Microsoft reported a now-patched security flaw, CVE-2025-29824, in Windows’ Common Log File System that was exploited in select ransomware attacks against IT and real estate organizations in the US, a Spanish software firm, the financial sector in Venezuela, and the retail sector in Saudi Arabia. The threat actors leveraged a malware named PipeMagic to exploit the bug and deliver ransomware payloads. The flaw could be used to gain system privileges. Its exact initial access points remain unknown.
LummaStealer Exploits Windows Utility to Run Remote Code Disguised as .mp4 File
The Cybereason Global Security Operations Center (GSOC) has reported on the LummaStealer malware’s advanced evasion techniques. The Russian-developed malware uses the Microsoft HTML Application Host
