Microsoft August 2025 Patch Tuesday Fixes Kerberos Zero-Day Among 111 Total New Flaws

Threat Score:
55
The Hacker News
1 day ago

Overview

Microsoft on Tuesday rolled out fixes for amassive set of 111 security flawsacross its software portfolio, including one flaw that has been disclosed as publicly known at the time of the release. Of the 111 vulnerabilities, 16 are rated Critical, 92 are rated Important, two are rated Moderate, and one is rated Low in severity. Forty-four of the vulnerabilities relate to privilege escalation, followed by remote code execution (35), information disclosure (18), spoofing (8), and denial-of-service ...

Related Articles

5 articles
1

CISA Warns N-able Bugs Under Attack, Patch Now

Dark Reading 6 hours ago

Two critical N-able vulnerabilities enable local code execution and command injection; they require authentication to exploit, suggesting they wouldn't be seen at the beginning of an exploit chain.

Score
88
Read more
2

Norway confirms dam intrusion by Pro-Russian hackers

Security Affairs 8 hours ago

Norway’s security service PST says pro-Russian hackers took over a dam in April, opening outflow valves. Norway’s Police Security Service (PST) says pro-Russian hackers seized control of a dam’s systems in April, opening outflow valves. On April 7, the attackers took control of a dam in Bremanger, western Norway, opening a flood gate to release […]

Score
84
Read more
4

Breach Roundup: Russian Hackers Attacked Norwegian Dam

Data Breach Today UK 3 hours ago

Also: Spain Defies Pressure to Eject Huawei, Hackers Leak North Korea Kimsuky Data This week, Norway said Russian hackers attacked a flood gate, Spain defied pressure to eject Huawei, a cyberattack against the Office of the Pennsylvania Attorney General. Hackers leaked stolen North Korean Kimsuky data, Microsoft patched a Kerberos zero-day and a big Chrome bug bounty.

Score
82
Read more
5

Ransomware Actors Combine Legitimate Tools with Custom Malware to Evade Detection

GB Hackers 5 hours ago

Ransomware Actors Combine Legitimate Tools with Custom Malware to Evade Detection Operators behind the Crypto24 strain are employing highly coordinated, multi-stage attacks that blend legitimate system tools with bespoke malware to infiltrate networks, maintain persistence, and evade endpoint detection and response (EDR) systems. According to detailed analysis from Trend Micro researchers, these adversaries target high-profile organizations across Asia, Europe, and the United States, with a part

Score
82
Read more