CyberVolk, a pro-Russian hacktivist group, has launched a new ransomware-as-a-service (RaaS) called VolkLocker, which has a significant flaw. Researchers from SentinelOne discovered that VolkLocker contains a hard-coded master key, allowing victims to decrypt their files without paying the ransom. This ransomware, which surfaced in August 2025, targets Windows systems and is part of an ongoing trend of ransomware attacks that can disrupt businesses and individuals alike. The presence of this flaw means that while the ransomware may still be a concern, victims have a potential way to recover their data without succumbing to the attackers' demands. This incident underscores the ongoing battle between cybercriminals and security researchers, as vulnerabilities in ransomware can lead to unexpected outcomes for victims.
Articles tagged "Windows"
Found 25 articles
BleepingComputer
A new zero-day vulnerability has been discovered in Windows that affects the Remote Access Connection Manager (RasMan) service, allowing attackers to crash it. This flaw could disrupt remote access services for users and organizations relying on Windows systems. Unofficial patches have been made available for users who want to mitigate the risk before an official fix is released. As this vulnerability is a zero-day, it is crucial for affected users to apply these patches promptly to avoid potential exploitation. The issue underscores the need for vigilance in maintaining system security, especially for those using Windows.
Hackread – Cybersecurity News, Data Breaches, Tech, AI, Crypto and More
The JS#SMUGGLER campaign is a sophisticated web attack that employs obfuscated JavaScript and hidden HTA files to deploy the NetSupport RAT on Windows desktops. This malware allows attackers to gain full remote control over infected systems, posing a significant threat to user security and privacy.
The KB5070311 update for Windows 11 addresses critical issues such as File Explorer freezes and search problems, enhancing overall system stability and performance. This update includes 49 changes aimed at improving user experience and resolving known bugs.
BleepingComputer
Microsoft has alerted users that FIDO2 security keys may require a PIN for sign-in following recent Windows updates since September 2025. This change could affect user experience and security practices, particularly for those relying on these security keys for authentication.
A new cybersecurity campaign is utilizing fake Windows update pop-ups on adult websites to trick users into executing malicious commands. This method combines ClickFix lures with phishing tactics, posing a significant risk to users who visit these sites.
All CISA Advisories
The article discusses a vulnerability in Opto 22's groov View that allows for the exposure of sensitive information through metadata, potentially leading to credential and key exposure as well as privilege escalation. This vulnerability, assigned CVE-2025-13084, has a CVSS v4 score of 6.1 and affects multiple versions of groov View, necessitating immediate remediation to mitigate risks.
The ShadowPad malware is exploiting a recently patched vulnerability in Microsoft Windows Server Update Services (WSUS), identified as CVE-2025-59287, allowing attackers to gain full system access. This exploitation highlights the critical need for organizations to promptly apply security updates to vulnerable systems to prevent unauthorized access.
The Tsundere botnet, targeting Windows users, is expanding and capable of executing arbitrary JavaScript code from a command-and-control server. This poses a significant threat to users, as the botnet's propagation methods remain unclear, indicating a potential for widespread exploitation.
The report highlights the evolving landscape of IT threats in Q3 2025, focusing on malware targeting Windows and macOS personal computers, as well as IoT devices. This indicates a growing severity of cyber threats that could have significant implications for users and organizations relying on these systems.