A new, sophisticated malware campaign has been uncovered that leverages Microsoft’s Azure Functions for its command-and-control (C2) infrastructure, a novel technique that complicates detection and takedown efforts. According to the Dmpdump report, the malware, first identified from a file uploaded…
Category: Cyber Security News
Microsoft Patch for Old Flaw Reveals New Kernel Address Leak Vulnerability in Windows 11/Server 2022 24H2
A new kernel address leak vulnerability has been discovered in the latest versions of Windows 11 (24H2) and Windows Server 2022 (24H2). The flaw, identified as CVE-2025-53136, was ironically introduced by a Microsoft patch intended to fix a separate vulnerability,…
New Clickfix Attack Promises “Free WiFi” But Deliver Powershell Based Malware
The Cybersecuritynews researcher team uncovered a sophisticated social engineering campaign that is exploiting the public’s need for free internet access, using deceptive Wi-Fi portals to trick users into downloading and executing PowerShell-based malware. Dubbed the “Clickfix” attack, this method turns…
Apple Warns Of Series Mercenary Spyware Attacks Targeting Users’ Devices
Apple has issued a warning regarding highly sophisticated “mercenary spyware” attacks targeting a select group of its users. The company’s threat notification system is designed to alert and support individuals who may have been targeted due to their profession or…
Microsoft To Depreciate VBScript In Windows Warns Developers To Adapt Their Projects
Microsoft has officially announced a multi-phase plan to deprecate VBScript in Windows, a move that signals a significant shift for developers, particularly those working with Visual Basic for Applications (VBA). The change, first detailed in May 2024, will gradually phase…
Windows Defender Firewall Vulnerabilities Let Attackers Escalate Privileges
Microsoft has addressed four elevation of privilege vulnerabilities in its Windows Defender Firewall service, all rated as “Important” in severity. The security flaws were detailed in Microsoft’s September 9, 2025, security update release. If exploited, these vulnerabilities could allow an…
VirtualBox 7.2.2 Released With Fix For GUI Crashes On Virtual Machines (guests)
Oracle has released VirtualBox 7.2.2, a maintenance update for its open-source virtualization platform, focusing on improving stability and addressing a range of bugs. Released on September 10, 2025, this version comes as a follow-up to the major 7.2 release, which…
Apple Warns Of Series Mercenary Spyware Attacks Targeting Users Devices
Apple has issued a warning regarding highly sophisticated “mercenary spyware” attacks targeting a select group of its users. The company’s threat notification system is designed to alert and support individuals who may have been targeted due to their profession or…
Microsoft Exchange Online Outage for Users Accessing Email via Exchange Online Methods
Microsoft is investigating a significant Exchange Online service disruption that is preventing users in North and South America from accessing their mailboxes. The ongoing incident, tracked under the ID EX1151485 in the admin center, impacts all methods of connecting to…
Microsoft Teams Introduces Automatic Alerts for Malicious Links from Attackers
Microsoft to enhance security for its Teams platform by automatically warning users about malicious links in chat messages. The new feature, part of Microsoft Defender for Office 365, is designed to protect users from phishing, spam, and malware attacks by…