Zero-Day Supply Chain Breach Hits Real Estate Sector

Microsoft disclosed a critical zero-day vulnerability (CVE-2025-29824) in the Windows Common Log File System (CLFS) driver. The flaw was actively exploited by a threat group known as Storm-2460, which deployed PipeMagic malware to gain elevated privileges, harvest credentials, and execute ransomware attacks. While the broader campaign mainly impacted IT and technical service providers, the real estate sector was among the industries directly affected, with companies in the United States, Spain, Saudi Arabia, and Venezuela reported as victims.
This incident was highlighted during Microsoft’s April 2025 Patch Tuesday, which addressed 126 vulnerabilities, with CVE-2025-29824 standing out as the only zero-day added to the CISA exploited vulnerabilities catalog. Analysts observed that the breach reflects a growing trend of supply chain–style attacks, where vulnerabilities in widely used components create cascading risks across industries.
The event underscores the increasing sophistication of ransomware operations, the expanding threat to traditionally less-targeted sectors like real estate, and the urgent need for organizations to adopt rapid patching and layered defenses to mitigate supply chain risks.