News

Active Exploitation of Microsoft WSUS Vulnerability CVE-2025-59287 Detected

Luciano Ferrari

30 Oct 2025 — 2 min read

Thursday, October 30, 2025

Top 5 Cybersecurity Stories You Should Know

Active Exploitation of Microsoft WSUS Vulnerability CVE-2025-59287 Detected — tl;dr: A critical vulnerability in Microsoft Windows Server Update Services (WSUS), tracked as CVE-2025-59287, is under active exploitation, affecting Windows Server versions 2012 to 2025. Despite an emergency patch released by Microsoft, threat actors are exploiting the flaw, which allows unauthenticated remote code execution. Google’s Threat Intelligence Group has reported that attackers are targeting exposed WSUS instances, executing commands for reconnaissance and data exfiltration. Organizations with WSUS enabled should immediately apply the latest updates and monitor their systems for suspicious activity to mitigate potential risks.
↪ https://www.theregister.com/2025/10/27/microsoft_wsus_attacks_multiple_orgs/
Google Patches Actively Exploited Chrome Sandbox Escape Vulnerability CVE-2025-6558 — tl;dr: Google has released a critical security update for Chrome to address multiple vulnerabilities, including the actively exploited CVE-2025-6558, which allows attackers to escape the browser's sandbox via a specially crafted HTML page. This high-severity flaw affects Chrome versions prior to 138.0.7204.157 and poses a significant risk to users. Chrome users are urged to update their browsers immediately to mitigate potential exploitation. The update also includes fixes for five other vulnerabilities, emphasizing the importance of maintaining up-to-date software for security.
↪ https://www.bleepingcomputer.com/news/security/google-fixes-actively-exploited-sandbox-escape-zero-day-in-chrome/
Google Fixes Chrome Zero-Day CVE-2023-6345 Exploited in the Wild — tl;dr: Google has patched a critical zero-day vulnerability in Chrome, identified as CVE-2023-6345, which is an integer overflow in the Skia graphics library. This flaw, the sixth zero-day exploited in 2023, poses risks such as arbitrary code execution and crashes. Users are urged to update their Chrome browsers to version 119.0.6045.199 for Mac and Linux, and 119.0.6045.199/.200 for Windows, to mitigate potential exploitation. The update also addresses five other high-severity vulnerabilities, emphasizing the importance of keeping software up to date for security.
↪ https://blog.deurainfosec.com/chrome-zero-day-vulnerability-that-exploited-in-the-wild/
183 Million Credentials Leaked from Infostealer Malware Logs — tl;dr: On October 30, 2025, the 'Have I Been Pwned' database added 183 million stolen credentials, including verified Gmail logins, sourced from infostealer malware logs. This incident highlights the ongoing threat of credential-stealing software, emphasizing the need for enhanced security measures like multi-factor authentication and passkeys. Google confirmed that the data breach did not originate from its infrastructure but from compromised user devices. With 16.4 million credentials previously unseen in any breach, users are urged to adopt stronger authentication practices and maintain regular updates to safeguard against such threats.
↪ https://www.cybernewscentre.com/30-october-2025-183-million-infostealer-credentials-leak/
Proton Unveils Data Breach Observatory to Monitor Dark Web Leaks — tl;dr: Proton has launched the Data Breach Observatory, a continuously updated platform designed to track personal information leaks from the dark web. This initiative aims to provide accurate cybercrime data by monitoring underground markets where stolen data is traded, addressing the issue of unreported breaches. With over 1,571 data breaches compromising more than 100 billion records in 2025 alone, the Observatory seeks to warn victims early and educate the public on the scale of cybercrime. Users are encouraged to stay informed about potential breaches affecting their personal data.
↪ https://www.engadget.com/cybersecurity/proton-launches-data-breach-observatory-to-track-personal-info-leaks-110047833.html