security flaw Archives

AppWizard

February 19, 2026

Android AI app exposes nearly 2m user files – including private videos

A privacy breach involving the "Video AI Art Generator & Maker" app has exposed millions of private user files due to a misconfigured Google Cloud Storage bucket lacking authentication. Since June 2023, approximately 8.27 million media files, including nearly 2 million original user-uploaded files, have become publicly accessible. This includes over 1.57 million private images, more than 385,000 personal videos, and millions of AI-generated assets. The app's developer, Codeway Dijital Hizmetler Anonim Sirketi, has fixed the configuration issue, but users remain at risk for phishing attacks, identity theft, and misuse of their private content. Legal experts suggest the app's privacy documentation may not comply with international standards like GDPR. Additionally, Codeway has a history of similar issues, as another app they developed also faced a security breach exposing 300 million messages from over 25 million users.

Winsage

February 13, 2026

Microsoft: New Windows LNK spoofing issues aren’t vulnerabilities

Security researcher Wietze Beukema revealed vulnerabilities in Windows LK shortcut files at the Wild West Hackin' Fest, which could allow attackers to deploy harmful payloads. He identified four undocumented techniques that manipulate these shortcut files, obscuring malicious targets from users. The vulnerabilities exploit inconsistencies in how Windows Explorer handles conflicting target paths, allowing for deceptive file properties. One technique involves using forbidden Windows path characters to create misleading paths, while another manipulates LinkTargetIDList values. The most sophisticated method alters the EnvironmentVariableDataBlock structure to present a false target in the properties window while executing malicious commands in the background. Microsoft declined to classify the EnvironmentVariableDataBlock issue as a security vulnerability, stating that exploitation requires user interaction and does not breach security boundaries. They emphasized that Windows recognizes shortcut files as potentially dangerous and provides warnings when opening them. However, Beukema noted that users often ignore these warnings. The vulnerabilities share similarities with CVE-2025-9491, which has been exploited by various state-sponsored and cybercrime groups. Microsoft initially did not address CVE-2025-9491 but later modified LNK files to mitigate the vulnerability after it was widely exploited.

Tech Optimizer

January 10, 2026

Protect Yourself From the macOS Flaw that Bypasses Apple Privacy Controls

A newly identified macOS vulnerability, tracked as CVE-2025-43530, poses a significant risk by circumventing Apple’s privacy controls, potentially exposing users to malicious actors. This flaw arises from two vulnerabilities that allow hackers unauthorized access to systems by exploiting Apple-signed services and a timing gap in process verification. Hackers can execute AppleScript commands and access user files and microphone audio without triggering warnings. The VoiceOver screen reader service is a primary target for exploitation. Users are advised to update to macOS Tahoe 26.2, review app permissions, consider third-party antivirus solutions, and avoid downloading untrusted files to enhance security.

AppWizard

December 19, 2025

Riot Games found a motherboard security flaw that helps PC cheaters

Riot Games has identified a significant security vulnerability in recent motherboards that could be exploited by cheaters, allowing cheats to operate undetected and undermining competitive gaming integrity. Major motherboard manufacturers, including Asrock, Asus, Gigabyte, and MSI, have released BIOS updates to mitigate this issue. If unaddressed, the vulnerability would have rendered existing direct memory access (DMA) detection and prevention technologies ineffective. The vulnerability involves DMA hardware devices connecting via PCIe slots, which could bypass input-output memory management unit (IOMMU) protections. Riot's Vanguard anti-cheat software may soon require players to update their BIOS to continue playing Valorant, and other anti-cheat systems are likely to implement similar checks.

Winsage

December 15, 2025

Still running Windows 10? Here’s why that’s a bad idea

Hundreds of millions of computers are still using Windows 10, despite it reaching its end-of-support deadline. An Extended Security Updates (ESU) subscription is available for free until October 2026, providing updates to help protect against security threats. By early 2021, around 100 million PCs were still running Windows 7, which had ceased receiving updates in January 2020, making them vulnerable to cyberattacks from groups like Digital Shadows, LockBit, Conti, and Vice Society. Notable incidents include the PrintNightmare flaw in July 2021, which led Microsoft to issue a patch for Windows 7, and the WannaCry attack in 2017, which targeted Windows XP machines. Microsoft releases monthly security fixes, and vulnerabilities like CVE-2025-62215, identified in November 2025, have been categorized as "Exploitation Detected." While current vulnerabilities require local access, history suggests that remote attacks may soon occur, posing severe risks to unpatched systems.

