https://securityaffairs.com/185007/malware/attackers-deliver-shadowpad-via-newly-patched-wsus-rce-bug.html
Nov 24, 2025 - Attackers exploited a patched WSUS flaw (CVE-2025-59287) to gain access, use PowerCat for a shell, and deploy the ShadowPad malware.
attackersdelivershadowpadvianewly
https://www.trendmicro.com/vinfo/gb/security/news/cybercrime-and-digital-threats/shadowpad-backdoor-found-in-server-management-software
Security researchers found an advanced backdoor embedded in the server management software products of US and South Korea-based NetSarang.
server management softwaretrend microshadowpadbackdoorfound
https://unaaldia.hispasec.com/2025/11/shadowpad-explota-vulnerabilidad-critica-en-wsus.html
Nov 28, 2025 - Una vulnerabilidad crítica recientemente parcheada en Windows Server Update Services (WSUS), identificada como CVE-2025-59287, está siendo explotada...
shadowpadexplotavulnerabilidadenwsus
https://www.trendmicro.com/tr_tr/research/25/b/updated-shadowpad-malware-leads-to-ransomware-deployment.html
In this blog entry, we discuss how Shadowpad is being used to deploy a new undetected ransomware family. Attackers deploy the malware by exploiting weak...
trend microupdatedshadowpadmalwareleads