Windows Security Archives • Page 3 of 4 • Daily CyberSecurity

Windows DWM Flaw Lets Local Users Paint Their Way to SYSTEM Privileges, PoC Publishes

Netlogon RCE vulnerability Exploited in the wild Secure Boot certificate renewal 2026, Windows 11 UEFI update Community-First AI Infrastructure, Microsoft self-funding energy mandate aka.ms/aoh online portal CVE-2025-55681, Windows DWM Elevation Windows Administrator Protection, CVE-2025-60718 Microsoft AI Compute, IREN Infrastructure Microsoft Japan PPA, Renewable Energy Microsoft AI Investment, Cloud Expansion Microsoft Azure, Startup Credits Infinite Workday, AI in Work Microsoft Russia, Bankruptcy AI code generation, Microsoft AI Microsoft Layoffs, Restructuring

Windows DWM Flaw Lets Local Users Paint Their Way to SYSTEM Privileges, PoC Publishes

Do Son December 23, 2025

A newly discovered vulnerability in the heart of the Windows visual experience has been patched by Microsoft,...

Apache HTTP Server 2.4.66 Fixes SSRF Flaw (CVE-2025-59775) Exposing NTLM Hashes on Windows and suexec Bypass CVE-2024-40725 & CVE-2024-40898 Apache SSRF NTLM Leak, suexec Bypass

CVE-2024-40725 & CVE-2024-40898 Apache SSRF NTLM Leak, suexec Bypass

Apache HTTP Server 2.4.66 Fixes SSRF Flaw (CVE-2025-59775) Exposing NTLM Hashes on Windows and suexec Bypass

Do Son December 5, 2025

The Apache Software Foundation has rolled out a crucial update for the ubiquitous Apache HTTP Server, addressing...

High-Severity Splunk Flaw Allows Local Privilege Escalation via Incorrect File Permissions on Windows Splunk Enterprise Vulnerabilities CVE-2026-20240 Splunk RCE CVE-2026-20204 Splunk RCE Vulnerability CVE-2026-20163 Splunk Enterprise Vulnerabilities CVE-2026-20140 Splunk Permission Flaw, Local Privilege Escalation Splunk Vulnerabilities CVE-2024-53247 - Splunk Secure Gateway App CVE-2025-20229 & CVE-2025-20231

High-Severity Splunk Flaw Allows Local Privilege Escalation via Incorrect File Permissions on Windows

Do Son December 5, 2025

Splunk administrators managing Windows environments are being urged to patch immediately following the discovery of two high-severity...

PoC Exploit Releases for CVE-2025-60718 – Windows Administrator Protection Elevation of Privilege Vulnerability

Do Son December 1, 2025

A significant crack has been discovered in the armor of Windows Administrator Protection, potentially allowing low-privileged attackers...

CVE-2025-54918: Windows NTLM Elevation of Privilege Vulnerability Smart App Control blocking Armoury Crate, ROG Ally Defender false positive 2026 Microsoft Zero-Day, Cloud Files UAF Microsoft Access end of life CVE-2025-21298 Azure Vulnerabilities

Smart App Control blocking Armoury Crate, ROG Ally Defender false positive 2026 Microsoft Zero-Day, Cloud Files UAF Microsoft Access end of life CVE-2025-21298 Azure Vulnerabilities

CVE-2025-54918: Windows NTLM Elevation of Privilege Vulnerability

Do Son November 26, 2025

Just when administrators thought NTLM relay attacks were becoming a thing of the past, a dangerous new...

High-Severity Elastic Defend Flaw (CVE-2025-37735) Allows Local Attackers to Delete Arbitrary Files as SYSTEM Elastic Security Update CVE-2026-0532 Elastic Defend Arbitrary Delete, SYSTEM Privilege Escalation ECE Readonly EoP, Improper Authorization Elastic XSS, Kibana Vulnerabilities Elastic LPE, Observability Tools Vulnerabilities

High-Severity Elastic Defend Flaw (CVE-2025-37735) Allows Local Attackers to Delete Arbitrary Files as SYSTEM

Do Son November 10, 2025

Elastic has released security updates to address a serious flaw in Elastic Defend, its endpoint protection component...

