In April 2025, Microsoft patched 121 vulnerabilities in its products. According to the company, only one of them was being used in real-world attacks at the time the patch was released: CVE-2025-29824.
The exploit for this vulnerability was executed by the PipeMagic malware, which Kaspersky researchers first discovered in December 2022 in a RansomExx ransomware campaign. In September 2024, we encountered it again in attacks on organizations in Saudi Arabia. Notably, it was the same version of PipeMagic as in 2022. Kaspersky continue to track the malware’s activity. Most recently, in 2025 our solutions prevented PipeMagic infections at organizations in Brazil and Saudi Arabia.
Read more…
Source: Kaspersky
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- The Banking and Finance Industry Under Cybercriminal Siege: An Overview
October 22, 2019
Financial institutions have now taken on an even more active role in the growing information technology (IT) and operational technology (OT) convergence. The need for 24/7-connected smart devices has driven the industry to adapt, especially with the wider adoption of the internet of things (IoT) among businesses and users. Unfortunately, this round-the-clock connection with their respective ...
- Malicious Apps on Alexa or Google Home Can Spy or Steal Passwords
October 22, 2019
Google and Amazon smart speakers can be leveraged to record user conversation or to phish for passwords through malicious voice apps, security researchers warn. Unless the two companies take measures to improve the review process and the restrictions for apps integrating with their smart devices, malicious developers could exploit the weakness to capture audio from users. Called ...
- Russian APT Turla targets 35 countries on the back of Iranian infrastructure
October 21, 2019
Dozens of countries have become embroiled in a state-backed spat between Russian and Iranian hacking groups, security agencies have warned. On Monday, the UK’s National Cyber Security Centre (NCSC), together with the US National Security Agency (NSA), published an advisory warning that military establishments, government departments, scientific organizations, and universities are among victims of an ongoing hacking campaign ...
- Avast says hackers breached internal network through compromised VPN profile
October 21, 2019
Czech cyber-security software maker Avast disclosed today a security breach that impacted its internal network. In a statement published today, the company said it believed the attack’s purpose was to insert malware into the CCleaner software, similar to the infamous CCleaner 2017 incident. Avast said the breach occurred because the attacker compromised an employee’s VPN credentials, gaining access ...
- Researchers find stealthy MSSQL server backdoor developed by Chinese cyberspies
October 21, 2019
Chinese cyberspies have developed malware that alters Microsoft SQL Server (MSSQL) databases and creates a backdoor mechanism that can let hackers connect to any account by using a “magic password.” Furthermore, as an added benefit, the backdoor also hides user sessions inside the database’s connection logs every time the “magic password” is used, helping hackers remain ...
- Major Airport Malware Attack Shines a Light on OT Security
October 18, 2019
A cryptomining infection managed to spread to half of all workstations at a major international airport in Europe – shining a spotlight on security for operational tech and IT convergence. Researchers at Cyberbit found the XMRig Monero mining malware, which was a known strain called “Playerz,” but which skated by antivirus solutions on the endpoints by adding a ...