tactics, techniques and procedures TTPs that have formed the foundation of its tradecraft since its inception, continuously iterating its use of vulnerable drivers to bypass security protections and deploying a self-propagating, wormable...

Exploit for Integer Underflow (Wrap or Wraparound) in Microsoft

CVE-2024-38063 - Windows TCP/IP Remote Code Execution Vulnerab...

French Authorities Launch Operation to Remove PlugX Malware from Infected Systems

French judicial authorities, in collaboration with Europol, have launched a so-called "disinfection operation" to rid compromised hosts of a known malware called PlugX. The Paris Prosecutor's Office, Parquet de Paris, said the initiative was launched on July 18 and that it's expected to continue...

Researchers Discover New PlugX Malware Variant Spreading via Removable USB Devices

Cybersecurity researchers have uncovered a PlugX sample that employs sneaky methods to infect attached removable USB media devices in order to propagate the malware to additional systems. "This PlugX variant is wormable and infects USB devices in such a way that it conceals itself from the Window...

Critical Microsoft Code-Execution Vulnerability

A critical code-execution vulnerability in Microsoft Windows was patched in September. It seems that researchers just realized how serious it was and is: Like EternalBlue, CVE-2022-37958, as the latest vulnerability is tracked, allows attackers to execute malicious code with no authentication...

4 over-hyped security vulnerabilities of 2022

A critical vulnerability can send countless organizations into chaos, as security teams read up on the vulnerability, try to figure out whether it applies to their systems, download any potential patches, and deploy those fixes to affected machines. But a lot can go wrong when a vulnerability is...

Microsoft Reclassifies SPNEGO Extended Negotiation Security Vulnerability as 'Critical'

Microsoft has revised the severity of a security vulnerability it originally patched in September 2022, upgrading it to "Critical" after it emerged that it could be exploited to achieve remote code execution. Tracked as CVE-2022-37958 CVSS score: 8.1, the flaw was previously described as an...

USB-based Wormable Raspberry Robin Malware Targeting Windows Installer

By Deeba Ahmed The malware Raspberry Robin is distributed via external drives and uses Microsoft Standard installer to execute malicious commands.… This is a post from HackRead.com Read the original post: USB-based Wormable Raspberry Robin Malware Targeting Windows Installer...

USB-based Wormable Malware Targets Windows Installer

Credit: Red Canary Wormable malware dubbed Raspberry Robin has been active since last September and is wriggling its way through USB drives onto Windows machines to use Microsoft Standard Installer and other legitimate processes to install malicious files, researchers have found. Researchers at...

Microsoft Patch Tuesday, April 2022 Edition

Microsoft on Tuesday released updates to fix roughly 120 security vulnerabilities in its Windows operating systems and other software. Two of the flaws have been publicly detailed prior to this week, and one is already seeing active exploitation, according to a report from the U.S. National...

Microsoft Zero-Days, Wormable Bugs Spark Concern

Microsoft has released patches for 128 security vulnerabilities for its April 2022 monthly scheduled update – ten of them rated critical including three wormable code-execution bugs that require no user interaction to exploit. There are also two important-rated zero-days that allow privilege...

DirtyMoe Botnet Gains New Exploits in Wormable Module to Spread Rapidly

The malware known as DirtyMoe has gained new worm-like propagation capabilities that allow it to expand its reach without requiring any user interaction, the latest research has found. "The worming module targets older well-known vulnerabilities, e.g., EternalBlue and Hot Potato Windows privilege...

The Bug Report - January 2022 Edition

The Bug Report - January 2022 By Trellix · February 2, 2022 This story was written by Kevin McGrath Your Cybersecurity Comic Relief Image courtesy of https://toggl.com/ Why am I here? Omicron is the 15th letter in the Greek alphabet, used by Donald Knuth to denote Big-O notation, represented zero...

Exploit for CVE-2022-21907

This is a PoC exploit for CVE-2022-21907, a HTTP Protocol Stack...

First Patch Tuesday of 2022 Brings Fix for a Critical 'Wormable' Windows Vulnerability

Microsoft on Tuesday kicked off its first set of updates for 2022 by plugging 96 security holes across its software ecosystem, while urging customers to prioritize patching for what it calls a critical "wormable" vulnerability. Of the 96 vulnerabilities, nine are rated Critical and 89 are rated...

‘Wormable’ Flaw Leads January 2022 Patch Tuesday

Microsoft today released updates to plug nearly 120 security holes in Windows and supported software. Six of the vulnerabilities were publicly detailed already, potentially giving attackers a head start in figuring out how to exploit them in unpatched systems. More concerning, Microsoft warns tha...

Microsoft Faces Wormable, Critical RCE Bug & 6 Zero-Days

Microsoft has addressed a total of 97 security vulnerabilities in its January 2022 Patch Tuesday update – nine of them rated critical – including six that are listed as publicly known zero-days. The fixes cover a swath of the computing giant’s portfolio, including: Microsoft Windows and Windows...