Zoom patches critical Windows flaw allowing privilege escalation

Threat Score:

Security Affairs

1 day ago

Part of cluster #1908

Overview

Zoom fixed a critical Windows client flaw (CVE-2025-49457, CVSS 9.6) involving an untrusted path that could enable privilege escalation. Cloud-based video conferencing and online collaboration platform Zoom addressed a critical security flaw, tracked as CVE-2025-49457 (CVSS score of 9.6) in Zoom Clients for Windows. An unauthenticated user can exploit the vulnerability to conduct an […]...

Continue Reading on Original Site

5 articles

New Crypto24 Ransomware Attacks Bypass EDR

Dark Reading • 10 hours ago

While several cybercrime groups have embraced "EDR killers," researchers say the deep knowledge and technical skills demonstrated by Crypto24 signify a dangerous escalation.

Score

Stop Reacting; Start Anticipating: The Global State of Threat Intelligence

Brighttalk • 14 hours ago

Presented by Jitin Shabadu, Forrester Analyst | Jayce Nichols, Director, Intelligence Solutions, Google Threat Intelligence Group

Score

How your solar rooftop became a national security issue

TechCrunch • 8 hours ago

Texas solar company EG4 became the poster child for energy cybersecurity risks this week after federal officials published an advisory detailing how hackers could hijack its inverters.

Score

Ransomware Actors Blending Legitimate Tools with Custom Malware to Evade Detection

Cybersecurity News • 8 hours ago

The cybersecurity landscape faces a new sophisticated threat as the Crypto24 ransomware group demonstrates an alarming evolution in attack methodology, seamlessly blending legitimate administrative tools with custom-developed malware to execute precision strikes against high-value targets. This emerging ransomware operation has successfully compromised organizations across Asia, Europe, and the United States, with a particular focus on […]

Score

Colt Telecommunications Struggles in Wake of Cyber Incident

Dark Reading • 11 hours ago

The UK telco said it temporarily took some systems offline as a "protective" measure in its investigation.

Score

CVES

CVE-2025-49457

CVE-2025-8355

CVE-2025-8356

ATTACK TYPES

Privilege Escalation

Remote Code Execution

VULNERABILITIES

Privilege Escalation

Remote Code Execution

COMPANIES

Xerox

Zoom

PLATFORMS

Windows

MITRE ATT&CK

T1059

T1068

T1070

T1071

T1105

INDUSTRIES

Software

Technology

ARTICLE INFORMATION

Article #11407

Published 1 day ago

Security Affairs

THREAT HUNTING

THREAT INTELLIGENCE

BUSINESS INTELLIGENCE

Save to Folder

Article Intelligence

THREAT HUNTING

THREAT INTELLIGENCE

BUSINESS INTELLIGENCE

Overview

Related Articles

New Crypto24 Ransomware Attacks Bypass EDR

Stop Reacting; Start Anticipating: The Global State of Threat Intelligence

How your solar rooftop became a national security issue

Ransomware Actors Blending Legitimate Tools with Custom Malware to Evade Detection

Colt Telecommunications Struggles in Wake of Cyber Incident

Save to Folder

Article Intelligence

We use cookies

Cookie Settings

Essential Cookies

Analytics Cookies

Performance Cookies

Marketing Cookies