CVE-2025-26633: How Water Gamayun Weaponizes MUIPath using MSC EvilTwin
released on 2025-03-25 @ 09:10:09 PM
Trend Research uncovered a campaign by the Russian threat actor Water Gamayun that exploits a zero-day vulnerability in the Microsoft Management Console framework to execute malicious code, named MSC EvilTwin (CVE-2025-26633).