We value your privacy

We use cookies to enhance your browsing experience, serve personalized ads or content, and analyze our traffic. By clicking "Accept All", you consent to our use of cookies.

Customize Consent Preferences

We use cookies to help you navigate efficiently and perform certain functions. You will find detailed information about all cookies under each consent category below.

The cookies that are categorized as "Necessary" are stored on your browser as they are essential for enabling the basic functionalities of the site. ... 

Always Active

Necessary cookies are required to enable the basic features of this site, such as providing secure log-in or adjusting your consent preferences. These cookies do not store any personally identifiable data.

No cookies to display.

Functional cookies help perform certain functionalities like sharing the content of the website on social media platforms, collecting feedback, and other third-party features.

No cookies to display.

Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics such as the number of visitors, bounce rate, traffic source, etc.

No cookies to display.

Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.

No cookies to display.

Advertisement cookies are used to provide visitors with customized advertisements based on the pages you visited previously and to analyze the effectiveness of the ad campaigns.

No cookies to display.

NewApp Digest
search bot

hackers

Microsoft Scripting Engine 0-Day Vulnerability Enables Remote Code Execution Over Network
Winsage
May 14, 2025

Microsoft Scripting Engine 0-Day Vulnerability Enables Remote Code Execution Over Network

Microsoft has identified a memory corruption vulnerability in its Scripting Engine, designated as CVE-2025-30397. This vulnerability allows unauthorized remote code execution and is classified as “Important” under CWE-843 (Type Confusion). It was disclosed in the May 2025 Patch Tuesday updates and arises from improper handling of resource types. Exploitation occurs when a user clicks a specially crafted URL in Microsoft Edge's Internet Explorer Mode, potentially compromising system confidentiality, integrity, and availability. Although the attack complexity is high, successful exploitation has been confirmed in the wild. Microsoft has issued patches for all supported Windows versions, and users are advised to apply these updates and consider disabling Internet Explorer Mode to reduce risk.
Windows DWM 0-Day Vulnerability Allows Attackers to Escalate Privileges
Winsage
May 14, 2025

Windows DWM 0-Day Vulnerability Allows Attackers to Escalate Privileges

Microsoft has addressed a zero-day vulnerability in the Windows Desktop Window Manager (DWM) Core Library, identified as CVE-2025-30400, which allows attackers to gain SYSTEM-level privileges on affected systems. This "Elevation of Privilege" vulnerability, arising from a "use-after-free" memory corruption issue, was actively exploited prior to the release of a patch on May 13, 2025. The vulnerability permits an authorized attacker to execute code with SYSTEM privileges by exploiting improper memory management within the DWM process. Microsoft classified the severity of this vulnerability as "Important" and assigned it a CVSS score of 7.8. Users and administrators are strongly advised to apply the latest updates to mitigate the risk of exploitation.
Warning — Microsoft Windows Defender Can Be Disabled By Hackers
Winsage
May 12, 2025

Warning — Microsoft Windows Defender Can Be Disabled By Hackers

A critical cloud security vulnerability rated 10/10 has been reported for Microsoft users, along with persistent denial of service attacks affecting Windows and warnings about password theft. A new tool called Defendnot has been released, which can disable Windows Defender, Microsoft's antivirus protection. Developed by a security researcher known as es3n1n, Defendnot simplifies the process of bypassing Windows Defender by tricking it into disabling itself. It uses undocumented application programming interfaces (APIs) to convince Windows Defender that another antivirus solution is present, without relying on third-party antivirus code. The availability of Defendnot poses a significant risk, potentially aiding malicious actors.
Scrutinizing the security of messaging apps continues.
AppWizard
May 11, 2025

Scrutinizing the security of messaging apps continues.

Customs and Border Protection (CBP) and the White House are facing scrutiny over security vulnerabilities in their messaging application. Hacktivists breached GlobalX, the airline handling U.S. deportation flights, exposing sensitive flight manifests. The FBI warned about threats exploiting outdated routers. Pearson confirmed a cyberattack compromising customer data. Research shows cybercriminals are using Windows Remote Management (WinRM) for lateral movements in Active Directory environments. A new email attack campaign is delivering a Remote Access Trojan (RAT) via malicious PDF invoices. A zero-day vulnerability in SAP NetWeaver allows remote code execution, affecting multiple sectors. An Indiana health system reported a data breach affecting nearly 263,000 individuals.
Microsoft’s New Windows Update — 1 Billion Users Warned: Do Not Delete
Winsage
May 10, 2025