Winsage

December 5, 2025

Microsoft Silently Fixes 8-Year Windows Security Flaw

Microsoft addressed a critical vulnerability in Windows, identified as CVE-2025-9491, which had existed for nearly eight years and allowed cybercriminals to conceal malicious commands within .LNK (shortcut) files. This flaw was exploited by state-sponsored hacking groups from countries including China, Iran, North Korea, and Russia, with evidence of nearly 1,000 malicious shortcut files used in various campaigns. The vulnerability was initially downplayed by Microsoft, which stated it did not require immediate servicing. However, as exploitation increased, Microsoft eventually included a fix in its November 2025 Patch Tuesday updates, which was not publicly announced. The fix allows the entire Target command to be displayed in the Properties dialog, addressing the security risk. Research indicated that around 70% of campaigns exploiting this flaw were focused on espionage and information theft across multiple sectors.

Tech Optimizer

November 11, 2025

Hackers Exploiting Triofox Flaw to Install Remote Access Tools via Antivirus Feature

A critical security vulnerability (CVE-2025-12480) has been identified in Gladinet's Triofox platform, allowing attackers to bypass authentication and access sensitive configuration pages. This vulnerability has a CVSS score of 9.1 and has been exploited by a threat cluster known as UNC6485 since August 24, 2025. Despite patches issued by Gladinet, attackers created a new admin account to execute malicious code, including a batch script that downloaded tools for remote access. They used these tools for reconnaissance and privilege escalation. Mandiant recommends that Triofox users update to the latest version and audit admin accounts.

Winsage

October 28, 2025

Windows 11 is getting a new trick to make your PC more reliable – and Microsoft has fixed a security flaw in File Explorer

A new preview build of Windows 11 in the Dev channel introduces Proactive Memory Diagnostics, which prompts users to conduct quick memory scans after restarts to prevent system crashes, now supporting both AMD and Intel CPUs. Additionally, a security vulnerability in File Explorer has been addressed by disabling the preview pane for files downloaded from the internet in Windows 11 versions 24H2 and 25H2, a change that has received mixed reactions from users.

Winsage

October 17, 2025

Denial of Fuzzing: Rust in the Windows kernel

Check Point Research (CPR) identified a significant security vulnerability in the Rust-based kernel component of the Graphics Device Interface (GDI) in Windows, reported to Microsoft in January 2025. The issue was resolved in OS Build 26100.4202, part of the KB5058499 update released on May 28, 2025. The vulnerability was discovered during a fuzzing campaign targeting the Windows graphics component through metafiles, revealing multiple security issues including information disclosure and arbitrary code execution. The specific bug was linked to a crash occurring during the execution of a NtGdiSelectClipPath syscall in the win32kbasers.sys driver, triggered by an out-of-bounds memory access when processing malformed metafile records. Microsoft classified the vulnerability as moderate severity and addressed it in a non-security update, implementing substantial changes to the affected kernel module.

Winsage

October 17, 2025

CISA Issues Warning Over Microsoft Windows Vulnerability Actively Exploited by Attackers

CVE-2025-59230 is a significant vulnerability affecting Microsoft Windows, classified as an improper access control flaw that allows authorized attackers to escalate their privileges on compromised systems. It is embedded within the Windows Remote Access Connection Manager and enables attackers to execute malicious code with elevated rights, access sensitive data, and move laterally across network segments. CISA added this vulnerability to its Known Exploited Vulnerabilities catalog on October 14, mandating federal civilian executive branch agencies to apply security patches by November 4, in accordance with Binding Operational Directive 22-01. Organizations are encouraged to apply Microsoft’s security updates promptly, follow BOD 22-01 guidance, and isolate affected systems if patches cannot be applied.