incident
CVE-2023-36025 Exploited in Phemedrone Stealer Campaign for SmartScreen BypassCVE-2023-36025
The Phemedrone Stealer campaign actively exploits CVE-2023-36025, a Windows Defender SmartScreen bypass vulnerability, to deliver malware. Attackers use crafted .url files to evade SmartScreen warnings and execute malicious .cpl files, leading to data theft from browsers, crypto wallets, and messaging apps. The vulnerability was patched in November 2023 but remains exploited in the wild.