Threat Research

    Exploitation Activity of CVE-2025-59287 - WSUS Suspicious Child Process

    Monitors for instances where command-line interpreters like cmd.exe or powershell.exe are spawned as child processes of the WSUS service (wsusservice.exe). This behavior strongly indicates potential exploitation of a critical remote code execution vulnerability, such as CVE-2025-59287, where attackers may launch shells to perform reconnaissance or additional malicious actions....
    11/3/2025  0
    Read More »

    Microsoft WSUS Remote Code Execution (CVE-2025-59287) Actively Exploited in the Wild

    In October 2025, a critical remote code execution (RCE) vulnerability in Microsoft Windows Server Update Services (WSUS), tracked as CVE-2025-59287 (CVSS 9.8), was discovered. The flaw allows unauthenticated remote attackers to execute code with system-level privileges on affected servers....
    10/28/2025  0
    Read More »
    Looking for Something?
    Threat Research Categories:
    Tags

    Privacy & Security StatementTerms & Conditions
    Copyright © 2026 by Gurucul - All rights reserved.