Tagged: CVE-2025-59287

November 25, 2025

Critical WSUS RCE (CVE-2025-59287) Actively Exploited to Deploy ShadowPad Espionage Tool

A recently patched vulnerability in Microsoft’s Windows Server Update Services has triggered a wave of attacks involving one of the most notable espionage tools of recent years. The incidents underscore how swiftly adversaries move...

Vulnerability

October 29, 2025

Microsoft Refuses to Mark Critical WSUS Flaw as Actively Exploited

Cyberthreat analysts are reporting active exploitation of a critical vulnerability in Windows Server Update Services (WSUS), identified as CVE-2025-59287. Merely days after Microsoft released an emergency patch and CISA added the flaw to its...