Microsoft patches zero-day actively exploited in string of ransomware attacks | CyberScoop<\/title> <meta name=\"description\" content=\"Microsoft said Storm-2460 has exploited the zero-day in the Windows Common Log File System to attack organizations in the U.S., Venezuela, Spain and Saudi Arabia.\"> <link rel=\"canonical\" href=\"https:\/\/cyberscoop.com\/microsoft-patch-tuesday-april-2025\/\"> <meta property=\"og:locale\" content=\"en_US\"> <meta property=\"og:type\" content=\"article\"> <meta property=\"og:title\" content=\"Microsoft patches zero-day actively exploited in string of ransomware attacks\"> <meta property=\"og:description\" content=\"Microsoft said Storm-2460 has exploited the zero-day in the Windows Common Log File System to attack organizations in the U.S., Venezuela, Spain and Saudi Arabia.\"> <meta property=\"og:url\" content=\"https:\/\/cyberscoop.com\/microsoft-patch-tuesday-april-2025\/\"> <meta property=\"og:site_name\" content=\"CyberScoop\"> <meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/cyberscoop\/\"> <meta property=\"article:published_time\" content=\"2025-04-08T21:22:36+00:00\"> <meta property=\"article:modified_time\" content=\"2025-04-08T21:22:39+00:00\"> <meta property=\"og:image\" content=\"https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/04\/microsoft-patches-zero-day-actively-exploited-in-string-of-ransomware-attacks-2.jpg\"> <meta property=\"og:image:width\" content=\"1920\"> <meta property=\"og:image:height\" content=\"1280\"> <meta property=\"og:image:type\" content=\"image\/jpeg\"> <meta name=\"author\" content=\"Matt Kapko\"> <meta name=\"twitter:card\" content=\"summary_large_image\"> <meta name=\"twitter:creator\" content=\"@CyberScoopNews\"> <meta name=\"twitter:site\" content=\"@CyberScoopNews\">  <link rel=\"dns-prefetch\" href=\"\/\/securepubads.g.doubleclick.net\">\n<link rel=\"dns-prefetch\" href=\"\/\/use.typekit.net\">\n<link rel=\"alternate\" type=\"application\/rss+xml\" title=\"CyberScoop \u00bb Feed\" href=\"https:\/\/cyberscoop.com\/feed\/\">\n<link rel=\"alternate\" type=\"application\/rss+xml\" title=\"CyberScoop \u00bb Comments Feed\" href=\"https:\/\/cyberscoop.com\/comments\/feed\/\"> <link rel=\"stylesheet\" id=\"all-css-2\" href=\"https:\/\/cyberscoop.com\/wp-includes\/css\/dist\/block-library\/style.min.css?m=1742994400g\" type=\"text\/css\" media=\"all\"> <link rel=\"stylesheet\" id=\"all-css-6\" href=\"https:\/\/cyberscoop.com\/wp-content\/mu-plugins\/search\/elasticpress\/dist\/css\/related-posts-block-styles.min.css?m=1744125154g\" type=\"text\/css\" media=\"all\"> <link rel=\"stylesheet\" id=\"all-css-8\" href=\"https:\/\/cyberscoop.com\/wp-content\/themes\/scoopnewsgroup\/dist\/css\/frontend.css?m=1740691656g\" type=\"text\/css\" media=\"all\">\n<link rel=\"stylesheet\" id=\"typekit-css\" href=\"https:\/\/use.typekit.net\/itk2qbh.css?ver=a815169637cf454b7376\" media=\"all\"> <link rel=\"https:\/\/api.w.org\/\" href=\"https:\/\/cyberscoop.com\/wp-json\/\"><link rel=\"alternate\" title=\"JSON\" type=\"application\/json\" href=\"https:\/\/cyberscoop.com\/wp-json\/wp\/v2\/posts\/84115\"><link rel=\"EditURI\" type=\"application\/rsd+xml\" title=\"RSD\" href=\"https:\/\/cyberscoop.com\/xmlrpc.php?rsd\">\n<meta name=\"generator\" content=\"WordPress 6.7.2\">\n<link rel=\"shortlink\" href=\"https:\/\/cyberscoop.com\/?p=84115\">\n<link rel=\"alternate\" title=\"oEmbed (JSON)\" type=\"application\/json+oembed\" href=\"https:\/\/cyberscoop.com\/wp-json\/oembed\/1.0\/embed?url=https%3A%2F%2Fcyberscoop.com%2Fmicrosoft-patch-tuesday-april-2025%2F\">\n<link rel=\"alternate\" title=\"oEmbed (XML)\" type=\"text\/xml+oembed\" href=\"https:\/\/cyberscoop.com\/wp-json\/oembed\/1.0\/embed?url=https%3A%2F%2Fcyberscoop.com%2Fmicrosoft-patch-tuesday-april-2025%2F&format=xml\">   <link rel=\"icon\" href=\"https:\/\/cyberscoop.com\/wp-content\/uploads\/sites\/3\/2023\/01\/cropped-cs_favicon-2.png?w=32\" sizes=\"32x32\">\n<link rel=\"icon\" href=\"https:\/\/cyberscoop.com\/wp-content\/uploads\/sites\/3\/2023\/01\/cropped-cs_favicon-2.png?w=192\" sizes=\"192x192\">\n<link