Windows Server Update Services (WSUS) vulnerability abused to harvest sensitive data

Windows Server Update Services (WSUS) vulnerability abused to harvest sensitive data

Exploitation of CVE-2025-59287 began after public disclosure and the release of proof-of-concept code

mindimcdowell

Go to sophos

Posted

October 30, 2025

in

featured, sophos, Threat Research, Vulnerability, Windows Server Update Services, WSUS

by

leeanne

Tags: