Login
From:
Ampcus Cyber
(Uncensored)
subscribe
CVE-2025-29824: The Windows CLFS Zero Day Used in Ransomware Campaigns
https://www.ampcuscyber.com/shadowopsintel/cve-2025-29824-the-windows-clfs-zero-day-used-in-ransomware-campaigns/
links
backlinks
Roast topics
Find topics
Find it!
CVE-2025-29824 is a patched Windows zero-day in CLFS (clfs.sys) exploited by the Balloonfly group to escalate privileges and deploy Play ransomware and Grixba malware.
