Signed software abused to deploy antivirus-killing scripts

A digitally signed adware tool has deployed payloads running with SYSTEM privileges that disabled antivirus protections on ...
The Hacker News

UAC-0247 Targets Ukrainian Clinics and Government in Data-Theft Malware Campaign

The Computer Emergencies Response Team of Ukraine (CERT-UA) has disclosed details of a new campaign that has targeted ...
CIO

Living off the Land attacks pose a pernicious threat for enterprises

Attackers aren't breaking into your house; they’re using your own spare key to hide in plain sight. We need to stop assuming ...

New AgingFly malware used in attacks on Ukraine govt, hospitals

A new malware family named 'AgingFly' has been identified in attacks against local governments and hospitals that steal ...
The Hacker News

SystemBC C2 Server Reveals 1,570+ Victims in The Gentlemen Ransomware Operation

SystemBC C2 exposed 1,570+ victims tied to The Gentlemen since July 2025, revealing expanding ransomware scale.
Dark Reading

Microsoft's Original Windows Secure Boot Certificate Is Expiring

The Secure Boot refresh is one of the largest coordinated security maintenance efforts across the Windows ecosystem, ...
Infosecurity Magazine

Researchers Spot Surge in Brute-Force Attacks from Middle East

Security researchers have detected a “sharp rise” in brute-force attempts to hijack SonicWall and Fortinet devices, with the ...
Infosecurity Magazine

Signed Adware Operation Disables Antivirus Across 23,000 Hosts

A signed software operation linked to a company called Dragon Boss Solutions LLC has reportedly been silently disabling ...
MUO on MSN

Finally, a feature that makes my Windows 11 Pro license worth it

Windows 11 Pro has always had a built-in hypervisor. I just didn't know about it — and it's better than VirtualBox in almost ...
Arabian Post

Formbook phishing turns stealth into scale

Two separate phishing campaigns are hitting organisations with Formbook, a long-running information stealer that continues to adapt its delivery methods to slip past traditional Windows defences. The ...
Arabian Post

Fake Adobe Reader lure turns remote tool rogue

Attackers are exploiting trust in Adobe’s brand to deliver covert remote access, using a fake Acrobat Reader download page to install ConnectWise ScreenConnect through a fileless, memory-heavy attack ...