-
Windows Server Update Services (WSUS) vulnerability is actively exploited in the wild. Criminals are using this vulnerability to steal sensitive data from organizations in various industries. The vulnerability, tracked as CVE-2025-59287, was patched by Microsoft on October 14, 2025, but attackers quickly began abusing it after proof-of-concept code became publicly available on GitHub. Sophos telemetry […] The post Hackers Exploiting Windows Server Update Services Flaw to Steal Sensitive Data from Organizations appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Sophos researchers have identified real-world exploitation of a newly disclosed vulnerability in Windows Server Update Services (WSUS), where threat actors are harvesting sensitive data from organizations worldwide. The critical remote code execution f…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A sophisticated cyber espionage campaign targeting European diplomatic institutions has been uncovered, signaling a strategic escalation by Chinese-affiliated threat actor UNC6384. Central to this campaign is the exploitation of the Windows shortcut (L…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Cybersecurity researchers have uncovered a sophisticated Windows malware family dubbed Airstalk, which leverages legitimate mobile device management infrastructure to establish covert command-and-control communications and exfiltrate sensitive browser …
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Microsoft has addressed a critical privilege escalation vulnerability affecting Windows environments worldwide. Attackers can exploit misconfigured Service Principal Names (SPNs) combined with Kerberos reflection attacks to gain SYSTEM-level access on …
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Microsoft addressed a critical race condition vulnerability affecting its Windows Cloud Files Minifilter driver in October 2025. The flaw, assigned CVE-2025-55680, was originally discovered in March 2024 and represents a significant security concern fo…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Microsoft has patched a critical race condition vulnerability in its Windows Cloud Files Minifilter driver, known as CVE-2025-55680, which enables local attackers to escalate privileges and create arbitrary files across the system. Discovered by researchers at Exodus Intelligence in March 2024, the flaw was addressed in the October 2025 Patch Tuesday updates, earning a CVSS […] The post Microsoft Windows Cloud Files Minifilter Privilege Escalation Vulnerability Exploited appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Threat intelligence researchers have identified a new ransomware-as-a-service (RaaS) operation called The Gentlemen’s RaaS, being actively recruited on underground hacking forums by an operator using the handle zeta88. The cross-platform threat r…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A persistent vulnerability related to DLL hijacking has been identified in the Narrator accessibility tool, which has been a significant concern over time. This flaw allows malicious actors to exploit the tool, potentially compromising the security of systems that rely on it for accessibility features. Noted initially in reports dating back to 2013 by expert […] The post Windows Accessibility Flaw Allows Stealthy Persistence and Lateral Movement via Narrator DLL Hijack appeared first on Cyber Security News.
·
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The cybersecurity landscape continues to face persistent threats from emerging ransomware groups, with Gunra representing a significant concern since its emergence in April 2025. This threat actor has launched systematic attacks across multiple industr…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
