Dark Reading

SprySOCKS Windows Variant Abuses Kernel Drivers to Evade Detection

FishMonger, a China-nexus threat group, has deployed an undocumented version of the Linux backdoor against government targets in several countries.
The Hacker News

China-Linked SprySOCKS Backdoor Expands to Windows with Driver-Based Stealth

ESET found two Windows SprySOCKS variants with 30+ commands, C2 over TCP, UDP, and WebSocket, and government targets in 4 ...
WeLiveSecurity

FishMonger’s arsenal upgraded: SprySOCKS for Windows

ESET researchers have discovered SprySOCKS for Windows, FishMonger’s backdoor weaponizing a kernel driver for advanced ...

ESET Research: China-aligned FishMonger updates its arsenal, targets governments in Asia and Latin America

ESET Research discovered two previously undocumented Windows variants of FishMonger’s SprySOCKS backdoor.ESET telemetry shows ...
PC World

Windows is finally fixing a years-old security hole in April

Microsoft is implementing a new Windows kernel trust policy starting April 2026 that will only allow WHCP-certified drivers by default, addressing years-old security vulnerabilities from cross-signed ...
MSN on MSN

I stopped Windows from keeping old drivers and my PC boot time dropped by half

I also reclaimed some storage space in the process.
Neowin

HWiNFO fixes Windows 11 legacy CPU usage reading, kernel hardware stack driver issue

HWiNFO is one of the best free hardware monitoring tools. The latest version of the software has fixed legacy CPU usage reading on Windows 11, a kernel-mode hardware stack driver bug, and more. HWiNFO ...
CSOonline

Cuba ransomware group used Microsoft developer accounts to sign malicious drivers

The ransomware gang was able to use signed malicious drivers to disable endpoint security tools. Microsoft has revoked the certificates. Microsoft suspended several accounts on its hardware developer ...