Find notable cyber news and cases, enriched with sources, timelines, and signals.
Home Browse News Feed Stats Watchlists Beta About Contact

PowerShell Invoke-WebRequest remote code execution zero-day (CVE-2025-54100)

Vulnerability
First reported
Last updated
Happening score
H score 36
1 unique sources, 1 articles

Summary

Hide ▲

Microsoft fixed CVE-2025-54100 in PowerShell 5.1 Invoke-WebRequest, a remote code execution zero-day that could execute malicious scripts embedded in a webpage. The flaw affected users who retrieved page content with Invoke-WebRequest, turning routine web fetching into a code-execution risk. The fix ships in KB5071546 for affected Windows 10 systems.

Related Happenings

QuickLens and ShotBird malicious Chrome extension update chain

Malware Activity
First: 09.03.2026 12:28 Last: 09.03.2026 12:28 Sources 1

About this happening: The **QuickLens** and **ShotBird** Chrome extensions have become **malicious after ownership transfer**, turning trusted add-ons into a delivery path for code injection and data t...

Open Happening

SOAPwn research on .NET WSDL proxy abuse enabling file writes and RCE

Technical Analysis
First: 10.12.2025 21:21 Last: 10.12.2025 21:21 Sources 1

About this happening: Researchers exposed **SOAPwn**, a .NET Framework exploitation path that turns attacker-controlled **WSDL** input and **HTTP client proxies** into **arbitrary file writes** and **r...

Open Happening

Windows Cloud Files Mini Filter Driver privilege escalation flaw (CVE-2025-62221)

Vulnerability
First: 10.12.2025 01:18 Last: 10.12.2025 01:18 Sources 1

About this happening: **CVE-2025-62221** is an already exploited **privilege-escalation** flaw in the **Windows Cloud Files Mini Filter Driver** that affects **Windows 10 and later editions**. Microsof...

Open Happening

Windows PowerShell 5.1 Invoke-WebRequest script-execution mitigation (CVE-2025-54100)

Advisory/Mitigation
First: 09.12.2025 22:45 Last: 09.12.2025 22:45 Sources 1

About this happening: **Microsoft** added a security confirmation prompt to **Windows PowerShell 5.1** so **Invoke-WebRequest** does not silently parse web pages in a way that could run embedded script...

Open Happening

JackFix ClickFix fake-adult-site phishing campaign

Campaign
First: 25.11.2025 16:18 Last: 25.11.2025 16:18 Sources 1

About this happening: The **JackFix** campaign is using **fake adult websites** and **ClickFix** lures to trick users into running malicious commands, enabling an infection chain that can drop **steale...

Open Happening

Timeline

  1. 09.12.2025 21:54 2 articles · 5mo ago

    Microsoft releases KB5071546 for Windows 10

    Initial Disclosure

    Microsoft released KB5071546 for Windows 10 to resolve 57 security vulnerabilities, including three zero-days, and to fix CVE-2025-54100 in PowerShell 5.1 Invoke-WebRequest. The flaw could let malicious scripts embedded in a webpage execute when content is retrieved with Invoke-WebRequest, and Microsoft added a confirmation warning plus guidance to use -UseBasicParsing for untrusted pages.

    Show sources
    Open in new tab