Microsoft News Articles
Recent news articles refferecing the vendors vulnerabilities.
Red Hot CyberCVE-2025-59287Windows Server Vulnerability Exploited: ShadowPad Malware Deployed
CVE-2025-59287 vulnerability in Windows Server Update Services exploited to deploy ShadowPad malware. Learn how attackers used this flaw to gain access.
2 days ago
Security AffairsCVE-2025-59287Attackers deliver ShadowPad via newly patched WSUS RCE bug
Attackers exploited a patched WSUS flaw (CVE-2025-59287) to gain access, use PowerCat for a shell, and deploy the ShadowPad malware.
2 days ago
Security AffairsCVE-2025-59287Attackers deliver ShadowPad via newly patched WSUS RCE bug
Attackers exploited a patched WSUS flaw (CVE-2025-59287) to gain access, use PowerCat for a shell, and deploy the ShadowPad malware.
2 days ago
TechJuiceCVE-2025-59287ShadowPad Backdoor Exploits WSUS Zero-Day to Breach Enterprise Environments
The ShadowPad malware explodes in the wild exploiting a WSUS zero-day (CVE-2025-59287) to gain full system access on Windows servers.
2 days ago
The Hacker NewsCVE-2025-59287ShadowPad Malware Actively Exploits WSUS Vulnerability for Full System Access
ShadowPad malware is being delivered through an actively exploited WSUS vulnerability, granting attackers full system access.
2 days ago
CyberSecurityNewsCVE-2025-49752Critical Vulnerability in Azure Bastion Let Attackers Bypass Authentication and Escalate privileges
Microsoft addressed a flaw in Azure Bastion, that allows attackers to bypass authentication and escalate privileges to administrative levels.
3 days ago
GBHackers NewsCVE-2025-49752Critical Azure Bastion Vulnerability Lets Attackers Bypass Login and Escalate Privileges
A critical authentication bypass vulnerability in Azure Bastion, its managed remote access service.
5 days ago
CyberSecurityNewsCVE-2025-59287Chinese Hackers Exploiting WSUS Remote Code Execution Vulnerability to Deploy ShadowPad Malware
Chinese-backed hackers exploit CVE-2025-59287 in WSUS to push ShadowPad, using the flaw for system-level access.
5 days ago
Red Hot CyberCVE-2025-49752Critical Vulnerability in Azure Bastion Scores 10! When RDP and SSH in the Cloud Are Checkmated
Learn about the critical vulnerability in Azure Bastion, CVE-2025-49752, that allows authentication bypass and privilege escalation. Update now to protect your VMs.
5 days ago
Red Hot CyberCVE-2025-49752Critical Vulnerability in Azure Bastion Scores 10! When RDP and SSH in the Cloud Are Checkmated
Learn about the critical vulnerability in Azure Bastion, CVE-2025-49752, that allows authentication bypass and privilege escalation. Update now to protect your VMs.
5 days ago
GBHackers NewsCVE-2025-59287Chinese Hackers Exploiting WSUS Remote Code Execution Vulnerability to Deploy ShadowPad Malware
Security researchers at the AhnLab Security Intelligence Center (ASEC) have uncovered a sophisticated cyberattack campaign targeting Microsoft Windows Server Update Services.
5 days ago
GBHackers NewsCVE-2025-50165Windows Graphics Flaw Lets Hackers Take Over with Just One Image
A flaw in the Windows Graphics Component that enables attackers to seize complete control of computers using nothing more than a crafted image file.
5 days ago
GBHackers NewsCVE-2025-50165Windows Graphics Flaw Lets Hackers Take Over with Just One Image
A flaw in the Windows Graphics Component that enables attackers to seize complete control of computers using nothing more than a crafted image file.
5 days ago
ForbesCVE-2025-62215Critical Microsoft Alert — Update Windows 10, 11 And Server Right Now
Microsoft has confirmed a zero-day vulnerability in the Windows Kernel that attackers have already exploited to gain system privileges. Act now.
2 weeks ago
U.S. CISA adds WatchGuard Firebox, Microsoft Windows, and Gladinet Triofox flaws to its Known Exploited Vulnerabilities catalog
U.S. CISA adds WatchGuard Firebox, Microsoft Windows, and Gladinet Triofox flaws to its Known Exploited Vulnerabilities catalog.
2 weeks ago
CVE-2025-62215: Microsoft Patches Windows Kernel Zero-Day Vulnerability Under Active Exploitation | SOC Prime
Explore CVE-2025-62215 analysis, a critical Windows kernel zero-day under active exploitation, with the details on the SOC Prime blog.
