Bleeping Computer

Windows SmartScreen flaw exploited to drop Phemedrone malware

A Phemedrone information-stealing malware campaign exploits a Microsoft Defender SmartScreen vulnerability (CVE-2023-36025) to bypass Windows security prompts when opening URL files. Phemedrone is a ...
Infosecurity-magazine.com

Phemedrone Stealer Targets Windows Defender Flaw Despite Patch

Cybersecurity experts have uncovered the active exploitation of CVE-2023-36025, which also led to the dissemination of a new strain of malware called Phemedrone Stealer. This malware explicitly ...
Dark Reading

Exploit for Critical Windows Defender Bypass Goes Public

A proof-of-concept exploit (PoC) has become available for a critical zero-day vulnerability in the Windows SmartScreen technology. Microsoft issued a patch for the issue in its November Patch Tuesday ...
CSOonline

Patched Windows SmartScreen bug actively exploited in Phemedrone infections

A Microsoft Defender SmartScreen vulnerability patched in November has found fresh active exploitation in a Phemedrone information-stealing malware campaign, according to cybersecurity research and ...