Privilege Escalation
ASUS Armoury Crate bug lets attackers get Windows admin privileges
A high-severity vulnerability in ASUS Armoury Crate software could allow threat actors to escalate their privileges to SYSTEM level on Windows machines. The security issue is tracked as CVE-2025-3464 and received a severity score of 8.8 out of 10. It could be exploited to bypass authorization and affects the AsIO3.sys of the Armoury Crate system management software. Armoury […]
Microsoft shares script to restore inetpub folder you shouldn’t delete
Microsoft has released a PowerShell script to help restore an empty ‘inetpub’ folder created by the April 2025 Windows security updates if deleted. As Microsoft previously warned, this folder helps mitigate a high-severity Windows Process Activation privilege escalation vulnerability. In April, after installing the new security updates, Windows users suddenly found that an empty C:\Inetpub folder was […]
Premium WordPress ‘Motors’ theme vulnerable to admin takeover attacks
A critical privilege escalation vulnerability has been discovered in the premium WordPress theme Motors, which allows unauthenticated attackers to hijack administrator accounts and take complete control of websites. Developed by StylemixThemes, Motors is one of the top-selling automotive themes for the WordPress platform. It is very popular among automotive businesses such as car dealerships, rental […]
Microsoft: Windows ‘inetpub’ folder created by security fix, don’t delete
Microsoft has now confirmed that an April 2025 Windows security update is creating a new empty “inetpub” folder and warned users not to delete it. This folder is typically used by Microsoft’s Internet Information Services (IIS), a web server platform that can be enabled via the Windows Features dialog to host websites and web apps. […]
Google fixes Android zero-days exploited in attacks, 60 other flaws
Google has released patches for 62 vulnerabilities in Android’s April 2025 security update, including two zero-days exploited in targeted attacks. One of the zero-days, a high-severity privilege escalation security vulnerability (CVE-2024-53197) in the Linux kernel’s USB-audio driver for ALSA Devices, was reportedly exploited by Serbian authorities to unlock confiscated Android devices as part of a zero-day exploit chain developed […]
Microsoft patches Windows Kernel zero-day exploited since 2023
Slovak cybersecurity company ESET says a newly patched zero-day vulnerability in the Windows Win32 Kernel Subsystem has been exploited in attacks since March 2023. Fixed in Windows security updates released during this month’s Patch Tuesday, the security flaw is now tracked as CVE-2025-24983 and was reported to Microsoft by ESET researcher Filip Jurčacko. The vulnerability is […]
Google fixes Android zero-day exploited by Serbian authorities
Google has released patches for 43 vulnerabilities in Android’s March 2025 security update, including two zero-days exploited in targeted attacks. Serbian authorities have used one of the zero-days, a high-severity information disclosure security vulnerability (CVE-2024-50302) in the Linux kernel’s driver for Human Interface Devices, to unlock confiscated devices. The flaw was reportedly exploited as part of an Android zero-day exploit […]
CISA tags Windows, Cisco vulnerabilities as actively exploited
CISA has warned US federal agencies to secure their systems against attacks exploiting vulnerabilities in Cisco and Windows systems. While the cybersecurity agency has tagged these flaws as actively exploited in the wild, it has yet to provide specific details regarding this malicious activity and who is behind it. The first flaw (tracked as CVE-2023-20118) enables […]
Ransomware gangs exploit Paragon Partition Manager bug in BYOVD attacks
Microsoft had discovered five Paragon Partition Manager BioNTdrv.sys driver flaws, with one used by ransomware gangs in zero-day attacks to gain SYSTEM privileges in Windows. The vulnerable drivers were exploited in ‘Bring Your Own Vulnerable Driver’ (BYOVD) attacks where threat actors drop the kernel driver on a targeted system to elevate privileges. “An attacker with local access to a […]
Google fixes Android kernel zero-day exploited in attacks
The January 2025 Android security updates patch 48 vulnerabilities, including a zero-day kernel vulnerability tagged as exploited in the wild. This high-severity zero-day (tracked as CVE-2024-53104) is a privilege escalation security flaw in the Android Kernel’s USB Video Class driver that allows authenticated local threat actors to elevate privileges in low-complexity attacks. The issue occurs because the driver […]