Microsoft fixes "BadSuccessor" zero-day authentication bug

Threat Score:
50
IT News Security
1 day ago
Microsoft fixes "BadSuccessor" zero-day authentication bug

Overview

News Technology Security Microsoft fixes "BadSuccessor" zero-day authentication bug Patch Wednesday lands with 13 fixes for vulnerabilities rated critical. Microsoft's August 2025 Patch Wednesday collection of security updates for its software products contains a fix for a vulnerability rated as moderately severe, but which is now classified as a zero-day flaw as it was publicly disclosed before a remedy was available. Called "BadSuccessor", the flaw was documented in May this year by Akamai sec...

Related Articles

5 articles
1

CISA Warns N-able Bugs Under Attack, Patch Now

Dark Reading 6 hours ago

Two critical N-able vulnerabilities enable local code execution and command injection; they require authentication to exploit, suggesting they wouldn't be seen at the beginning of an exploit chain.

Score
88
Read more
2

Norway confirms dam intrusion by Pro-Russian hackers

Security Affairs 8 hours ago

Norway’s security service PST says pro-Russian hackers took over a dam in April, opening outflow valves. Norway’s Police Security Service (PST) says pro-Russian hackers seized control of a dam’s systems in April, opening outflow valves. On April 7, the attackers took control of a dam in Bremanger, western Norway, opening a flood gate to release […]

Score
84
Read more
4

Breach Roundup: Russian Hackers Attacked Norwegian Dam

Data Breach Today UK 3 hours ago

Also: Spain Defies Pressure to Eject Huawei, Hackers Leak North Korea Kimsuky Data This week, Norway said Russian hackers attacked a flood gate, Spain defied pressure to eject Huawei, a cyberattack against the Office of the Pennsylvania Attorney General. Hackers leaked stolen North Korean Kimsuky data, Microsoft patched a Kerberos zero-day and a big Chrome bug bounty.

Score
82
Read more
5

Ransomware Actors Combine Legitimate Tools with Custom Malware to Evade Detection

GB Hackers 5 hours ago

Ransomware Actors Combine Legitimate Tools with Custom Malware to Evade Detection Operators behind the Crypto24 strain are employing highly coordinated, multi-stage attacks that blend legitimate system tools with bespoke malware to infiltrate networks, maintain persistence, and evade endpoint detection and response (EDR) systems. According to detailed analysis from Trend Micro researchers, these adversaries target high-profile organizations across Asia, Europe, and the United States, with a part

Score
82
Read more