Play Ransomware Exploits Recently Patched Microsoft Windows Vulnerability

Malicious actors linked to the Play ransomware family have exploited a recently patched security vulnerability in Microsoft Windows, identified as CVE-2025-29824, in an attack targeting an unnamed organization in the United States. According to the Symantec Threat Hunter Team of Broadcom, this zero-day vulnerability allows for privilege escalation in the Common Log File System (CLFS) driver. The flaw has since been patched by Microsoft.