Windows Server Update Services (WSUS) vulnerability abused to harvest sensitive data
Exploitation of CVE-2025-59287 began after public disclosure and the release of proof-of-concept code
Similar Posts
Elon Musk’s DOGE Posts Classified Data On Its New Website
Bys sJennifer Bendery reports: Elon Musk’s team at the so-called Department of Government Efficiency has posted classified information about the size and staff of a U.S. intelligence agency on its new website, raising bigger concerns about where Musk’s programmers got this information and what they are doing with it. DOGE, which President Donald Trump created to…
ThreatsDay Bulletin: 0-Days, LinkedIn Spies, Crypto Crimes, IoT Flaws and New Malware Waves
Bys sThis week has been crazy in the world of hacking and online security. From Thailand to London to the US, we’ve seen arrests, spies at work, and big power moves online. Hackers are getting caught. Spies are getting better at their jobs. Even simple things like browser add-ons and smart home gadgets are being used…
Kazakhstan Considers Criminal Liability for Mass Leaks of Personal Data
Bys sDmitry Pokidaev reports: Kazakhstan is considering tightening legal responsibility for violations related to personal data protection. The Ministry of Artificial Intelligence and Digital Development has proposed introducing criminal liability for mass leaks of citizens’ personal data, along with a significant increase in administrative fines for failing to comply with information security requirements. The proposal was……
Army gynecologist took secret videos of patients during intimate exams, lawsuit says
Bys sCourtney Kube reports: An Army gynecologist took secret intimate videos of a patient under his care at Fort Hood in Texas, according to a lawsuit filed Monday. The lawsuit says that the woman is believed to be one of scores who were preyed upon by Dr. Blaine McGraw and that Army leadership had allowed him to……
How To Automate Ticket Creation, Device Identification and Threat Triage With Tines
Bys sRun by the team at workflow orchestration and AI platform Tines, the Tines library features over 1,000 pre-built workflows shared by security practitioners from across the community – all free to import and deploy through the platform’s Community Edition. A recent standout is a workflow that handles malware alerts with CrowdStrike, Oomnitza, GitHub, and PagerDuty….
More than 1 million patients affected by DaVita ransomware attack; those are preliminary numbers
Bys sThere is an update to the ransomware attack involving DaVita Dialysis first reported in April. According to DaVita’s disclosures this month, unauthorized access to its servers began on March 24, 2025 and continued until April 12, 2025, when they were able to kick the attacker out and keep them out. The incident was first reported…