Crooks are exploiting four Microsoft vulnerabilities – one patched 14 years ago and another tied to ransomware activity – according to America’s lead cyber-defense agency, which on Monday gave federal agencies two weeks to patch them.
The four vulnerabilities added to CISA’s Known Exploited Vulnerabilities (KEV) catalog on Monday are: CVE-2025-60710, a link-following vulnerability in Windows that allows privilege escalation. After initially disclosing this bug in November 2025, Redmond fully fixed it a month later. CVE-2023-36424, a Windows Common Log File System Driver flaw that allows privilege escalation. Microsoft patched this one in November 2023.
Read more…
Source: The Register News
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Google patches 129 Android security flaws — including a potentially dangerous Qualcomm zero-day
March 3, 2026
Google has released a new security update which fixed 129 vulnerabilities in the Android ecosystem, including 10 critical-severity bugs, and one high-severity issue apparently being exploited in the wild. In a security advisory, Google said that it fixed a buffer over-read vulnerability in the Graphics component (an open-source Qualcomm module). The bug, tracked as CVE-2026-21385, was ...
- Coruna: The Mysterious Journey of a Powerful iOS Exploit Kit
March 3, 2026
Google Threat Intelligence Group (GTIG) has identified a new and powerful exploit kit targeting Apple iPhone models running iOS version 13.0 (released in September 2019) up to version 17.2.1 (released in December 2023). The exploit kit, named “Coruna” by its developers, contained five full iOS exploit chains and a total of 23 exploits. The core technical ...
- Chrome flaw let extensions hijack Gemini’s camera, mic, and file access
March 3, 2026
Chrome’s Gemini “Live in Chrome” panel (Gemini’s embedded, agent-style assistant mode within Chrome) had a high‑severity vulnerability tracked as CVE‑2026‑0628. The flaw let a low‑privilege extension inject code into the Gemini side panel and inherit its powerful capabilities, including local file access, screenshots, and camera/microphone control. The vulnerability was patched in a January update. But the ...
- New AirSnitch attack bypasses Wi-Fi encryption in homes, offices, and enterprises
February 26, 2026
It’s hard to overstate the role that Wi-Fi plays in virtually every facet of life. The organization that shepherds the wireless protocol says that more than 48 billion Wi-Fi-enabled devices have shipped since it debuted in the late 1990s. New research shows that behaviors that occur at the very lowest levels of the network stack make ...
- CISA and Partners Release Guidance for Ongoing Global Exploitation of Cisco SD-WAN Systems
February 25, 2026
CISA and partners have observed malicious cyber actors targeting and compromising Cisco SD-WAN systems of organizations, globally. These actors have been observed exploiting a previously undisclosed authentication bypass vulnerability, CVE-2026-20127, for initial access before escalating privileges using CVE-2022-20775 and establishing long-term persistence in Cisco SD-WAN systems. Read more… Source: U.S. Cybersecurity and Infrastructure Security Agency Sign up for the ...
- CVE-2026-2329: Critical Unauthenticated Stack Buffer Overflow in Grandstream GXP1600 VoIP Phones (FIXED)
February 18, 2026
Rapid7 Labs conducted a zero-day research project against the Grandstream GXP1600 series of Voice over Internet Protocol (VoIP) phones. This research resulted in the discovery of a critical unauthenticated stack-based buffer overflow vulnerability, CVE-2026-2329. A remote attacker can leverage CVE-2026-2329 to achieve unauthenticated remote code execution (RCE) with root privileges on a target device. A vendor ...