News

The Hacker News2d
New Windows Task Scheduler Bugs Let Attackers Bypass UAC and Tamper with Logs
"A [User Account Control] bypass vulnerability has been found in Microsoft Windows, enabling attackers to bypass the User ...
Microsoft's latest Windows security update creates an empty folder you should not delete
Recent Windows security updates released as part of April's Patch Tuesday introduced an unexpected change. After installing ...
What's the mysterious Windows 11 'inetpub' folder? Microsoft says you shouldn't delete it.
On Windows, Microsoft created the inetpub folder to fix a security vulnerability, so it's not a bug, and you shouldn't delete ...
Don't delete that mysterious 'inetpub' Windows folder, says Microsoft, as it's supposedly important for system security
Very specific parts of the internet were mystified earlier this month by an empty folder labelled "inetpub" turning up among ...
TechRadar on MSN9d
Hackers exploit zero-day Common Log File System vulnerability to plant ransomware
Cybercriminals are abusing a post-compromise zero-day vulnerability in the Windows Common Log File System (CLFS) to deploy ...
Krebs on Security11d
Tag Archives: Common Log File System
Microsoft today released updates to plug at least 121 security holes in its Windows operating systems and software, including one vulnerability that is already being exploited in the wild. Eleven of ...
Microsoft: April 2025 updates break Windows Hello on some PCs
Microsoft says some Windows users might be unable to log into their accounts via Windows Hello after installing the April ...
Microsoft: Windows CLFS zero-day exploited by ransomware gang
Microsoft says the RansomEXX ransomware gang has been exploiting a high-severity zero-day flaw in the Windows Common Log File System to gain SYSTEM privileges on victims' systems.
The Hacker News10d
PipeMagic Trojan Exploits Windows Zero-Day Vulnerability to Deploy Ransomware
CVE-2025-29824 exploited via PipeMagic malware escalated SYSTEM privileges, leading to targeted ransomware attacks.