We value your privacy

We use cookies to enhance your browsing experience, serve personalized ads or content, and analyze our traffic. By clicking "Accept All", you consent to our use of cookies.

Customize Consent Preferences

We use cookies to help you navigate efficiently and perform certain functions. You will find detailed information about all cookies under each consent category below.

The cookies that are categorized as "Necessary" are stored on your browser as they are essential for enabling the basic functionalities of the site. ... 

Always Active

Necessary cookies are required to enable the basic features of this site, such as providing secure log-in or adjusting your consent preferences. These cookies do not store any personally identifiable data.

No cookies to display.

Functional cookies help perform certain functionalities like sharing the content of the website on social media platforms, collecting feedback, and other third-party features.

No cookies to display.

Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics such as the number of visitors, bounce rate, traffic source, etc.

No cookies to display.

Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.

No cookies to display.

Advertisement cookies are used to provide visitors with customized advertisements based on the pages you visited previously and to analyze the effectiveness of the ad campaigns.

No cookies to display.

NewApp Digest
search bot

exploitation

Microsoft has disabled a 'key feature' to enhance Windows security - The Times of India
Winsage
June 16, 2025

Microsoft has disabled a ‘key feature’ to enhance Windows security – The Times of India

Microsoft updated the Windows Hello face unlock functionality in April, which now fails to operate in low-light environments due to a strategic decision aimed at addressing a spoofing vulnerability. Users of Surface Laptops have reported frustrations as they can no longer access their devices using facial recognition in dark rooms. The update requires color cameras to see a visible face when signing in. Researchers from Nanyang Technological University identified a vulnerability in the system that allowed unauthorized access, although Microsoft categorized it as "important" and stated the likelihood of exploitation remains low. A temporary workaround for users is to disable the webcam through Windows 11's Device Manager, but this renders the camera unusable for other applications.
Update Windows Now — Microsoft Confirms System Takeover Danger
Winsage
June 16, 2025

Update Windows Now — Microsoft Confirms System Takeover Danger

CVE-2025-33073 is a Windows authentication relay attack vulnerability with a CVSS score of 8.8, indicating high severity. It allows attackers to gain SYSTEM privileges on affected systems. Currently, there is no evidence of active exploitation, but the public disclosure raises concerns. Exploitation involves executing a malicious script that makes the victim's machine connect to the attacker's system using SMB. Security researchers have described it as an authenticated remote command execution on machines that do not enforce SMB signing. Microsoft has released a fix as part of the June Patch Tuesday security updates to address this vulnerability.
Microsoft’s Windows Hello facial recognition no longer works in the dark
Winsage
June 16, 2025

Microsoft’s Windows Hello facial recognition no longer works in the dark

Microsoft updated its Windows Hello face unlock feature in April, requiring adequate lighting for functionality to address a security vulnerability. The facial recognition system now relies on color cameras to detect visible faces, making it ineffective in low-light conditions. Users can disable the webcam via Windows 11 Device Manager as a workaround, but this disables the camera for all applications. The security flaw was identified by researchers at Nanyang Technological University and classified by Microsoft as "important," though it has not been publicly disclosed or exploited. Inquiries about reinstating dark-room functionality in future updates are pending.
SAG-AFTRA board approves new contract
AppWizard
June 13, 2025

SAG-AFTRA board approves new contract

The SAG-AFTRA performers union has approved a tentative agreement with leading game companies, encouraging members to vote positively for ratification on June 18th. The new contract includes a 15.17% increase in compensation, annual raises of 3% from November 2025 through 2027, and an increase in health and retirement contributions from 16.5% to 17%, rising to 17.5% by October 2026. It provides protections against exploitation related to artificial intelligence, requiring consent for the use of digital likenesses and mandating their withdrawal during strikes. Safety provisions include the presence of a qualified medical professional during hazardous rehearsals and performances, as well as mandated rest periods for on-camera principal performers. Employers are prohibited from asking performers to undertake stunts during virtual auditions. The tentative agreement led to the suspension of strike action on June 11th.
Windows Task Scheduler Vulnerability Let Attackers Escalate Privileges
Winsage
June 12, 2025

Windows Task Scheduler Vulnerability Let Attackers Escalate Privileges

A critical security vulnerability, designated as CVE-2025-33067, has been identified in the Windows Task Scheduler, allowing attackers to escalate privileges to SYSTEM level access without prior administrative rights. This vulnerability is rated as "Important" with a CVSS score of 8.4 and is due to improper privilege management within the Windows Kernel’s task scheduling component. It affects multiple Windows versions, including Windows 10 (Versions 1607, 1809, 21H2, 22H2), Windows 11 (22H2, 23H2, 24H2), and Windows Server 2016-2025. Microsoft released security updates on June 10, 2025, to address this flaw across 27 different Windows configurations. The vulnerability requires local system access, no prior privileges, and no user interaction, making it particularly dangerous. Security researcher Alexander Pudwill discovered and disclosed the vulnerability.
UEFI BIOS flaws: SecureBoot bypass and firmware replacement possible
Winsage
June 12, 2025

