Microsoft

Storm-2561 uses SEO poisoning to distribute fake VPN clients for credential theft

Storm-2561 uses SEO poisoning to push fake VPN downloads that install signed trojans and steal VPN credentials. Active since 2025, Storm-2561 mimics trusted brands and abuses legitimate services. This ...
SecurityWeek

ClickFix Attack Uses Windows Terminal to Evade Detection

A new ClickFix attack variant uses fake CAPTCHA pages instructing victims to paste and execute malicious commands in Windows Terminal.

Microsoft still working to fix Windows Explorer white flashes

Microsoft has confirmed that it's still working to fully address a known issue that causes bright white flashes when opening the File Explorer on some Windows 11 systems.

Termite ransomware breaches linked to ClickFix CastleRAT attacks

Ransomware threat actors tracked as Velvet Tempest are using the ClickFix technique and legitimate Windows utilities to deploy the DonutLoader malware and the CastleRAT backdoor.

What Is ActiveX? How It Works and Ensures Computer Security

ActiveX is a Microsoft software framework that enables applications to share data across web browsers, enhancing functionality and security in computing.