NVIDIA acquisition rumors NVIDIA AI Security AI Framework Vulnerabilities Nvidia 595.76 Hotfix NVIDIA Megatron Bridge vulnerability GPU vs ASIC AI battle NVIDIA Driver Vulnerability CVE-2025-33217 NVIDIA biggest TSMC customer 2026, NVIDIA vs Apple TSMC revenue share NVIDIA CUDA Toolkit CVE-2025-33228 Groq NVIDIA licensing deal, Jonathan Ross acquihire 2025 NeMo Code Injection, AI Framework RCE NVIDIA App Privilege Escalation, CVE-2025-23358 NVIDIA Security Update, DLS Vulnerability CVE-2025-23316 NVIDIA NVDebug, vulnerabilities NVIDIA Driver Vulnerabilities, vGPU Security Nvidia Jetson, UEFI Vulnerabilities CVE-2024-0130 - CVE-2024-0136 CVE-2024-0148 NVIDIA Driver Support, Windows 10 EOL

High-Severity NVIDIA App Flaw (CVE-2025-23358) Allows Local Privilege Escalation on Windows

Do Son November 6, 2025

NVIDIA has released an important software security update for the NVIDIA App on Windows systems, addressing a...

Mustang Panda APT Uses Hidden DLL and EnumFontsW to Launch Stealthy Tibet-Themed Campaign axios Supply Chain Attack WAVESHAPER.V2 SnappyBee Malware Salt Typhoon Stately Taurus ScoringMathTea RAT, Lazarus Reflective DLL

axios Supply Chain Attack WAVESHAPER.V2 SnappyBee Malware Salt Typhoon Stately Taurus ScoringMathTea RAT, Lazarus Reflective DLL

Mustang Panda APT Uses Hidden DLL and EnumFontsW to Launch Stealthy Tibet-Themed Campaign

Do Son October 8, 2025

A new phishing campaign analyzed by malware researcher 0x0d4y has uncovered fresh insights into Mustang Panda’s evolving...

New Shuyal Stealer Malware Targets 19 Browsers, Disables Windows Task Manager for Stealth Shuyal Stealer, Task Manager Evasion

New Shuyal Stealer Malware Targets 19 Browsers, Disables Windows Task Manager for Stealth

Do Son October 8, 2025

Security researchers at Point Wild have uncovered a new information-stealing malware dubbed Shuyal Stealer, which pushes the...

CVE-2025-27237: Zabbix Agent Flaw Allows Local Privilege Escalation via OpenSSL DLL Injection CVE-2024-22120 Zabbix DLL Injection, CVE-2025-27237

CVE-2024-22120 Zabbix DLL Injection, CVE-2025-27237

CVE-2025-27237: Zabbix Agent Flaw Allows Local Privilege Escalation via OpenSSL DLL Injection

Do Son October 6, 2025

A newly disclosed vulnerability in the Zabbix Agent and Agent 2 for Windows could allow local attackers...

LNK Stomping: Attackers Bypass Windows Security by Stripping the ‘Mark of the Web’ LNK Stomping, MoTW Bypass

LNK Stomping: Attackers Bypass Windows Security by Stripping the ‘Mark of the Web’

Do Son September 26, 2025

Windows shortcut files (.LNK) were designed to simplify user navigation, but for years, they’ve been a favorite...

MostereRAT: The New RAT That Is Bypassing Antivirus and EDR Solutions MostereRAT, defense evasion

MostereRAT: The New RAT That Is Bypassing Antivirus and EDR Solutions

Do Son September 9, 2025

FortiGuard Labs has uncovered a sophisticated phishing campaign that deploys a new Remote Access Trojan (RAT) dubbed...

Beyond ClickFix: A New Attack Abuses Windows Search to Deliver MetaStealer ChaCha20 Cipher

Beyond ClickFix: A New Attack Abuses Windows Search to Deliver MetaStealer

Do Son September 2, 2025

For over a year, Huntress researchers have been tracking the rise of ClickFix attacks, a form of...

Windows 11 25H2 Dev Build Unveils Deeper 1Password Integration for Seamless Passkey Management Windows 11 Passkeys, 1Password Integration

Windows 11 25H2 Dev Build Unveils Deeper 1Password Integration for Seamless Passkey Management

Do Son June 29, 2025

In the latest release to the Windows Insider Dev Channel, Microsoft has unveiled the first preview build...

PoC Released for Notepad++ Flaw Enables Privilege Escalation to NT AUTHORITY\SYSTEM Notepad++ privilege escalation

PoC Released for Notepad++ Flaw Enables Privilege Escalation to NT AUTHORITY\SYSTEM

Do Son June 24, 2025

A new vulnerability, tracked as CVE-2025-49144, has been discovered in Notepad++ version 8.8.1 that allows local privilege...

