At least 50 organizations in the U.S. have fallen victim to attacks exploiting a significant vulnerability in the Windows Server Update Service (WSUS). Researchers from Sophos have identified that this vulnerability, tracked as CVE-2025-59287, involves the deserialization of untrusted data.
Despite a security update released by Microsoft in mid-October, it failed to adequately protect systems, prompting Microsoft to issue an emergency out-of-band patch late last week. Sophos noted that their own telemetry detected six incidents of exploitation, suggesting attackers may still be analyzing the data they’ve collected to seek further intrusion opportunities.
The impacted entities include various sectors such as technology firms, universities, manufacturers, and healthcare organizations, indicating a wide-reaching threat. The exploit is reportedly linked to a hacker group, known to the Google Threat Intelligence Group as UNC6512, which has been conducting reconnaissance on infiltrated networks to exfiltrate sensitive data.
As this threat evolves, researchers from Eye Security have suggested that at least two distinct actors are involved in the exploitation, building upon earlier findings released by Huntress Labs. Sophos first detected such activity on October 24, just a day after Microsoft released the patch for the vulnerability.
In response, the Cybersecurity and Infrastructure Security Agency (CISA) added the vulnerability to its Known Exploited Vulnerabilities catalog and has urged organizations to apply the Microsoft patches urgently and to check their systems for any signs of compromise. For further details on mitigation efforts, CISA has provided guidance here.
Hudson Valley Host is premier provider of cutting-edge hosting solutions, specializing in delivering a seamless online experience for businesses and individuals. We offer a comprehensive range of hosting services, including Shared Hosting, VPS, Dedicated Servers, and Colocation. With 24/7 technical support, robust security measures, and user-friendly control panels, we empower clients in managing their online presence effortlessly. Hudson Valley Host is your trusted partner in achieving online success.
For Inquiries or to receive a personalized quote, please reach out to us through our contact form here or email us at sales@hudsonvalleyhost.com.
