SecurityWeek

High-Severity Remote Code Execution Vulnerability Patched in OpenSSL

OpenSSL updates released on Tuesday patch a dozen vulnerabilities, including a high-severity remote code execution flaw.
WinBuzzer

Microsoft January 2026 Patch Tuesday Fixes Actively Exploited DWM Zero-day Alongside 111 Security Flaws

Microsoft has patched 112 vulnerabilities in January 2026, including CVE-2026-20805, a Desktop Window Manager zero-day that ...
CSO Online

This stealthy Windows RAT holds live conversations with its operators

The modular Windows RAT uses in-memory execution and live operator control to maintain persistence and exfiltrate sensitive ...
Microsoft

New Clickfix variant ‘CrashFix’ deploying Python Remote Access Trojan

CrashFix crashes browsers to coerce users into executing commands that deploy a Python RAT, abusing finger.exe and portable Python to evade detection and persist on high‑value systems.

New Windows Flaw Lets Attackers Bypass Mark of the Web

Microsoft patched a Windows Remote Assistance flaw that lets attackers bypass Mark of the Web, weakening protections against malicious downloads and phishing files.

Skywork Launches Desktop AI Agent for Windows Productivity

Skywork Desktop is currently available as a Windows-only desktop application. Access is included with a Skywork.ai membership ...

New ClickFix attacks abuse Windows App-V scripts to push malware

A new malicious campaign mixes the ClickFix method with fake CAPTCHA and a signed Microsoft Application Virtualization (App-V ...