Cybercriminals Exploit WSUS Flaw: Skuld Stealer Strikes Despite Patch Chaos

Cybercriminals are exploiting a flaw in the Windows Server Update Service (WSUS) to plant Skuld Staler malware, according to Darktrace research. Despite Microsoft’s updates, attackers are targeting WSUS servers, high-value network assets. This highlights the urgency for companies to fortify defenses as criminals misuse trusted programs for infiltration.

3P
Published: October 31, 2025 12:49 pmAdded: October 31, 2025 at 6:21 amAssembled by: The Editor
Pro Dashboard

Hot Take:

Well, folks, it looks like our good old friend WSUS has gone from updating Windows to updating cybercriminals’ resumes with their latest successful heist! In the grand game of cybersecurity, it appears the Skuld Stealer malware has scored a slam dunk by exploiting a vulnerability that Microsoft thought they had patched. It’s a reminder that sometimes, even when you think you’ve sealed the deal, the deal might just be sealing your doom!

Key Points:

  • WSUS vulnerability CVE-2025-59287 is being exploited by the Skuld Stealer malware.
  • Microsoft’s initial patch in October 2025 was insufficient, requiring an urgent out-of-band update.
  • Darktrace reports incidents in the Information and Communication sector and the Education sector.
  • The attacks misuse legitimate programs like PowerShell and cURL for remote control.
  • Skuld Stealer targets sensitive information like crypto wallets.

Membership Required

 You must be a member to access this content.

View Membership Levels
Already a member? Log in here
The Nimble Nerd
powered by the NSA, er,  GDPR Cookie Compliance
Confessional Booth of Our Digital Sins

Okay, deep breath, let's get this over with. In the grand act of digital self-sabotage, we've littered this site with cookies. Yep, we did that. Why? So your highness can have a 'premium' experience or whatever. These traitorous cookies hide in your browser, eagerly waiting to welcome you back like a guilty dog that's just chewed your favorite shoe. And, if that's not enough, they also tattle on which parts of our sad little corner of the web you obsess over. Feels dirty, doesn't it?