Patched Windows zero-day vulnerability (CVE-2025-29824) in the Common Log File System (CLFS) driver was exploited in attacks linked to the Play ransomware operation prior to its disclosure on April 8, 2025. The flaw, which enabled privilege escalation via a use-after-free condition in the clfs.sys kernel driver, was weaponized by Balloonfly, the cybercrime group behind Play […] The post Play Ransomware Deployed in the Wild Exploiting Windows 0-Day Vulnerability appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
First seen on gbhackers.com
Jump to article: gbhackers.com/play-ransomware-deployed-in-the-wild/