UEFI BIOS flaws: SecureBoot bypass and firmware replacement possible

Recent findings have identified two vulnerabilities in various UEFI BIOS versions from multiple manufacturers, compromising the SecureBoot mechanism. These vulnerabilities allow attackers to bypass SecureBoot protections and replace firmware, particularly in Insyde BIOSes. The issues stem from unprotected NVRAM variables, specifically the "IhisiParamBuffer," which can be manipulated to execute unsigned UEFI binaries. Affected UEFI applications include "DTBios" and "BiosFlashShell" from DTResearch, with a CVSS score of 8.2. Microsoft has added 14 new hashes to its DBX database to mitigate these risks. Additionally, a vulnerability in the Insyde H2O UEFI firmware app allows attackers to infiltrate digital certificates due to the insecure handling of the "SecureFlashCertData" variable, which is incorrectly treated as trusted memory. This flaw, known as "Hydroph0bia," has a CVSS score of 7.8 and enables unauthorized execution of firmware certified with manipulated certificates. Manufacturers are urged to provide firmware updates to address these vulnerabilities, as inconsistent support for locking UEFI variables raises security concerns.
Experts warn of risks linked to period tracker apps
AppWizard
June 11, 2025

Experts warn of risks linked to period tracker apps

Academics from the University of Cambridge have raised concerns about the collection and commercialization of personal information through menstrual tracking applications, which have over 250 million downloads globally. These apps collect extensive data, including exercise, diet, medication, sexual preferences, hormone levels, and contraception use, making menstrual data valuable for consumer profiling. The report highlights that information on pregnancy status is particularly sought after in digital advertising, leading to risks of exploitation for targeted ads. If this data is misused, it could result in health insurance discrimination, employment risks, or domestic abuse. The researchers advocate for enhanced governance in the femtech industry, emphasizing the need for improved data security and meaningful user consent. They suggest that public health organizations develop alternatives to commercial tracking apps to prioritize user privacy and safety.
Microsoft warns of 66 flaws to fix for this Patch Tuesday
Winsage
June 11, 2025

Microsoft warns of 66 flaws to fix for this Patch Tuesday

Microsoft has announced a significant update addressing 66 vulnerabilities, including a zero-day vulnerability disclosed on the same day. Ten critical patches have been identified, with two currently being exploited. Microsoft is also patching older platforms like Windows Server 2008 and Internet Explorer. One critical vulnerability, CVE-2025-33053, has been exploited by the Stealth Falcon hacking group since March, allowing remote code execution via the WebDAV extension. Another critical vulnerability, CVE-2025-5419, affects the Chromium V8 JavaScript engine in Microsoft Edge. CVE-2025-33073 is an escalation of privilege vulnerability in the Windows SMB Client, with a CVSS score of 8.8. Four critical vulnerabilities in Microsoft Office include CVE-2025-47162, CVE-2025-47164, CVE-2025-47167, and CVE-2025-47953. Four critical remote code execution vulnerabilities include CVE-2025-47172, CVE-2025-29828, CVE-2025-32710, and CVE-2025-33071. Two elevation-of-privilege flaws are CVE-2025-47966 and CVE-2025-33070. Adobe has prioritized fixes for Adobe Commerce and Adobe's Experience Manager, addressing 254 CVEs. Adobe Acrobat users will receive ten fixes, including four critical ones. Fortinet has patched CVE-2023-42788 in FortiAnalyzer 7.4. SAP resolved 14 issues, with CVE-2025-42989 being the only critical patch, associated with the NetWeaver Application Server and a CVSS score of 9.6.
APT Hackers Exploited WebDAV 0-Day RCE Vulnerability in the Wild to Deploy Malware
Winsage
June 10, 2025

APT Hackers Exploited WebDAV 0-Day RCE Vulnerability in the Wild to Deploy Malware

A cyberattack campaign by the advanced persistent threat group Stealth Falcon targeted a prominent Turkish defense company using a zero-day vulnerability identified as CVE-2025-33053. This vulnerability allowed attackers to manipulate the working directory of legitimate Windows tools to execute malware from their WebDAV servers. The attack was initiated through a spear-phishing email containing a malicious .url file that directed the system to a legitimate Internet Explorer utility, which was then exploited to execute malicious files. The attackers employed process hollowing to bypass traditional defenses. Stealth Falcon, also known as FruityArmor, has been conducting cyber espionage since at least 2012, targeting government and defense sectors in Turkey, Qatar, Egypt, and Yemen. The attack involved a multi-stage infection chain leading to the deployment of "Horus Agent," a custom implant designed for advanced reconnaissance and equipped with anti-analysis techniques. Researchers identified additional custom tools used by Stealth Falcon, including a DC Credential Dumper and a custom keylogger. The group utilizes repurposed legitimate domains to blend their infrastructure with legitimate traffic, complicating detection efforts.
Search