Microsoft has released urgent updates to address the critical WSUS RCE vulnerability CVE-2025-59287, which is currently under active exploitation. The flaw allows unauthorized attackers to execute code over a network, necessitating immediate patching for affected Windows Server versions.

Microsoft has released an emergency security patch for a critical vulnerability in Windows Server Update Services (WSUS) that is being actively exploited. The vulnerability, tracked as CVE-2025-59287, allows remote code execution and carries a severity score of 9.8 out of 10.

Microsoft has released an out-of-band security update for a critical vulnerability in Windows Server Update Services (WSUS), tracked as CVE-2025-59287. This flaw allows remote code execution by unauthenticated threat actors, and a new patch is necessary to fully mitigate the issue as the initial patch was incomplete.

The Warlock ransomware campaign, linked to Chinese threat actors, exploits the ToolShell zero-day vulnerability in Microsoft SharePoint (CVE-2025-53770). This shift towards direct financial cybercrime marks a significant change in tactics among these groups.

Security flaws in Microsoft's Azure ecosystem enable cybercriminals to create deceptive applications that imitate official services like the Azure Portal. Varonis discovered that attackers can bypass safeguards using invisible Unicode characters, leading to potential phishing attacks.

A large-scale intrusion campaign, tracked as REF3927, is exploiting misconfigured Microsoft IIS servers that reuse publicly exposed ASP.NET machine keys. Attackers are deploying malicious modules and webshells to gain control over affected systems.

Cybercriminals are exploiting Microsoft 365's Direct Send feature to bypass security filters and conduct phishing campaigns. This legitimate feature, designed for enterprise convenience, has become a vector for business email compromise attacks, prompting security researchers to raise alarms.

A recent investigation revealed a critical loophole in Azure applications that allowed hackers to create malicious apps using reserved Microsoft names. This vulnerability enabled attackers to gain unauthorized access and escalate privileges within Microsoft 365 environments, posing significant risks to organizations.

The latest Microsoft Digital Defense Report reveals that over 52% of cyberattacks are motivated by extortion and ransomware, with a significant focus on data theft. The report emphasizes the need for proactive cybersecurity measures and modernization in defense strategies.