Attackers linked to the Play ransomware operation deployed a zero-day privilege escalation exploit during an attempted attack against an organization in the U.S. The attack occurred prior to the disclosure and patching of a Windows elevation of privilege zero-day vulnerability (CVE-2025-29824) in the Common Log File System Driver (clfs.sys) on April 8, 2025. Although no … Continue reading CVE-2025-29824
Play Ransomware Exploited Windows CVE-2025-29824 as Zero-Day