rel=\"apple-touch-icon\" href=\"https:\/\/cyberscoop.com\/wp-content\/uploads\/sites\/3\/2023\/01\/cropped-cs_favicon-2.png?w=180\">\n<meta name=\"msapplication-TileImage\" content=\"https:\/\/cyberscoop.com\/wp-content\/uploads\/sites\/3\/2023\/01\/cropped-cs_favicon-2.png?w=270\"> <\/head><body class=\"post-template-default single single-post postid-84115 single-format-standard\" id=\"readabilityBody\"> <a href=\"https:\/\/cyberscoop.com\/microsoft-patch-tuesday-april-2025\/#main\" class=\"skip-to-content-link visually-hidden-focusable\">Skip to main content<\/a> <\/p>\n<div class=\"ad ad--top ad--top-desktop\">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<p> <main id=\"main\" role=\"main\" tabindex=\"-1\"> <\/p>\n<div class=\"ad ad--top ad--top-mobile\">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<section id=\"stickybar\" class=\"stickybar stickybar--newsletter js-stickybar\" readability=\"0.82\"> <button class=\"stickybar__close js-stickybar-close\" aria-controls=\"stickybar\"> <svg class=\"icon icon--close\" width=\"21\" height=\"22\" viewBox=\"0 0 21 22\" fill=\"none\"><path d=\"m.822.518-.805.805L9.695 11 .017 20.678l.805.805 9.678-9.678 9.677 9.678.806-.805L11.305 11l9.678-9.677-.806-.805-9.677 9.677L.822.518Z\" fill=\"currentColor\" \/><\/svg> <span class=\"visually-hidden\">Close<\/span> <\/button> <\/section>\n<article class=\"single-article content\">\n<div class=\"single-article__container js-single-article-content\">\n<header class=\"single-article__header \" readability=\"26.486378205128\">\n<div class=\"single-article__header-content\" readability=\"35.995412844037\">\n<ul class=\"single-article__eyebrow\">\n<li class=\"single-article__category\"> <a class=\"single-article__category-link\" href=\"https:\/\/cyberscoop.com\/microsoft-patch-tuesday-april-2025\/\"> <span>Cybersecurity<\/span> <\/a> <\/li>\n<\/ul>\n<p> Microsoft said Storm-2460 has exploited the zero-day in the Windows Common Log File System to attack organizations in the U.S., Venezuela, Spain and Saudi Arabia. <\/p>\n<p>  <br \/>\n<audio id=\"audio-player\" src=\"https:\/\/wp-tts-cdn.api.scpnewsgrp.com\/cyberscoop\/84115\/english.openai.mp3\"><\/audio> <\/p>\n<div readability=\"11\">\n<div>\n<p>Listen to this article<\/p>\n<p>  <\/p>\n<p>0:00<\/p>\n<\/p><\/div>\n<p>  <\/p>\n<p> <span id=\"tts-tooltip\">Learn more.<\/span> <span> This feature uses an automated voice, which may result in occasional errors in pronunciation, tone, or sentiment. <\/span> <\/p>\n<\/div>\n<p>  <\/div>\n<div class=\"single-article__cover-wrap\">\n<figure class=\"single-article__cover\"> <img data-recalc-dims=\"1\" fetchpriority=\"high\" width=\"640\" height=\"426\" src=\"https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2025\/04\/microsoft-patches-zero-day-actively-exploited-in-string-of-ransomware-attacks.jpg?resize=640%2C426&ssl=1\" class=\"single-article__cover-image wp-post-image\" alt decoding=\"async\" fetchpriority=\"high\" srcset=\"https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/04\/microsoft-patches-zero-day-actively-exploited-in-string-of-ransomware-attacks-2.jpg 1920w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/04\/microsoft-patches-zero-day-actively-exploited-in-string-of-ransomware-attacks-2.jpg?resize=300,200 300w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/04\/microsoft-patches-zero-day-actively-exploited-in-string-of-ransomware-attacks-2.jpg?resize=768,512 768w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/04\/microsoft-patches-zero-day-actively-exploited-in-string-of-ransomware-attacks-2.jpg?resize=1024,683 1024w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/04\/microsoft-patches-zero-day-actively-exploited-in-string-of-ransomware-attacks-2.jpg?resize=1536,1024 1536w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/04\/microsoft-patches-zero-day-actively-exploited-in-string-of-ransomware-attacks-2.jpg?resize=600,400 600w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/04\/microsoft-patches-zero-day-actively-exploited-in-string-of-ransomware-attacks-2.jpg?resize=252,168 