https://www.bleepingcomputer.com/news/security/microsoft-windows-clfs-zero-day-exploited-by-ransomware-gang/

Microsoft says the RansomEXX ransomware gang has been exploiting a high-severity zero-day flaw in the Windows Common Log File System to gain SYSTEM privileges on victims' systems.

The vulnerability, tracked as CVE-2025-29824, was patched during this month's Patch Tuesday and was only exploited in a limited number of attacks.