Aggregator

CVE-2025-62472 | Microsoft Windows up to Server 2025 Remote Access Connection Manager uninitialized resource

VulDB Recent Entries
2 weeks 6 days ago
A vulnerability was found in Microsoft Windows. It has been classified as critical. This affects an unknown part of the component Remote Access Connection Manager. Performing manipulation results in uninitialized resource. This vulnerability was named CVE-2025-62472. The attack needs to be approached locally. There is no available exploit. To fix this issue, it is recommended to deploy a patch.
vuldb.com

CVE-2025-62470 | Microsoft Windows up to Server 2025 Common Log File System Driver heap-based overflow

VulDB Recent Entries
2 weeks 6 days ago
A vulnerability was found in Microsoft Windows and classified as critical. Affected by this issue is some unknown functionality of the component Common Log File System Driver. Such manipulation leads to heap-based buffer overflow. This vulnerability is uniquely identified as CVE-2025-62470. Local access is required to approach this attack. No exploit exists. A patch should be applied to remediate this issue.
vuldb.com

CVE-2025-62469 | Microsoft Windows 11 24H2/11 25H2/Server 2025 Brokering File System race condition

VulDB Recent Entries
2 weeks 6 days ago
A vulnerability has been found in Microsoft Windows 11 24H2/11 25H2/Server 2025 and classified as critical. Affected by this vulnerability is an unknown functionality of the component Brokering File System. This manipulation causes race condition. This vulnerability is handled as CVE-2025-62469. It is possible to launch the attack on the local host. There is not any exploit available. It is suggested to install a patch to address this issue.
vuldb.com

Makop Ransomware Exploits RDP Systems with AV Killer and Other Exploits

Cyber Security News
2 weeks 6 days ago

Makop ransomware, a strain of the Phobos malware family first spotted in 2020, continues to evolve into a significant threat to businesses worldwide. Recent analysis reveals that attackers are combining brute-force RDP attacks with sophisticated privilege escalation techniques and security bypass tools to compromise organizations. The majority of attacks, representing 55 percent of all incidents, […]

The post Makop Ransomware Exploits RDP Systems with AV Killer and Other Exploits appeared first on Cyber Security News.

Tushar Subhra Dutta

Threat Actors Poisoning SEO Results to Attack Organizations With Fake Microsoft Teams Installer

Cyber Security News
2 weeks 6 days ago

A sophisticated cyber campaign is exploiting search engine optimization (SEO) to distribute a malicious installer disguised as Microsoft Teams, targeting unsuspecting organizations. This campaign, active since November 2025, uses a fake Microsoft Teams website to lure users into downloading a trojanized application, which then deploys the “ValleyRAT” malware. This malware gives attackers remote control over […]

The post Threat Actors Poisoning SEO Results to Attack Organizations With Fake Microsoft Teams Installer appeared first on Cyber Security News.

Tushar Subhra Dutta

Ivanti Security Update: Patch for Code Execution Vulnerabilities in Endpoint Manager

Cyber Security News
2 weeks 6 days ago

Ivanti has officially released urgent security updates for its Endpoint Manager (EPM) solution to address four distinct security flaws. The latest advisory highlights one critical vulnerability and three high-severity issues that could allow attackers to execute arbitrary code, write files on the server, or bypass security restrictions. While the company confirmed that it is not […]

The post Ivanti Security Update: Patch for Code Execution Vulnerabilities in Endpoint Manager appeared first on Cyber Security News.

Guru Baran

Managed ad