252w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/04\/microsoft-patches-zero-day-actively-exploited-in-string-of-ransomware-attacks-2.jpg?resize=506,337 506w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/04\/microsoft-patches-zero-day-actively-exploited-in-string-of-ransomware-attacks-2.jpg?resize=1013,675 1013w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/04\/microsoft-patches-zero-day-actively-exploited-in-string-of-ransomware-attacks-2.jpg?resize=1265,843 1265w\" sizes=\"(max-width: 1013px) 100vw, 1013px\"><figcaption> A view of the Microsoft corporate logo in front of the Microsoft Office building on 41st street and 8th avenue on July 19, 2024 in New York City. (Photo by Craig T Fruchtman\/Getty Images) <\/figcaption><\/figure>\n<\/p><\/div>\n<\/header>\n<div class=\"single-article__content\">\n<div class=\"single-article__content-inner has-drop-cap\"> <html readability=\"47.351955307263\"><body readability=\"96.07205404053\"><\/p>\n<p>Microsoft addressed 126 vulnerabilities affecting its systems and core products, including a zero-day in the Windows Common Log File System (CLFS) that\u2019s been actively exploited in a series of ransomware attacks, the company said in its <a href=\"https:\/\/msrc.microsoft.com\/update-guide\/releaseNote\/2025-Apr\">latest security update<\/a> Tuesday.<\/p>\n<p>A group Microsoft tracks as Storm-2460 has exploited <a href=\"https:\/\/msrc.microsoft.com\/update-guide\/en-US\/vulnerability\/CVE-2025-29824\">CVE-2025-29824<\/a> to initiate ransomware attacks \u201cagainst a small number of targets,\u201d Microsoft Threat Intelligence said in a <a href=\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2025\/04\/08\/exploitation-of-clfs-zero-day-leads-to-ransomware-activity\/\">research note<\/a> released Tuesday. Victims include organizations in the IT and real estate sectors in the United States, the financial sector in Venezuela, a Spanish software company and the retail sector in Saudi Arabia, according to Microsoft.<\/p>\n<p>Microsoft said it\u2019s unsure how Storm-2460 gained initial access to devices on these networks, but noted successful exploitation of the software defect allows an attacker running a standard user account to escalate privileges. The zero-day, which Storm-2460 deployed via PipeMagic malware, has a CVSS score of 7.8.<\/p>\n<p>\u201cRansomware threat actors value post-compromise elevation of privilege exploits because these could enable them to escalate initial access, including handoffs from commodity malware distributors, into privileged access,\u201d Microsoft Threat Intelligence researchers said in the blog post. \u201cThey then use privileged access for widespread deployment and detonation of ransomware within an environment.\u201d<\/p>\n<div class=\"ad ad--inline_1 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<p>Mike Walters, president and co-founder at Action1, said CVE-2025-29824 \u201cis significant because it affects a core component of Windows, impacting a wide range of environments, including enterprise systems and critical infrastructure.\u201d<\/p>\n<p>Attackers can exploit the vulnerability to gain the highest privilege on a Windows system, Walters said. This allows attackers to install malware, modify system files and registry settings, disable security features, access sensitive data and maintain persistent access, resulting in full system compromise and lateral movement across networks, Walters added. <\/p>\n<p>CLFS vulnerabilities are common in Microsoft\u2019s monthly security updates, according to Satnam Narang, senior staff research engineer at Tenable. \u201cSince 2022, Microsoft has patched 32 CLFS vulnerabilities, averaging 10 each year, with six exploited in the wild,\u201d Narang said in an email.<\/p>\n<p>\u201cElevation of privilege flaws in CLFS have become especially popular among ransomware operators over the years,\u201d Narang said. \u201cWhile remote code execution flaws are consistently top overall Patch Tuesday figures, the data is reversed for zero-day exploitation. For the past two years, elevation of privilege flaws have led the pack and, so far in 2025, account for over half of all zero-days exploited.\u201d<\/p>\n<p>More than 40% of the vulnerabilities Microsoft patched on Tuesday allow attackers to achieve elevation of privileges, Narang said.<\/p>\n<div class=\"ad ad--inline_1 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<p>The batch of patches Microsoft released this month marks the vendor\u2019s fourth monthly security update to include more than 100 vulnerabilities in the past year, and the second set of triple-digit defects in 2025 thus far. <\/p>\n<p>\u201cFor the first time in years, none of the vulnerabilities have a publicly available proof of concept,\u201d Walters said.<\/p>\n<p>Eighteen of the vulnerabilities in this month\u2019s security update affect Microsoft Office and standalone Office products. All of the software defects affecting Microsoft Office are high-severity, and Microsoft designated three of those vulnerabilities \u2014 <a href=\"https:\/\/msrc.microsoft.com\/update-guide\/en-US\/vulnerability\/CVE-2025-29792\">CVE-2025-29792<\/a>, <a href=\"https:\/\/msrc.microsoft.com\/update-guide\/en-US\/vulnerability\/CVE-2025-29793\">CVE-2025-29793<\/a> and <a href=\"https:\/\/msrc.microsoft.com\/update-guide\/en-US\/vulnerability\/CVE-2025-29794\">CVE-2025-29794<\/a> \u2014 as \u201cmore likely\u201d to be exploited.<\/p>\n<p>Overall, Microsoft said 11 of the vulnerabilities it patched this month are \u201cmore likely\u201d to be exploited. This set of more concerning flaws includes a pair of high-severity software defects \u2014 <a href=\"https:\/\/msrc.microsoft.com\/update-guide\/en-US\/vulnerability\/CVE-2025-27480\">CVE-2025-27480<\/a> and <a href=\"https:\/\/msrc.microsoft.com\/update-guide\/en-US\/vulnerability\/CVE-2025-27482\">CVE-2025-27482<\/a> \u2014 that could allow for remote code execution in Remote Desktop Gateway Service.<\/p>\n<p>The full list of vulnerabilities addressed this month is available in <a href=\"https:\/\/msrc.microsoft.com\/update-guide\/releaseNote\/2025-Apr\">Microsoft\u2019s Security Response Center<\/a>.<\/p>\n<p><\/body> <\/p>\n<footer class=\"single-article__footer\" readability=\"3.7452830188679\">\n<div class=\"author-card\" readability=\"14\">\n<div class=\"author-card__avatar\">\n<figure class=\"author-card__image-wrap\"> <img data-recalc-dims=\"1\" decoding=\"async\" class=\"author-card__image\" src=\"https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2025\/04\/microsoft-patches-zero-day-actively-exploited-in-string-of-ransomware-attacks-1.jpg?w=640&ssl=1\" alt=\"Matt Kapko\"> <\/figure>\n<\/p><\/div>\n<p><h4 class=\"author-card__name\">Written by Matt Kapko<\/h4>\n<p> Matt Kapko is a reporter at CyberScoop. His beat includes cybercrime, ransomware, software defects and vulnerability (mis)management. The lifelong Californian started his journalism career in 2001 with previous stops at Cybersecurity Dive, CIO, SDxCentral and RCR Wireless News. Matt has a degree in journalism and history from Humboldt State University. <\/p>\n<\/p><\/div>\n<div class=\"single-article__tags-container\">\n<h4 class=\"single-article__tags-title\">In This Story<\/h4>\n<\/p><\/div>\n<\/footer>\n<p> <\/html><\/div>\n<\/p><\/div>\n<\/p><\/div>\n<div class=\"single-article__ads js-single-article-sidebar\">\n<div class=\"ad ad--sidebar js-single-article-sidebar-5 ad--rightrail_1 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<div class=\"ad ad--sidebar js-single-article-sidebar-4 ad--rightrail_2 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<div class=\"ad ad--sidebar js-single-article-sidebar-3 ad--rightrail_3 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div><\/div>\n<\/article>\n<div class=\"popular-stories popular-stories--single-post\">\n<div class=\"popular-stories__container\">\n<h2 class=\"popular-stories__title\"> More Scoops <\/h2>\n<p>  <\/div>\n<p>\n<\/div>\n<p> <\/p>\n<section class=\"latest-podcasts\">\n<h2 class=\"latest-podcasts__title\"> Latest Podcasts\t<\/h2>\n<\/section>\n<div class=\"top-categories\">\n<div class=\"top-categories__container\">\n<h3 