Windows Security Archives • Information Security News

GhostLock: The No-Encryption “Ransomware” That Can Paralyze Windows File Servers in Minutes ghost

GhostLock: The No-Encryption “Ransomware” That Can Paralyze Windows File Servers in Minutes

ddos May 13, 2026

A security researcher has demonstrated an unconventional method to paralyze Windows file servers without resorting to data...

Living Off The Registry: Master AD CS Enumeration with the Native LOLBAS Toolkit AD CS LOLBAS toolkit

Living Off The Registry: Master AD CS Enumeration with the Native LOLBAS Toolkit

ddos May 6, 2026

AD CS LOLBAS Toolkit Native Windows toolkit for AD CS enumeration and exploitation. Everything runs through built-in...

Beyond Static Analysis: Hunt, Filter, and Confirm Hijacks with DLLHijackHunter DLLHijackHunter tool

Beyond Static Analysis: Hunt, Filter, and Confirm Hijacks with DLLHijackHunter

ddos May 4, 2026

DLLHijackHunter is an automated Windows DLL hijacking detection tool that goes beyond static analysis. It discovers, validates, and...

WhatsApp NUL byte vulnerability NSO WhatsApp Appeal WhatsApp Scraping WhatsApp surveillance NSO Group Translate WhatsApp zero-day Supply Chain Attack WhatsApp Ban WhatsApp Russia

WhatsApp Patches “NUL Byte” Flaw and AI Media Exploits Across Windows, iOS, and Android

ddos May 4, 2026

WhatsApp has remediated two vulnerabilities within its messaging architecture following disclosures through Meta’s bug bounty program. Both...

The “Unpatchable” Ghost: How PhantomRPC Turns Windows Architecture Against Itself for SYSTEM Control

ddos April 27, 2026

Security researchers at Kaspersky Lab have identified a surreptitious methodology within Windows to obtain absolute systemic hegemony—a...

Zero-Exfil Hijacking: How VMkatz Rips Windows Credentials Directly from VM Snapshots Virtual Machine Credential Extraction

Zero-Exfil Hijacking: How VMkatz Rips Windows Credentials Directly from VM Snapshots

ddos April 16, 2026

VMkatz Extract Windows credentials directly from VM memory snapshots and virtual disks You are three weeks into...

The 21 Phantom Servers: How a Tiny Botnet Just Hijacked Global RDP Reconnaissance

ddos April 14, 2026

A diminutive cluster of servers has managed, in a matter of mere hours, to redraw the conventional...

The Trust Trap: How Cyber Marauders Are Turning WhatsApp Into a Windows Infection Engine Infection chain illustrating the execution flow of a VBS-based malware campaign

Infection chain illustrating the execution flow of a VBS-based malware campaign

The Trust Trap: How Cyber Marauders Are Turning WhatsApp Into a Windows Infection Engine

ddos April 3, 2026

In the waning days of February 2026, cyber adversaries inaugurated a nascent campaign characterized by an unorthodox...

The 8-Year Sleeper: How IoliteLabs’ Solidity Extensions Became a Web3 Nightmare

ddos April 1, 2026

The clandestine update of an antiquated Visual Studio Code extension has precipitously metamorphosed into a targeted siege...

The Invisible Key-Snatcher: How VoidStealer’s Hardware Breakpoints Shatter Chrome’s Latest Defenses Application-Bound Encryption schema

The Invisible Key-Snatcher: How VoidStealer’s Hardware Breakpoints Shatter Chrome’s Latest Defenses

ddos March 23, 2026

Malicious software designed to pillage browser data has once again circumvented Google’s defensive measures, albeit with a...

Connecting the Dots: PrivHound Transforms Windows Local Privilege Escalation into an Explorable Graph

ddos March 8, 2026

PrivHound Local Privilege Escalation, as a Graph. A BloodHound OpenGraph collector that models Windows local privilege escalation...

Beyond the Memory: How LSA Whisperer BOF Bypasses PPL and Credential Guard Without Touching LSASS

ddos February 23, 2026

LSA Whisperer BOF A Cobalt Strike Beacon Object File (BOF) port of LSA Whisperer — the tool that talks...

