Endpoint Security Archives – SecurityWeek Cybersecurity News, Insights & Analysis
- UEFI Vulnerability in Major Motherboards Enables Early-Boot Attacks
by Eduard Kovacs on December 18, 2025 at 3:30 pmASRock, Asus, Gigabyte, and MSI motherboards are vulnerable to early-boot DMA attacks. The post UEFI Vulnerability in Major Motherboards Enables Early-Boot Attacks appeared first on SecurityWeek.
- MITRE Posts Results of 2025 ATT&CK Enterprise Evaluationsby Eduard Kovacs on December 11, 2025 at 1:50 pm
Eleven companies took part in the evaluations and several have boasted 100% detection and coverage rates. The post MITRE Posts Results of 2025 ATT&CK Enterprise Evaluations appeared first on SecurityWeek.
- Intel, AMD Processors Affected by PCIe Vulnerabilitiesby Eduard Kovacs on December 10, 2025 at 8:02 am
The PCIe flaws, found by Intel employees, can be exploited for information disclosure, escalation of privilege, or DoS. The post Intel, AMD Processors Affected by PCIe Vulnerabilities appeared first on SecurityWeek.
- Microsoft Silently Mitigated Exploited LNK Vulnerabilityby Ionut Arghire on December 3, 2025 at 10:50 am
Windows now displays in the properties tab of LNK files critical information that could reveal malicious code. The post Microsoft Silently Mitigated Exploited LNK Vulnerability appeared first on SecurityWeek.
- Microsoft Highlights Security Risks Introduced by New Agentic AI Featureby Ionut Arghire on November 24, 2025 at 1:32 pm
Without proper security controls, AI agents could perform malicious actions, such as data exfiltration and malware installation. The post Microsoft Highlights Security Risks Introduced by New Agentic AI Feature appeared first on SecurityWeek.
- Microsoft Disables Downloaded File Previews to Block NTLM Hash Leaksby Ionut Arghire on October 24, 2025 at 9:57 am
In files downloaded from the internet, HTML tags referencing external paths could be used to leak NTLM hashes during file previews. The post Microsoft Disables Downloaded File Previews to Block NTLM Hash Leaks appeared first on SecurityWeek.
- Microsoft Patches 173 Vulnerabilities, Including Exploited Windows Flawsby Ionut Arghire on October 15, 2025 at 4:10 am
The tech giant has rolled out fixes for 173 CVEs, including five critical-severity security defects. The post Microsoft Patches 173 Vulnerabilities, Including Exploited Windows Flaws appeared first on SecurityWeek.
- Windows 10 Still on Over 40% of Devices as It Reaches End of Supportby Eduard Kovacs on October 14, 2025 at 10:00 am
Users can continue receiving important security updates for Windows 10 by enrolling in the ESU program. The post Windows 10 Still on Over 40% of Devices as It Reaches End of Support appeared first on SecurityWeek.
- WireTap Attack Breaks Intel SGX Securityby Ionut Arghire on October 2, 2025 at 11:21 am
The attack uses a passive interposer to control the SGX enclave and extract the DCAP attestation key, breaking the mechanism. The post WireTap Attack Breaks Intel SGX Security appeared first on SecurityWeek.
- Apple Updates iOS and macOS to Prevent Malicious Font Attacksby Ionut Arghire on September 30, 2025 at 10:36 am
The vulnerability could lead to a denial-of-service condition or memory corruption when a malicious font is processed. The post Apple Updates iOS and macOS to Prevent Malicious Font Attacks appeared first on SecurityWeek.
