Vulnerability cyber

Microsoft

Apr 8, 2025 1 min read
Microsoft

Microsoft encountered a security challenge when EncryptHub, also known as SkorikARI, a threat actor emerged with skills in vulnerability research. The actor, credited by Microsoft for uncovering two Windows security issues, could potentially compromise users' safety and data. The vulnerabilities, identified as high-severity CVE-2025-24061 and medium-severity CVE-2025-24071, raised concerns over the Mark of the Web security feature and Windows File Explorer, respectively. EncryptHub's background in ransomware and vishing, combined with these recent activities, signifies a mixed threat profile. Although policies and user vigilance can mitigate risks, the presence of these vulnerabilities unveiled by EncryptHub poses a direct threat to Microsoft's systems and its vast user base.

Source: https://www.scworld.com/brief/report-encrypthub-moonlighting-in-vulnerability-research

TPRM report: https://scoringcyber.rankiteo.com/company/microsoft

"id": "mic540040825",
"linkid": "microsoft",
"type": "Vulnerability",
"date": "4/2025",
"severity": "60",
"impact": "3",
"explanation": "Attack with significant impact with internal employee data leaks"
Published by
Jeremy C
Jeremy C
You might also like
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.