A Türkiye-aligned cyberespionage group, Marbled Dust, has exploited a previously unknown zero-day vulnerability to launch attacks on users of Output Messenger — specifically those associated with the Kurdish military in Iraq, according to a report from Microsoft Threat Intelligence.
The uncovered flaw, now identified as CVE-2025-27920, is a directory traversal vulnerability in the LAN-based Output Messenger application. It enables authenticated users to break out of intended directories, granting access to sensitive system files or allowing the deployment of malicious payloads to the server’s startup folder.
“Attackers could access files such as configuration files, sensitive user data, or even source code, and depending on the file contents, this could lead to further exploitation, including remote code execution,” Srimax, the app’s developer, stated in a security advisory released in December.
This article has been indexed from CySecurity News – Latest Information Security and Hacking Incidents
Read the original article: