#auth

Canadian organizations have emerged as the focus of a targeted cyber campaign orchestrated by a threat activity cluster known as STAC6565. Cybersecurity company Sophos said it investigated almost 40 intrusions linked to the threat actor between February 2024 and August 2025. The campaign is assessed with high confidence to share overlaps with a hacking group known as Gold Blade, which is also

Out-of-bounds read in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally.

Heap-based buffer overflow in Windows Resilient File System (ReFS) allows an authorized attacker to execute code over a network.

Use of uninitialized resource in Windows Remote Access Connection Manager allows an authorized attacker to elevate privileges locally.

Heap-based buffer overflow in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally.

Untrusted pointer dereference in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

Untrusted pointer dereference in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network.

Concurrent execution using shared resource with improper synchronization ('race condition') in Microsoft Brokering File System allows an authorized attacker to elevate privileges locally.

Buffer over-read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.

Heap-based buffer overflow in Windows Cloud Files Mini Filter Driver allows an authorized attacker to elevate privileges locally.