Emerging ThreatsMalware & Ransomware

Microsoft Vulnerabilities Resurface, Fueling Cybercrime and Ransomware

Analyst 207||Source: TheRegister
Dark cityscape with cracked window, shattered padlock, and eerie glows of devices, symbolizing vulnerability and cyber…

How do long-dead software flaws come back to haunt networks—and who pays the price when they do?

The immediate alert

America's lead cyber-defense agency warned on Monday that criminal actors are exploiting four Microsoft vulnerabilities. The agency's bulletin said one of the flaws was patched almost 14 years ago, and another has been tied to ransomware activity. The agency gave federal agencies two weeks to apply fixes.

What we know

  • Crooks are actively exploiting four Microsoft vulnerabilities, according to the agency.
  • One of those vulnerabilities received a patch nearly 14 years ago.
  • At least one of the vulnerabilities is linked to ransomware activity.
  • The agency instructed federal agencies to patch the vulnerabilities within two weeks.

Why this matters

The facts in the alert point to a familiar but alarming dynamic: vulnerabilities that exist in widely used software can be weaponized long after a patch is released, and some of those exploited flaws are connected to ransomware campaigns. For defenders, that combination raises clear priorities—identify affected systems, confirm whether patches were applied, and remediate gaps. For policymakers, the agency's two-week directive signals urgency from a national-security perspective. For users and organizations, the advisory underscores that the presence of a published patch does not eliminate risk unless it is actually installed and verified.

Next steps and open questions

The agency's instruction gives federal entities a firm, short deadline for remediation. Beyond that immediate compliance window, unanswered questions remain: how many systems remain unpatched, how widespread exploitation is, and whether attacks tied to the ransomware-linked vulnerability will escalate. The alert itself provides a clear policy lever—time-limited remediation—but the larger challenge is ensuring that those deadlines translate into effective, verifiable patching across diverse environments.

If a nearly 14-year-old patch can still fail to prevent criminal activity, what does that say about our collective ability to defend critical systems going forward?

https://go.theregister.com/feed/www.theregister.com/2026/04/13/ransomware_gang_other_crims_attacking/

CybercrimeEmerging ThreatsNation-StatePatch ManagementRansomwareThreat ActorsVulnerability ManagementMFA Bypass Is Not Relevant HereMicrosoft VulnerabilitiesBut "supply Chain" Is NotHowever "zero Day" Is NotSo: Microsoft Vulnerabilities
Related Intelligence

Continue Reading

Law enforcement officials stand near a podium with symbolic objects, including a laptop and papers, in a brightly-lit…

FBI dismantles $1.9B China cybercrime network

In a major breakthrough, the FBI, with the help of Google and Lumen Technologies, has dismantled a massive $1.9 billion China-based cybercrime network that impersonated trusted brands to scam hundreds of thousands of victims. This coordinated takedown, part of Operation Riptide, seized key infrastructure and domains used by the group.

Analyst 207
University campus scene with students walking near a building, laptop on a bench.

ShinyHunters Exploits Oracle Flaw to Breach Universities

A zero-day flaw in Oracle PeopleSoft PeopleTools, known as CVE-2026-35273, has been exploited by ShinyHunters, potentially infiltrating over 100 organizations, with universities being the hardest hit. This vulnerability allows attackers to execute remote code and take over affected servers, posing a significant threat to higher education institutions.

Analyst 207
Defendant sits in federal court with blurred face, hands visible, in front of judge's bench and US flag.

Conti Ransomware Member Pleads Guilty to Cybercrimes

A longtime member of the notorious Conti ransomware group has pleaded guilty to cybercrimes in federal court, marking a major win for justice after the defendant's attacks caused millions of dollars in damage to people and businesses worldwide. Oleksii Oleksiyovych Lytvynenko, a 44-year-old Ukrainian national, admitted to developing malware and participating in Conti's ransomware campaign.

Analyst 207
Federal officials stand near a large screen in a government briefing room.

Authorities Disrupt Massive Deepfake Porn Site in Global Operation

In a major global crackdown, authorities have shut down a notorious deepfake porn site that was profiting from the humiliation, exploitation, and violation of personal privacy of thousands of women, including celebrities and public figures. The site's massive collection of AI-altered images and videos has been seized, putting an end to its large-scale trafficking of digital forgeries.

Analyst 207