In April 2025, Microsoft patched 121 vulnerabilities in its products. According to the company, only one of them was being used in real-world attacks at the time the patch was released: CVE-2025-29824.
The exploit for this vulnerability was executed by the PipeMagic malware, which Kaspersky researchers first discovered in December 2022 in a RansomExx ransomware campaign. In September 2024, we encountered it again in attacks on organizations in Saudi Arabia. Notably, it was the same version of PipeMagic as in 2022. Kaspersky continue to track the malware’s activity. Most recently, in 2025 our solutions prevented PipeMagic infections at organizations in Brazil and Saudi Arabia.
Read more…
Source: Kaspersky
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- A glimpse into the present state of security in robotics
October 14, 2019
The world of today continues its progress toward higher digitalization and mobility. From developments in the Internet of Things (IoT) through augmented reality to Industry 4.0, whichrely on stronger automation and use of robots, all of these bring more efficiency to production processes and improves user experience across the globe. According to some estimates, these systems ...
- EU Report Highlights Cybersecurity Risks in 5G Networks
October 14, 2019
The extent with which 5G networks use software is one of the top security issues for mobile networks as well as devices and current technologies (for example, 3G, 4G) that use or incorporate it, according to an EU report supported by the European Commission and European Union Agency for Cybersecurity. 5G networks are unique compared to ...
- Fin7 Cybergang Retools With New Malicious Code
October 11, 2019
The Fin7 cybercrime group has ramped up its offensive capabilities by adding new malicious code to its malware arsenal. Researchers said that this is evidence that Fin7 is still a growing threat despite the arrest of several Fin7 members in 2018. The notorious group has adopted a new dropper sample called Boostwrite, which uses new detection evasion ...
- macOS users targeted with new Tarmac malware
October 11, 2019
Security researchers have discovered a new piece of Mac malware; however, some of its purpose and full features will remain a mystery for a little longer. Named Tarmac (OSX/Tarmac), this new malware was distributed to macOS users via online malvertising (malicious ads) campaigns. These malicious ads ran rogue code inside a Mac user’s browser to redirect the ...
- New espionage malware found targeting Russian-speaking users in Eastern Europe
October 10, 2019
Security researchers have discovered an advanced malware strain that’s been deployed to spy on diplomats and Russian-speaking users in Eastern Europe. The malware, named Attor, has been used in attacks since 2013 but was only discovered last year, according to an ESET report published today. ESET said the malware bears the signs of a targeted espionage campaign ...
- More xHunt – New PowerShell Backdoor Blocked Through DNS Tunnel Detection
October 10, 2019
During our continued analysis of the xHunt campaign, we observed several domains with ties to the pasta58com, being used as the C2 server for a new PowerShell based backdoor that we’ve named CASHY200. This PowerShell backdoor ...