Microsoft’s New Windows Update — 1 Billion Users Warned: Do Not Delete

Windows users are facing security challenges, including zero-day vulnerabilities and hackers bypassing Windows Defender. Microsoft has removed VPN provisions for Windows Defender and discontinued security support for Windows 10, but users can upgrade to Windows 11 for free. Following the April 8 Patch Tuesday updates, a new folder named "inetpub" appeared on user devices, which Microsoft has warned users not to delete, as it is essential for security protections. This folder is generated after installing updates and is traditionally associated with the Internet Information Services (IIS) web server platform, regardless of whether IIS is installed. If users have deleted the inetpub folder, it can be restored by enabling IIS through the Windows Control Panel.
Hackers Using Windows Remote Management to Stealthily Navigate Active Directory Network
Winsage
May 10, 2025

Hackers Using Windows Remote Management to Stealthily Navigate Active Directory Network

Threat actors are exploiting Windows Remote Management (WinRM) to navigate through Active Directory environments stealthily, allowing them to bypass detection systems, escalate privileges, and deploy malicious payloads. WinRM operates on HTTP port 5985 and HTTPS port 5986, enabling remote command execution and management tasks. Attackers can gain access through compromised credentials and use WinRM-enabled PowerShell commands for reconnaissance, deploying payloads while evading detection. The attack chain includes initial access, reconnaissance, payload deployment, persistence, and lateral movement, often utilizing techniques that obfuscate malicious activities. Detecting such attacks is challenging due to the use of built-in Windows functionalities and encrypted channels. Recommended mitigation strategies include monitoring for unusual activity, restricting WinRM access, enforcing credential hygiene, and implementing advanced monitoring solutions.
Ransomware hackers target a new Windows security flaw to hit businesses
Winsage
May 8, 2025

Ransomware hackers target a new Windows security flaw to hit businesses

Several ransomware groups, including RansomEXX and Play, are exploiting a zero-day vulnerability in the Windows Common Log File System to elevate system privileges and deploy malware. This flaw was identified and patched during Microsoft's Patch Tuesday update in April 2024.
This Is a Mac-Only Antivirus Software, And It Is Your Ultimate Shield Against Hackers (Now 60% Off)
Tech Optimizer
May 8, 2025

This Is a Mac-Only Antivirus Software, And It Is Your Ultimate Shield Against Hackers (Now 60% Off)

Cyberattacks are increasingly common due to psychological warfare among global powers. Macs are vulnerable to these attacks, necessitating effective antivirus solutions. Intego is the only antivirus software developed specifically for macOS, offering two packages: Mac Internet Security and Mac Premium Bundle. The Mac Internet Security suite includes real-time antivirus protection, a customizable firewall, and anti-phishing features, priced at .99 for one Mac or .99 for three Macs during the first year. The Mac Premium Bundle adds features like system cleanup, parental management, and automated backups, starting at .99 for one Mac or .99 for three Macs in the first year. Intego is designed specifically for Apple computers, providing lightweight, effective protection with minimal impact on system performance. It has a perfect malware detection score and offers a 30-day money-back guarantee. Users can also add a VPN subscription as Intego is associated with CyberGhost and ExpressVPN.
Signal clone used by Trump team hacked, GlobalX flight data leaked
AppWizard
May 8, 2025

Signal clone used by Trump team hacked, GlobalX flight data leaked

The messaging app TeleMessage, used by President Donald Trump’s national security advisor, has been suspended due to a reported security breach, raising concerns about the security of sensitive government communications. The app, a modified version of Signal, was halted after a hacker accessed message contents from its customized versions, although the communications of national security advisor Mike Waltz were reportedly not affected. TeleMessage's suspension follows a statement from its parent company, Smarsh, confirming an investigation into the security incident. Despite President Trump's criticism of Signal, the White House continues to defend it, highlighting its pre-installation on government devices. Concerns about privacy protections arise from TeleMessage's archiving features, which may compromise Signal's end-to-end encryption. Additionally, GlobalX, the airline involved in Trump’s deportation flights, experienced a hacking incident, resulting in the exposure of flight records and passenger lists.
Microsoft Offers Free Windows Upgrade To Stop 60% Of Attacks
Winsage
May 7, 2025

Microsoft Offers Free Windows Upgrade To Stop 60% Of Attacks

Microsoft will cease to provide feature or security updates for Windows 10 on October 14, 2025. Users upgrading to Windows 11 report a 62% reduction in security incidents. PCs must have a compatible TPM 2.0 module to upgrade to Windows 11 for free, but at least 240 million PCs may not meet these requirements. Microsoft is increasing communication about the upgrade, and Windows 11 usage has surpassed that of Windows 10 in the U.S. for the first time.
Search