Windows 0-Day Vulnerability Exploited in the Wild to Deploy Play Ransomware

May 7, 2025

Windows 0-Day Vulnerability Exploited in the Wild to Deploy Play Ransomware

Threat actors linked to the Play ransomware operation exploited a zero-day vulnerability in Microsoft Windows prior to its patching on April 8, 2025.
The vulnerability, tracked as CVE-2025-29824, affe …

Published Date:
May 07, 2025 (3 hours, 33 minutes ago)

Vulnerabilities has been mentioned in this article.

CVE-2025-29824

Source: Read More

Previous ArticleCritical AWS Amplify Studio Vulnerability Let Attackers Execute Arbitrary Code

Next Article Critical Langflow Vulnerability (CVE-2025-3248) Actively Exploited, Warns CISA

Highlights

CVE-2025-4894 – Calmkart Django-sso-server RSA Key Encryption Weakness

May 18, 2025

CVE ID : CVE-2025-4894

Published : May 18, 2025, 8:15 p.m. | 4 hours, 9 minutes ago

Description : A vulnerability classified as problematic was found in calmkart Django-sso-server up to 057247929a94ffc358788a37ab99e391379a4d15. This vulnerability affects the function gen_rsa_keys of the file common/crypto.py. The manipulation leads to inadequate encryption strength. The attack can be initiated remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. This product is using a rolling release to provide continious delivery. Therefore, no version details for affected nor updated releases are available.

Severity: 3.7 | LOW

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CodeSOD: A Unique Way to Primary Key

BrowserStack launches Figma plugin for detecting accessibility issues in design phase

Parasoft brings agentic AI to service virtualization in latest release

Node.js vs. Python for Backend: 7 Reasons C-Level Leaders Choose Node.js Talent

The best CRM software with email marketing in 2025: Expert tested and reviewed

This multi-port car charger can power 4 gadgets at once – and it’s surprisingly cheap

I’m a wearables editor and here are the 7 Pixel Watch 4 rumors I’m most curious about

8 ways I quickly leveled up my Linux skills – and you can too

The Intersection of Agile and Accessibility – A Series on Designing for Everyone

The Intersection of Agile and Accessibility – A Series on Designing for Everyone

Zero Trust & Cybersecurity Mesh: Your Org’s Survival Guide

Execute Ping Commands and Get Back Structured Data in PHP

A Tomb Raider composer has been jailed — His legacy overshadowed by $75k+ in loan fraud

A Tomb Raider composer has been jailed — His legacy overshadowed by $75k+ in loan fraud

“I don’t think I changed his mind” — NVIDIA CEO comments on H20 AI GPU sales resuming in China following a meeting with President Trump

Galaxy Z Fold 7 review: Six years later — Samsung finally cracks the foldable code

Windows 0-Day Vulnerability Exploited in the Wild to Deploy Play Ransomware

Windows 0-Day Vulnerability Exploited in the Wild to Deploy Play Ransomware

CVE-2025-44658 – Netgear RAX30 PHP-FPM Misconfigured Extension Bypass Vulnerability

CVE-2025-7393 – Drupal Mail Login Authentication Bypass

Google’s Veo 2 AI text-to-video generator is now available – how to try it

CVE-2025-4806 – SourceCodester Oretnom23 Stock Management System SQL Injection

CVE-2025-49490 – Falcon_Linux Kestrel Lapwing_Linux Router Resource Leak Exposure

New Research Reveals Multiple Attack Surfaces in WeChat & Other Instant Messaging Apps

CVE-2025-4894 – Calmkart Django-sso-server RSA Key Encryption Weakness

CVE-2025-49162 – Arris VIP1113 TFTP File Overwrite Vulnerability

CVE-2025-6272 – wasm3 Out-of-Bounds Write Vulnerability

Argonaut DTO Package for Laravel

Windows 0-Day Vulnerability Exploited in the Wild to Deploy Play Ransomware

Windows 0-Day Vulnerability Exploited in the Wild to Deploy Play Ransomware

Related Posts