CyberVolk, a pro-Russian hacktivist group, has launched a new ransomware-as-a-service (RaaS) called VolkLocker, which has a significant flaw. Researchers from SentinelOne discovered that VolkLocker contains a hard-coded master key, allowing victims to decrypt their files without paying the ransom. This ransomware, which surfaced in August 2025, targets Windows systems and is part of an ongoing trend of ransomware attacks that can disrupt businesses and individuals alike. The presence of this flaw means that while the ransomware may still be a concern, victims have a potential way to recover their data without succumbing to the attackers' demands. This incident underscores the ongoing battle between cybercriminals and security researchers, as vulnerabilities in ransomware can lead to unexpected outcomes for victims.
Articles tagged "Microsoft"
Found 48 articles
BleepingComputer
A new zero-day vulnerability has been discovered in Windows that affects the Remote Access Connection Manager (RasMan) service, allowing attackers to crash it. This flaw could disrupt remote access services for users and organizations relying on Windows systems. Unofficial patches have been made available for users who want to mitigate the risk before an official fix is released. As this vulnerability is a zero-day, it is crucial for affected users to apply these patches promptly to avoid potential exploitation. The issue underscores the need for vigilance in maintaining system security, especially for those using Windows.
Microsoft's new Copilot feature allows non-technical users to create AI agents without coding skills. While this democratizes access to AI, it raises significant concerns about data security. The capability for users to create these agents could inadvertently lead to the exposure of sensitive company data. Researchers warn that without proper safeguards, these no-code tools may become a vector for data leaks, putting organizations at risk. Companies will need to implement strict guidelines and monitoring to prevent misuse and protect their information.
Two malicious extensions on Microsoft's Visual Studio Code Marketplace have been found to deploy information-stealing malware on developers' machines. This malware is capable of taking screenshots, stealing credentials, and hijacking browser sessions, posing a significant threat to developers' security and privacy.
Hackread – Cybersecurity News, Data Breaches, Tech, AI, Crypto and More
The JS#SMUGGLER campaign is a sophisticated web attack that employs obfuscated JavaScript and hidden HTA files to deploy the NetSupport RAT on Windows desktops. This malware allows attackers to gain full remote control over infected systems, posing a significant threat to user security and privacy.
The KB5070311 update for Windows 11 addresses critical issues such as File Explorer freezes and search problems, enhancing overall system stability and performance. This update includes 49 changes aimed at improving user experience and resolving known bugs.
Hackread – Cybersecurity News, Data Breaches, Tech, AI, Crypto and More
Cato Networks has identified a new vulnerability known as HashJack, which exploits the '#' symbol in URLs to execute malicious commands in AI browsers. While Microsoft and Perplexity have addressed this flaw, Google's Gemini remains vulnerable, highlighting a significant risk for users of that platform.
Hackread – Cybersecurity News, Data Breaches, Tech, AI, Crypto and More
New research highlights a significant security vulnerability in Microsoft Teams B2B Guest Access, allowing attackers to circumvent Defender for Office 365 protections with just a single invitation. This flaw poses a serious risk of malware attacks on users, emphasizing the need for immediate attention to security protocols within the platform.
BleepingComputer
Microsoft has alerted users that FIDO2 security keys may require a PIN for sign-in following recent Windows updates since September 2025. This change could affect user experience and security practices, particularly for those relying on these security keys for authentication.
Microsoft is set to enhance the security of its Entra ID authentication system to protect against external script injection attacks starting in mid-to-late October 2026. This improvement aims to mitigate potential vulnerabilities that could be exploited by attackers to compromise user sign-ins.
A new cybersecurity campaign is utilizing fake Windows update pop-ups on adult websites to trick users into executing malicious commands. This method combines ClickFix lures with phishing tactics, posing a significant risk to users who visit these sites.
All CISA Advisories
The article discusses a vulnerability in Opto 22's groov View that allows for the exposure of sensitive information through metadata, potentially leading to credential and key exposure as well as privilege escalation. This vulnerability, assigned CVE-2025-13084, has a CVSS v4 score of 6.1 and affects multiple versions of groov View, necessitating immediate remediation to mitigate risks.
ToddyCat, a threat actor, has developed a new tool called TCSectorCopy to steal Outlook emails and Microsoft 365 access tokens by exploiting the OAuth 2.0 authorization protocol through users' browsers. This poses a significant threat to corporate email security, as it allows unauthorized access to sensitive information outside the compromised infrastructure.
Microsoft has raised concerns about the security risks associated with its new Agentic AI feature, highlighting the potential for AI agents to engage in malicious activities like data exfiltration and malware installation if not properly secured. This underscores the critical need for robust security controls to mitigate these risks.
The Hacker News
This week, significant cybersecurity threats emerged as hackers exploited new 0-day vulnerabilities in Fortinet and Chrome, infiltrating supply chains and SaaS tools. The rapid response from major companies like Microsoft, Salesforce, and Google highlights the severity of these attacks and the ongoing challenges in securing trusted applications and software updates.