Although Microsoft has patched multiple DLL load hijacking vulnerabilities since last summer, Windows and Internet Explorer 9 (IE9) can still be exploited, a security company warned today. Microsoft ...

The Iranian state-sponsored hacking group APT34, aka OilRig, has recently escalated its activities with new campaigns targeting government and critical infrastructure entities in the United Arab ...

A new wave of attacks by the DarkGate malware operation exploits a now-fixed Windows Defender SmartScreen vulnerability to bypass security checks and automatically install fake software installers.

ESET researchers discovered a previously unknown vulnerability in Mozilla products, exploited in the wild by Russia-aligned group RomCom. This is at least the second time that RomCom has been caught ...

A trio of zero-days headline Microsoft's May Patch Tuesday update, which offers a modest spring bouquet of 59 CVEs in total (just a third of last month's downpour of patches for admins to deal with).

Researchers have flagged a weakness they're tracking as CVE-2024-6769, calling it a combination user access control (UAC) bypass/privilege escalation vulnerability in Windows. It could allow an ...

Friday’s release of suspected NSA spying tools is bad news for companies running Windows Server. The cyberweapons, which are now publicly available, can easily hack older versions of the OS. The ...

The no-click exploit launched in October infected computers in Europe and North America with the RomCom backdoor when victims were redirected through attacker-controlled websites. A Russia-aligned ...

Less than 24 hours after Microsoft said it couldn't patch Windows to fix a systemic problem, attack code appeared Tuesday to exploit the company's software. Also on Tuesday, a security firm that's ...

ZDNET's key takeaways Millions of computers globally are still running Windows 10.Attackers are ready, willing, and able to exploit unpatched PCs.Signing up for extended security updates is a crucial ...