Microsoft Patches 67 Vulnerabilities, Including Exploited WebDav Zero-Day
Hackers from the Stealth Falcon group exploited a zero-day vulnerability in Windows WebDav (CVE-2025-33053) to conduct stealthy cyberespionage against Middle Eastern defense and government organizations since March 2025, using remote code execution to drop malware and maintain operational stealth. Microsoft patched the flaw, but the attack techniques involved manipulating WebDAV paths to execute malicious code remotely, leading to the deployment of advanced malware tools like Horus Loader and Horus Agent. Organizations are advised to update Windows promptly and monitor WebDAV traffic for suspicious activity.