Cybersecurity analysts have uncovered the tactics used by threat actors to leverage a recently fixed security vulnerability in Microsoft Windows to install the PipeMagic malware during RansomExx ransomware operations.
These operations utilize the exploitation of CVE-2025-29824, a privilege elevation flaw affecting the Windows Common Log File System (CLFS) that was resolved by Microsoft in April 2025,