2 weeks ago
MalwarebytesCVE-2025-60724Update now: November Patch Tuesday fixes Windows zero-day exploited in the wild
This month’s Windows update closes several major security holes, including one that’s already being used by attackers. Make sure your PC is up to date.
2 weeks ago
The Hacker NewsCVE-2025-60704Microsoft Fixes 63 Security Flaws, Including a Windows Kernel Zero-Day Under Active Attack
Microsoft fixes 63 flaws, including an exploited Windows Kernel zero-day and a critical RCE bug.
2 weeks ago
Help Net SecurityCVE-2025-62215Patch Tuesday: Microsoft fixes actively exploited Windows kernel vulnerability (CVE-2025-62215) - Help Net Security
Microsoft fixed some 60+ vulnerabilities on this Patch Tuesday, among them an actively exploited Windows Kernel flaw (CVE-2025-62215).
2 weeks ago
Cyber PressCVE-2025-62215Windows Kernel 0-Day Vulnerability Actively Exploited in the Wild to Escalate Privileges
Microsoft's exploitability index lists "Exploitation Detected," indicating real-world use despite the absence of public disclosure.
2 weeks ago
CyberScoopCVE-2025-62215Microsoft Patch Tuesday addresses 63 defects, including one actively exploited zero-day
Researchers warn that although exploitation of the zero-day is complex, a functional exploit exists in the wild.
2 weeks ago
Patch Now: Microsoft Flags Zero-Day & Zero-Click Bugs
Security teams may have a less burdensome rollout in November after October's Goliath Patch Tuesday, but shouldn't wait on priority fixes.
2 weeks ago
csoonline.comCVE-2025-9491Chinese hackers target Western diplomats using hard-to-patch Windows shortcut flaw
Chinese UNC6384 campaign cleverly exploits Windows .LNK vulnerability, security company finds.
3 weeks ago
Red Hot CyberCVE-2025-9491Chinese hackers target European diplomatic agencies (including Italy)
Hackers from the China-linked UNC6384 group are conducting a cyberespionage campaign against European diplomatic and government agencies by exploiting a Windows vulnerability.
3 weeks ago
The Hacker NewsCVE-2024-38197Microsoft Teams Bugs Let Attackers Impersonate Colleagues and Edit Messages Unnoticed
Four Microsoft Teams flaws let attackers impersonate coworkers and manipulate chats before patches.
3 weeks ago
DarktraceCVE-2025-59287Darktrace’s Analysis of Post-Exploitation Activities on CVE-2025-59287
This blog details Darktrace’s analysis of the vulnerability, focusing on two US customer where active exploitation was detected.
3 weeks ago
CyberSecurityNewsCVE-2025-59287Hackers Actively Scanning for TCP Port 8530/8531 Linked to WSUS Vulnerability CVE-2025-59287
WSUS infrastructure Network sensors collected from security organizations, in scans directed at TCP port 8530 and 8531.
3 weeks ago
Red Hot CyberCVE-2025-59287WSUS security update has broken hotpatches on Windows Server 2025
A security update for WSUS has broken hotpatching on some Windows Server 2025 devices, causing registration issues.
3 weeks ago
Red Hot CyberCVE-2025-59287WSUS security update has broken hotpatches on Windows Server 2025
A security update for WSUS has broken hotpatching on some Windows Server 2025 devices, causing registration issues.
3 weeks ago
CyberSecurityNewsCVE-2025-59287Microsoft Patch for WSUS Vulnerability has Broken Hotpatching on Windows Server 2025
In a recent setback for Windows administrators, Microsoft's October 2025 security update addressing a critical vulnerability in Windows Server Update Services (WSUS) has inadvertently broken hotpatching functionality on a subset of Windows Server 2025 systems.
3 weeks ago
Microsoft: Patch for WSUS flaw disabled Windows Server hotpatching
An out-of-band (OOB) security update that patches an actively exploited Windows Server Update Service (WSUS) vulnerability has broken hotpatching on some Windows Server 2025 devices.
3 weeks ago
Cyber PressCVE-2025-59287Hackers Actively Scanning TCP Ports 8530/8531 for WSUS Vulnerability CVE-2025-59287
These scans represent a shift from research-related activities to what appears to be malicious reconnaissance efforts by threat actors searching for vulnerable systems.
3 weeks ago
GBHackers NewsCVE-2025-59287Hackers Actively Scanning TCP Ports 8530/8531 for WSUS CVE-2025-59287
Security researchers have detected a spike in suspicious network traffic targeting Windows Server Update Services (WSUS) infrastructure worldwide.
