This exploit is for a local privilege escalation (LPE) flaw that grants SYSTEM privileges in Windows 10, Windows 11, and Windows Server on the latest April Patch Tuesday patches, when Windows Defender is enabled.
An attachment in an email impersonating DHL about a shipment contains a link to a preconfigured SimpleHelp remote access tool-an ideal starting point for attackers to explore a network, steal data, and drop additional malware.
Threat actors are exploiting three recently disclosed Windows security vulnerabilities in attacks aimed at gaining SYSTEM or elevated administrator permissions.
A new report from Sonatype identifies 21,764 malicious open source packages in the first quarter of the year, up 21 percent from the same period last year and bringing the total logged since 2017 to 1,346,867.
Microsoft has confirmed that some Windows domain controllers are entering restart loops due to Local Security Authority Subsystem Service (LSASS) crashes after installing the April 2026 security updates.
Malvertising remains an ongoing issue on Google's ad network, with attackers abusing paid ads to pose as legitimate brands and lure users into malware downloads or phishing sites.