Skip to content

News
Cybercrime
Risk
Policy
Privacy
Research
Cloud
Insurance

LinkedIn
Facebook

WSUS

Attackers exploit patched WSUS flaw to deploy infostealer on unpatched Windows servers

Cybercrime, News, Risk, Vulnerabilities

October 30, 2025

Attackers have been observed exploiting CVE-2025-59287 in WSUS to deploy an infostealer on unpatched Windows servers, exfiltrate data to webhook.site URLs and use follow-up tooling including Velociraptor and a UPX-packed Skuld Stealer; agencies and vendors are urging immediate patching and investigation.
Microsoft issues out-of-band fix for WSUS vulnerability CVE-2025-59287

Cybercrime, News, Risk, Vendors, Vulnerabilities

October 24, 2025

Microsoft released an out-of-band cumulative update to address CVE-2025-59287, a critical WSUS deserialization vulnerability being exploited in the wild; admins should apply the patch or disable WSUS/block ports 8530 and 8531 until systems can be rebooted after updating.

About
Editorial Policy
Privacy
Contact