Blinding the Watchmen: How “GhostLocker” Weaponizes Windows AppLocker to Paralyze EDR

ddos February 6, 2026

A critical subversion of the Windows application control mechanism has been unearthed, involving the exploitation of AppLocker...

Pipe Dreams Turned Nightmare: Remote Code Execution via Quest KACE Desktop Authority ASUS Router WrtHug CVE-2025-13223 CVE-2025-59367 ImunifyAV RCE AI Browser Security, Agentic Vulnerabilities Windows SMB Poland Cybersecurity Ivanti vulnerability Plex Data breach Salesforce TheTruthSpy spyware Matrix protocol Car Security Go Packages IoT Vulnerabilities Scattered Spider Smishing

ASUS Router WrtHug CVE-2025-13223 CVE-2025-59367 ImunifyAV RCE AI Browser Security, Agentic Vulnerabilities Windows SMB Poland Cybersecurity Ivanti vulnerability Plex Data breach Salesforce TheTruthSpy spyware Matrix protocol Car Security Go Packages IoT Vulnerabilities Scattered Spider Smishing

Pipe Dreams Turned Nightmare: Remote Code Execution via Quest KACE Desktop Authority

ddos February 5, 2026

A critical Remote Code Execution (RCE) vulnerability has been unearthed within the enterprise solution Quest KACE Desktop...

LSASS-Free Larceny: Extracting NTLMv1 Hashes with DumpGuard BOF Remote Credential Guard exploit

LSASS-Free Larceny: Extracting NTLMv1 Hashes with DumpGuard BOF

ddos January 12, 2026

DumpGuard BOF Beacon Object File (BOF) port of DumpGuard for extracting NTLMv1 hashes from sessions on modern...

The Apex Breach: Critical Trend Micro RCE Grants Attackers SYSTEM Control ASUS Router WrtHug CVE-2025-13223 CVE-2025-59367 ImunifyAV RCE AI Browser Security, Agentic Vulnerabilities Windows SMB Poland Cybersecurity Ivanti vulnerability Plex Data breach Salesforce TheTruthSpy spyware Matrix protocol Car Security Go Packages IoT Vulnerabilities Scattered Spider Smishing

The Apex Breach: Critical Trend Micro RCE Grants Attackers SYSTEM Control

ddos January 12, 2026

Trend Micro has remediated a critical vulnerability within the on-premise iteration of Apex Central, a flaw that...

Windows Security

GhostLock: The No-Encryption “Ransomware” That Can Paralyze Windows File Servers in Minutes

Living Off The Registry: Master AD CS Enumeration with the Native LOLBAS Toolkit

Beyond Static Analysis: Hunt, Filter, and Confirm Hijacks with DLLHijackHunter

WhatsApp Patches “NUL Byte” Flaw and AI Media Exploits Across Windows, iOS, and Android

The “Unpatchable” Ghost: How PhantomRPC Turns Windows Architecture Against Itself for SYSTEM Control

Zero-Exfil Hijacking: How VMkatz Rips Windows Credentials Directly from VM Snapshots

The 21 Phantom Servers: How a Tiny Botnet Just Hijacked Global RDP Reconnaissance

The 8-Year Sleeper: How IoliteLabs’ Solidity Extensions Became a Web3 Nightmare

The Invisible Key-Snatcher: How VoidStealer’s Hardware Breakpoints Shatter Chrome’s Latest Defenses

Connecting the Dots: PrivHound Transforms Windows Local Privilege Escalation into an Explorable Graph

Blinding the Watchmen: How “GhostLocker” Weaponizes Windows AppLocker to Paralyze EDR

Pipe Dreams Turned Nightmare: Remote Code Execution via Quest KACE Desktop Authority

LSASS-Free Larceny: Extracting NTLMv1 Hashes with DumpGuard BOF

The Apex Breach: Critical Trend Micro RCE Grants Attackers SYSTEM Control

You may have missed

The War for Your Documents: Why The Document Foundation is Challenging Microsoft’s OOXML Monopoly

Urgent Patch: Microsoft Defender Update Fixes Critical SYSTEM-Level Privilege Escalation Flaw

The Pre-Boot Breach: Microsoft Releases Critical Emergency Script to Defend Against “YellowKey” BitLocker Bypass

The Reddit Clone: Meta Secretly Launches “Forum” App to Unbundle Facebook Groups