ShadowPad Malware Actively Exploits WSUS Vulnerability for Full System Access
The Hacker News
Actively Exploited
Summary
The ShadowPad malware is exploiting a recently patched vulnerability in Microsoft Windows Server Update Services (WSUS), identified as CVE-2025-59287, allowing attackers to gain full system access. This exploitation highlights the critical need for organizations to promptly apply security updates to vulnerable systems to prevent unauthorized access.
Impact
Microsoft Windows Server Update Services (WSUS) on Windows Servers.
In the Wild
Yes
Timeline
Newly disclosed
Remediation
Organizations should apply the latest security patches provided by Microsoft for CVE-2025-59287 to mitigate the vulnerability. Additionally, it is recommended to review and secure WSUS configurations and monitor for any unauthorized access attempts.