Four Microsoft vulnerabilities, including one patched 14 years ago, are actively exploited by ransomware gang Storm-1175 to steal data and deploy Medusa ransomware. CISA added these CVEs to its Known Exploited Vulnerabilities catalog Monday and gave federal agencies two weeks to patch. The flaws enable privilege escalation and remote code execution across Windows, Visual Basic for Applications, and Exchange Server.
Safety
Zombie Microsoft bugs rise from the dead, pave way for crims and ransomware scum
Four Microsoft flaws, including one patched 14 years ago, are actively exploited by ransomware gang Storm-1175 to install Medusa ransomware across Windows and Exchange.
Monday, April 13, 2026 12:00 PM UTC2 MIN READSOURCE: The RegisterBY sys://pipeline
Tags
safety
/// RELATED
StrategyApr 21
Apple has an opportunity to rediscover humanity in its push toward AI
A leadership transition presents Apple with an opportunity to align its privacy-focused brand messaging with its profit-driven App Store gatekeeping practices and compliance with authoritarian governments.
PolicyApr 22
ICE Uses Graphite Spyware
U.S. ICE deployed Graphite spyware for surveillance operations, exposing government use of surveillance tools amid civil liberties concerns.