All CosmicBytez Labs articles tagged #Windows, across news, security advisories, how-to guides, and projects.
Microsoft announced Coreutils for Windows at Build 2026, bringing widely used Linux command-line utilities — ls, grep, cat, awk, and more — to Windows as native applications without requiring WSL or third-party tools.
A critical stack-based buffer overflow vulnerability in Arm Whois 3.11 (CVSS 9.8) allows remote attackers to execute arbitrary code by supplying oversized input, overwriting the structured exception handler with shellcode.
An incorrect permission assignment vulnerability in Fujitsu ServerView Agents for Windows V11.60.04 and earlier allows a local authenticated attacker to escalate privileges to SYSTEM on the affected server.
Belgium's national cybersecurity authority (CCB) has issued an urgent warning that threat actors are actively exploiting a recently patched critical Windows Netlogon Remote Protocol vulnerability that allows unauthenticated remote code execution on domain controllers.
Use SQL to query your endpoints like a database. Deploy osquery across Linux and Windows hosts to surface process trees, network connections, user activity, and persistence mechanisms — then build detection queries for real-world threat hunting.
Microsoft publicly condemned unauthorized zero-day disclosures as 'never justifiable' after a security researcher published working proof-of-concept...
Strong AD passwords don't have to mean frustrated users — passphrases, breached-password checks, and self-service resets balance security and usability.
Microsoft has confirmed a new known issue affecting Windows Server 2016 systems where domain controller lookups fail after installing the KB5087537 May 2026.
A new technical analysis reveals that many Windows kernel-mode drivers can be exploited from user mode without the physical hardware they were designed...
Trend Micro has patched an Apex One zero-day vulnerability actively exploited in attacks targeting Windows systems. The flaw, discovered in the company's...
A new Windows kernel privilege escalation zero-day dubbed MiniPlasma, released by researcher Chaotic Eclipse, grants SYSTEM-level access on fully patched...
Pwn2Own Berlin 2026 has concluded with security researchers earning over $1.29 million in prizes after successfully exploiting 47 zero-day vulnerabilities...
A cybersecurity researcher has released a proof-of-concept exploit for a Windows privilege escalation zero-day dubbed MiniPlasma that lets attackers gain...
A supply chain attack compromised official DAEMON Tools Lite installation packages distributed from daemon-tools.cc between April 8 and May 5, 2026,...
On day two of Pwn2Own Berlin 2026, competitors demonstrated 15 unique zero-day vulnerabilities and collected $385,750 in awards, successfully exploiting...
A security researcher has publicly released two unpatched Windows zero-day exploits: YellowKey, a BitLocker bypass requiring physical access, and...
An anonymous researcher has publicly disclosed two new unpatched Windows zero-days — YellowKey enabling BitLocker bypass and GreenPlasma targeting CTFMON...
Microsoft's May 2026 Patch Tuesday addresses 137 vulnerabilities including nine critical flaws — but for the first time in two years, not a single...
Microsoft's May 2026 Patch Tuesday delivers security updates for 120 vulnerabilities across Windows, Edge, Office, Azure, and more — with no zero-days...
Microsoft's May 2026 Patch Tuesday addresses 138 security vulnerabilities across its product portfolio, including 30 rated Critical — with notable DNS...
A cybersecurity researcher has published proof-of-concept exploits for two unpatched Windows vulnerabilities — YellowKey (BitLocker bypass) and...
A malicious repository impersonating OpenAI's "Privacy Filter" project climbed to Hugging Face's trending list and delivered information-stealing malware...
The official website for JDownloader, one of the most widely-used open-source download managers, was compromised to distribute malicious Windows and Linux...
Native Windows app for managing Business Central Docker containers — log viewer, backup tooling, AI-powered troubleshooting via Claude, and an HNS-error.
Microsoft is testing a redesigned Run dialog for Windows 11 that brings dark mode support and improved performance over the legacy Win+R dialog that has...
CISA has added two actively exploited vulnerabilities to its Known Exploited Vulnerabilities catalog — CVE-2024-1708 affecting ConnectWise ScreenConnect...
The emerging Vect 2.0 ransomware — deployed against TeamPCP supply chain attack victims — permanently destroys files larger than 131KB due to a critical...
Threat hunters warn that VECT 2.0 ransomware contains a critical flaw in its encryption implementation that acts more like a wiper for files over 131KB...
A Microsoft Windows vulnerability originally patched in a prior Patch Tuesday was incompletely remediated, leaving a residual attack surface that...
Microsoft patched 77 security vulnerabilities in March 2026 with no actively exploited zero-days, a welcome reprieve following February's five-zero-day...
Microsoft released patches for 167 security vulnerabilities in April 2026, including an actively exploited SharePoint Server zero-day and the publicly...
Microsoft is rolling out a revamped Windows Insider Program experience as part of broader plans to address performance and reliability concerns affecting...
Microsoft is rolling out passkey support for phishing-resistant passwordless authentication to Microsoft Entra-protected resources from Windows devices...
Microsoft is rolling out Windows Update improvements that give users more control over how updates are installed while reducing disruption from frequent...
A new ransomware operation called Kyber is targeting Windows systems and VMware ESXi endpoints, with one variant implementing Kyber1024 post-quantum...
Microsoft's April 2026 Patch Tuesday addressed 169 CVEs — the second-largest monthly update in company history — including one actively exploited...
Microsoft's April 2026 Patch Tuesday addresses a record 169 security vulnerabilities including a SharePoint zero-day actively exploited in the wild, 8...
Threat actors are actively exploiting three recently disclosed Windows security vulnerabilities that allow attackers to gain SYSTEM or elevated...
A weekly roundup of notable cybersecurity stories: Iran-linked hackers wipe 200,000 Stryker devices, the BlueHammer Windows zero-day PoC goes public,...
Microsoft has suspended developer accounts used to maintain several prominent open-source projects without prior notice or a quick reinstatement path,...
A security researcher operating under the aliases 'Chaotic Eclipse' and 'Nightmare-Eclipse' has publicly released exploit code for an unpatched Windows...
Pro-Ukrainian hacktivist group Bearlyfy has conducted over 70 cyberattacks against Russian companies since January 2025, recently deploying a custom...
The command auto-approval module in Axon Code contains an OS Command Injection vulnerability. An incompatible Unix-based shell-quote parser is used on...
Microsoft has published a multi-step recovery procedure for Samsung Galaxy Book 4 laptops running Windows 11 24H2/25H2 where the Samsung Galaxy Connect...
Microsoft has stopped automatically installing the Microsoft 365 Copilot app on Windows devices outside the European Economic Area, reversing a bundling...
Microsoft has pushed an out-of-band hotpatch (KB5084597) to Windows 11 Enterprise devices to address three integer-overflow RCE flaws in RRAS, one rated...
An actively exploited protection mechanism failure in the Windows MSHTML (Trident) engine allows attackers to bypass browser security zones and shell...
Microsoft's February 2026 Patch Tuesday addresses roughly 60 vulnerabilities including six actively exploited zero-days across Windows, Office, and Azure...
Microsoft's February 2026 Patch Tuesday addresses 60 vulnerabilities including 6 actively exploited zero-days and 3 publicly disclosed issues, with...
Actively exploited zero-day in Windows RDS allows authenticated attackers with low privileges to escalate to SYSTEM. Public exploit code available....
Actively exploited Windows Shell vulnerability bypasses SmartScreen protection, allowing malicious files to execute without security warnings. Patch...
Comprehensive checklist for hardening Linux and Windows servers before production deployment. Covers OS configuration, network security, access controls,...
Build interactive IT service management dashboards using PowerShell Universal. Create real-time client portals, automated ticketing views, and...
Deploy Docker Engine natively on Windows without Docker Desktop. Covers installation, Windows container mode, lifecycle management, and troubleshooting.
Configure Windows Autopilot for zero-touch device deployment. Covers hardware hash import, deployment profiles, ESP configuration, and user-driven enrollment.
Automate Windows security baseline checks using PowerShell. Validate configurations against CIS benchmarks for password policies, audit settings, and...
Learn to analyze Windows Security Event Logs to detect brute force attacks, lateral movement, privilege escalation, and other security threats using PowerShell.
Microsoft's first security update of 2026 addresses 114 vulnerabilities including three zero-days. One flaw is actively exploited in the wild with CISA...