Google probes exploitation of critical Windows service CVE
Google Threat Intelligence Group is investigating a series of attacks linked to a hacker targeting a critical vulnerability in Windows Server Update Service, Cybersecurity Dive has learned.
Threat activity has ramped up since last week after a proof of concept for the untrusted data vulnerability in WSUS, the service widely used to manage the deployment of Microsoft product updates.
“We are actively investigating the exploitation of CVE-2025-59287 by a newly identified threat actor we are tracking as UNC6512 across multiple victim organizations,” GTIG researchers told Cybersecurity Dive.
Read more at Cybersecurity Dive