3 weeks ago
TechNaduWindows GDI Vulnerabilities Lead to RCE and Data Leaks - TechNadu
Check Point Research found three critical flaws in Windows GDI, including one for remote code execution. Microsoft has issued patches to fix them.
3 weeks ago
Chinese APT Exploits Unpatched Windows Flaw in Recent Attacks
Chinese threat actor exploiting an unpatched Windows shortcut vulnerability in fresh attacks targeting the diplomatic community in Europe.
3 weeks ago
Inbox.lvCVE-2025-9491Failure: Microsoft Failed to Fix Old Windows Vulnerability
This concerns a zero-day vulnerability identified as ZDI-CAN-25373, later changed to CVE-2025-9491. The old issue was ignored until March 2025, when Trend Micro specialists reported it. They noted that hackers have been aware of the system flaw for
4 weeks ago
Inbox.lvCVE-2025-9491Failure: Microsoft Failed to Fix Old Windows Vulnerability
This concerns a zero-day vulnerability identified as ZDI-CAN-25373, later changed to CVE-2025-9491. The old issue was ignored until March 2025, when Trend Micro specialists reported it. They noted that hackers have been aware of the system flaw for
4 weeks ago
ForbesCVE-2025-9491New Warning As Microsoft Windows Attacks Confirmed — No Fix Available
Microsoft has no fix available, and the attacks are already underway. What Windows users need to know about CVE-2025-9491.
4 weeks ago
Help Net SecurityCVE-2025-9491Unpatched Windows vulnerability continues to be exploited by APTs (CVE-2025-9491) - Help Net Security
A Windows vulnerability (CVE-2025-9491, aka ZDI-CAN-25373) that threat actors have been leveraging since 2017 continues to be exploited.
4 weeks ago
Windows zero-day actively exploited to spy on European diplomats
A China-linked hacking group is exploiting a Windows zero-day in attacks targeting European diplomats in Hungary, Belgium, and other European nations.
4 weeks ago
Windows zero-day actively exploited to spy on European diplomats
A China-linked hacking group is exploiting a Windows zero-day in attacks targeting European diplomats in Hungary, Belgium, and other European nations. According to Arctic Wolf Labs, the attack chain begins...
4 weeks ago
The Hacker NewsCVE-2025-59287CISA and NSA Issue Urgent Guidance to Secure WSUS and Microsoft Exchange Servers
CISA and NSA warn of WSUS and Exchange attacks, urging immediate patching and zero trust adoption.
4 weeks ago
CISA and NSA share tips on securing Microsoft Exchange servers
The Cybersecurity and Infrastructure Security Agency (CISA) and the National Security Agency (NSA) have released guidance to help IT administrators harden Microsoft Exchange servers on their networks against attacks.
4 weeks ago
CVE-2025-59287 Detection: A Critical Unauthenticated RCE Vulnerability in Microsoft WSUS Under Active Exploitation | SOC Prime
Detect CVE-2025-59287 exploitation attempts, a new critical RCE vulnerability in Microsoft WSUS, with curated Sigma rules from SOC Prime Platform.
4 weeks ago
Help Net SecurityCVE-2025-59287Attackers exploiting WSUS vulnerability drop Skuld infostealer (CVE-2025-59287) - Help Net Security
Attackers have been spotted exploiting a WSUS vulnerability (CVE-2025-59287) to deploy infostealer malware on unpatched Windows servers.
4 weeks ago
CyberSecurityNewsCVE-2025-58726New Attack Combines Ghost SPNs and Kerberos Reflection to Elevate Privileges on SMB Servers
A sophisticated privilege escalation vulnerability in Windows SMB servers, leveraging Ghost Service Principal Names (SPNs) and Kerberos authentication reflection to achieve remote SYSTEM-level access.
1 month ago
BitdefenderCVE-2025-59287Technical Advisory: Critical Unauthenticated RCE in Windows Server Update Services (WSUS) - CVE-2025-59287
TL;DR Our telemetry indicates an active exploitation campaign targeting vulnerable Windows Server Update Services (WSUS) systems via CVE-2025-59287 (CVSS 9.
1 month ago
Sophos NewsCVE-2025-59287Windows Server Update Services (WSUS) vulnerability abused to harvest sensitive data
Exploitation of CVE-2025-59287 began after public disclosure and the release of proof-of-concept code Counter Threat Unit™ (CTU) researchers are investigating exploitation of a remote code...
1 month ago
Red Hot CyberCVE-2025-59287Tasting the Exploit: HackerHood tests Microsoft WSUS CVE-2025-59287 Exploit
CVE-2025-59287 poses a high risk to organizations using WSUS for centralized update management.
1 month ago