class=\"top-categories__category-title\">Government<\/h3>\n<\/p><\/div>\n<div class=\"top-categories__container\">\n<h3 class=\"top-categories__category-title\">Technology<\/h3>\n<\/p><\/div>\n<\/p><\/div>\n<p> <\/main> <\/p>\n<div class=\"ad ad--bottom \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<div id=\"interstitial\" class=\"welcome__container\"> <button id=\"close-modal-1\" class=\"welcome__clickable_area\"><\/button> <\/p>\n<div class=\"welcome__ad_wrapper\">\n<p> <button id=\"close-modal-3\" class=\"welcome__continue-button\">Continue to CyberScoop<\/button> <\/p>\n<\/p><\/div>\n<\/p><\/div>\n<p>   <\/body> <a href=\"https:\/\/cyberscoop.com\/microsoft-patch-tuesday-april-2025\/\">Source<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Microsoft patches zero-day actively exploited in string of ransomware attacks<\/p>\n","protected":false},"author":11,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[282,78,625,2660,46,256,3587,288,643,1170],"tags":[286,86,630,2662,54,262,3589,294,645,1171],"class_list":["post-7524","post","type-post","status-publish","format-standard","hentry","category-cybercrime","category-cybersecurity","category-microsoft","category-patch-tuesday","category-ransomware","category-research","category-security-patch","category-threats","category-vulnerabilities","category-zero-days","tag-cybercrime","tag-cybersecurity","tag-microsoft","tag-patch-tuesday","tag-ransomware","tag-research","tag-security-patch","tag-threats","tag-vulnerabilities","tag-zero-days"],"featured_image_urls":{"full":"","thumbnail":"","medium":"","medium_large":"","large":"","1536x1536":"","2048x2048":"","chromenews-featured":"","chromenews-large":"","chromenews-medium":""},"author_info":{"display_name":"Cyber Scoop","author_link":"https:\/\/ddi.mohflo.net\/index.php\/author\/cyberscoop\/"},"category_info":"<a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/cybercrime\/\" rel=\"category tag\">cybercrime<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/cybersecurity\/\" rel=\"category tag\">Cybersecurity<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/microsoft\/\" rel=\"category tag\">Microsoft<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/patch-tuesday\/\" rel=\"category tag\">Patch Tuesday<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/ransomware\/\" rel=\"category tag\">ransomware<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/research\/\" rel=\"category tag\">Research<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/security-patch\/\" rel=\"category tag\">security patch<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/threats\/\" rel=\"category tag\">Threats<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/vulnerabilities\/\" rel=\"category tag\">vulnerabilities<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/zero-days\/\" rel=\"category tag\">zero-days<\/a>","tag_info":"zero-days","comment_count":"0","jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/posts\/7524","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/users\/11"}],"replies":[{"embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/comments?post=7524"}],"version-history":[{"count":0,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/posts\/7524\/revisions"}],"wp:attachment":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/media?parent=7524"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/categories?post=7524"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/tags?post=7524"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}

{"id":7524,"date":"2025-04-08T16:22:36","date_gmt":"2025-04-08T21:22:36","guid":{"rendered":"https:\/\/cyberscoop.com\/?p=84115"},"modified":"2025-04-08T16:22:36","modified_gmt":"2025-04-08T21:22:36","slug":"microsoft-patches-zero-day-actively-exploited-in-string-of-ransomware-attacks","status":"publish","type":"post","link":"https:\/\/ddi.mohflo.net\/index.php\/2025\/04\/08\/microsoft-patches-zero-day-actively-exploited-in-string-of-ransomware-attacks\/","title":{"rendered":"Microsoft patches zero-day actively exploited in string of ransomware attacks"},"content":{"rendered":"