Tag

Active Exploitation

All articles tagged with #active exploitation

security2 months ago•6 min saved

Active Exploitation of Critical Windows Server Update Service Vulnerability

A critical remote code execution vulnerability in Microsoft WSUS (CVE-2025-59287) was actively exploited in the wild shortly after an emergency patch was released. The flaw allows unauthenticated attackers to execute arbitrary code on affected servers, primarily impacting systems with the WSUS role enabled. Microsoft recommends immediate patching or applying workarounds such as disabling the WSUS role or blocking high-risk ports to mitigate the risk.

via Unit 42|

#active-exploitation #cve-2025-59287 #microsoft-patch

technology2 months ago•3 min saved

Microsoft Releases Urgent Patch for Critical WSUS Vulnerability Exploited in the Wild

Microsoft released urgent out-of-band security updates for a critical WSUS vulnerability (CVE-2025-59287) that is actively being exploited in the wild, allowing remote code execution through unsafe deserialization. Users are advised to apply the patch immediately and follow recommended mitigations to prevent attacks.

via The Hacker News|

#active-exploitation #cve-2025-59287 #microsoft-wsus-vulnerability

security3 months ago•7 min saved

US Government Urgently Patches Cisco Vulnerabilities Amid Widespread Cyberattacks

A sophisticated state-sponsored threat actor is actively exploiting multiple zero-day vulnerabilities in Cisco ASA and FTD software, primarily targeting government networks worldwide for data exfiltration. Cisco has issued advisories and software updates to address these critical vulnerabilities, which allow remote code execution and data theft. The vulnerabilities are being exploited with advanced evasion techniques, posing significant risks to organizations, especially those with internet-facing edge devices. Authorities like CISA and NCSC have issued mitigation directives and analyzed malware used in these attacks.

via Palo Alto Networks|

#active-exploitation #cisco-asa #cybersecurity

cybersecurity2 years ago•1 min saved

CISA Identifies Active Exploitation of Samsung and D-Link Device Vulnerabilities

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has identified and patched eight actively exploited vulnerabilities, including six affecting Samsung smartphones and two impacting D-Link devices. The flaws in Samsung devices may have been used by a commercial spyware vendor in targeted attacks, while the D-Link vulnerabilities were leveraged by threat actors associated with a Mirai botnet variant. Federal agencies are required to apply necessary fixes by July 20, 2023, to protect their networks.

via The Hacker News|

#active-exploitation #cisa #cybersecurity