Tag: Code Execution
-
Notepad++ Fixes WinGUp Vulnerability Exploited to Deliver Reconnaissance Malware
Notepad++ has released version 8.8.9 to remediate a weakness in its WinGUp (GUP.exe) update mechanism. Researchers and users had reported incidents in which the updater, instead of fetching a legitimate installer, downloaded and executed a foreign executable from the temporary directory. As a result, an unexpected file—%Temp%\AutoUpdater.exe—appeared on affected systems, where it conducted system reconnaissance…
-
LdrShuffle: Stealthy Code Execution via DLL EntryPoint Overwriting
LdrShuffle Stealthy code execution via modification of the EntryPoint of loaded modules at runtime. Summary Windows processses have various modules loaded at runtime. Each of theses modules has a DllMain() function defined, which will be invoked on process or thread creation/destruction (four possible scenarios). In order to properly call those functions during the lifetime of the process, the Windows…
-
Critical Unity Flaw CVE-2025-59489 Exposes Games Built Since 2017 to Local Code Execution
Researcher RyotaK of GMA Flatt Security discovered a serious vulnerability in the Unity game engine—tracked as CVE-2025-59489—which allows a co-resident application on the same device to inject additional command-line parameters into Unity games, creating an avenue to load malicious code alongside the game. The analysis was performed on Android devices, but the researcher warns the…
-
Chrome 141 Stable Released: Fixes High-Severity WebGPU and Video Heap Overflow Flaws
Google has released the stable version of Chrome 141.0.7390.54/55 for Windows, macOS, and Linux. The update will roll out over the coming days and weeks, addressing 21 security vulnerabilities of varying severity — including high, medium, and low-risk flaws. Developers strongly urge users to update their browsers as soon as possible to minimize the risk…