Trend Micro warns of critical Apex One code execution flaws

Trend Micro has patched two critical Apex One vulnerabilities that allow attackers to gain remote code execution (RCE) on vulnerable Windows systems.

Microsoft: Critical Security Issue Found in Windows Notepad

Microsoft patches CVE-2026-20841, a high-severity Windows Notepad flaw that could allow code execution via malicious Markdown ...

CAPTCHA or trap? Windows users tricked into installing malware on their PCs

StealC malware campaign exploits fake CAPTCHA pages to steal sensitive data while blending into normal system activity.
Bleeping Computer

Malicious Microsoft VSCode extensions target devs, crypto community

Malicious Visual Studio Code extensions were discovered on the VSCode marketplace that download heavily obfuscated PowerShell payloads to target developers and cryptocurrency projects in supply chain ...
Forbes

Hackers Bypass Windows Defender Security — What You Need To Know

Update, March 31, 2025: This story, originally published March 29, has been updated with an explanation of LOLBINS as well as further technical information regarding the Windows Defender Application ...
Infosecurity-magazine.com

Malicious Microsoft VS Code Extensions Used in Cryptojacking Campaign

An unknown threat actor is deploying a large-scale, sophisticated cryptojacking campaign through a series of malicious extensions in Visual Studio Code, Microsoft’s lightweight source-code editor, ...
ZDNet

Watch out! This fake Windows BSOD is a trap

A new campaign creates a fake BSOD to install malware. The campaign tricks users into installing a remote access trojan. If executed, the RAT can remotely access the infected PC. The Windows Blue ...