4 matches found
Exploit for Improper Neutralization in Microsoft
CVE-2025-26633 - Microsoft Management Console .msc EvilTwin...
Russian Hackers Exploit CVE-2025-26633 via MSC EvilTwin to Deploy SilentPrism and DarkWisp
The threat actors behind the zero-day exploitation of a recently-patched security vulnerability in Microsoft Windows have been found to deliver two new backdoors called SilentPrism and DarkWisp. The activity has been attributed to a suspected Russian hacking group called Water Gamayun, which is...
A Deep Dive into Water Gamayun’s Arsenal and Infrastructure
Trend Research discusses the delivery methods, custom payloads, and techniques used by Water Gamayun, the suspected Russian threat actor abusing a zero-day vulnerability in the Microsoft Management Console framework CVE-2025-26633 to execute malicious code on infected machines...
CVE-2025-26633: How Water Gamayun Weaponizes MUIPath using MSC EvilTwin
Trend Research identified Russian threat actor Water Gamayun exploiting CVE-2025-26633, a zero-day vulnerability in the Microsoft Management Console that attackers exploit to execute malicious code and exfiltrate data...