XDSpy Resurfaces: Stealthy Cyber-Espionage Campaign Targets Governments with Obscure Windows LNK Flaw

Do Son June 19, 2025

After years of operating in near-total obscurity, the cyber-espionage group XDSpy has resurfaced in a sophisticated campaign...

Microsoft’s June 2025 Patch Tuesday: 2 Zero-Days, 69 Vulnerabilities Patched! Patch Tuesday, Microsoft Security

Microsoft’s June 2025 Patch Tuesday: 2 Zero-Days, 69 Vulnerabilities Patched!

Do Son June 10, 2025

Microsoft’s June 2025 Patch Tuesday rollout has addressed a substantial 69 vulnerabilities, including 10 critical and 57...

BitLocker Encryption Bypassed in Minutes via Bitpixie (CVE-2023-21563) – PoC Reveals High-Risk Attack Path BitLocker bypass, Bitpixie PoC

BitLocker Encryption Bypassed in Minutes via Bitpixie (CVE-2023-21563) – PoC Reveals High-Risk Attack Path

Do Son May 15, 2025

Security researchers have demonstrated a powerful software-only technique to bypass Microsoft BitLocker encryption—without needing a screwdriver, soldering...

Microsoft May 2025 Patch Tuesday Fixes 83 Vulnerabilities, Including 5 Exploited in the Wild Patch Tuesday, Zero-Day Exploits

Microsoft May 2025 Patch Tuesday Fixes 83 Vulnerabilities, Including 5 Exploited in the Wild

Do Son May 13, 2025

Microsoft’s May 2025 Patch Tuesday has addressed a total of 83 vulnerabilities across its product ecosystem, including...

Microsoft’s Patch for Symlink Exploit Introduces New Windows Update DoS Flaw inetpub vulnerability, Windows Update

Microsoft’s Patch for Symlink Exploit Introduces New Windows Update DoS Flaw

Do Son April 25, 2025

Previously, in an effort to patch security vulnerability (CVE-2025–21204) within the Windows operating system, Microsoft began creating...

Critical Alert 3 Active Exploits Detected Today

Critical Alert

Windows Security

Windows DWM Flaw Lets Local Users Paint Their Way to SYSTEM Privileges, PoC Publishes

Apache HTTP Server 2.4.66 Fixes SSRF Flaw (CVE-2025-59775) Exposing NTLM Hashes on Windows and suexec Bypass

High-Severity Splunk Flaw Allows Local Privilege Escalation via Incorrect File Permissions on Windows

PoC Exploit Releases for CVE-2025-60718 – Windows Administrator Protection Elevation of Privilege Vulnerability

CVE-2025-54918: Windows NTLM Elevation of Privilege Vulnerability

High-Severity Elastic Defend Flaw (CVE-2025-37735) Allows Local Attackers to Delete Arbitrary Files as SYSTEM

High-Severity NVIDIA App Flaw (CVE-2025-23358) Allows Local Privilege Escalation on Windows

Mustang Panda APT Uses Hidden DLL and EnumFontsW to Launch Stealthy Tibet-Themed Campaign

New Shuyal Stealer Malware Targets 19 Browsers, Disables Windows Task Manager for Stealth

CVE-2025-27237: Zabbix Agent Flaw Allows Local Privilege Escalation via OpenSSL DLL Injection

LNK Stomping: Attackers Bypass Windows Security by Stripping the ‘Mark of the Web’

MostereRAT: The New RAT That Is Bypassing Antivirus and EDR Solutions

Beyond ClickFix: A New Attack Abuses Windows Search to Deliver MetaStealer

Windows 11 25H2 Dev Build Unveils Deeper 1Password Integration for Seamless Passkey Management

PoC Released for Notepad++ Flaw Enables Privilege Escalation to NT AUTHORITY\SYSTEM

XDSpy Resurfaces: Stealthy Cyber-Espionage Campaign Targets Governments with Obscure Windows LNK Flaw

Microsoft’s June 2025 Patch Tuesday: 2 Zero-Days, 69 Vulnerabilities Patched!

BitLocker Encryption Bypassed in Minutes via Bitpixie (CVE-2023-21563) – PoC Reveals High-Risk Attack Path

Microsoft May 2025 Patch Tuesday Fixes 83 Vulnerabilities, Including 5 Exploited in the Wild

Microsoft’s Patch for Symlink Exploit Introduces New Windows Update DoS Flaw