Dark Reading

Attackers Exploit Microsoft Security-Bypass Zero-Day Bugs

Microsoft's scheduled Patch Tuesday security update for February includes fixes for two zero-day security vulnerabilities under active attack, plus 71 other flaws across a wide range of its products.
Infosecurity-magazine.com

Water Hydra’s Zero-Day Attack Chain Targets Financial Traders

The Trend Micro Zero Day Initiative (ZDI) has recently unearthed a critical vulnerability, identified as CVE-2024-21412, which they’ve dubbed ZDI-CAN-23100. The flaw was reported to Microsoft as part ...
Infosecurity-magazine.com

Microsoft Fixes Nine Zero-Days on Patch Tuesday

Microsoft fixed nine zero-day vulnerabilities on its August Patch Tuesday yesterday, including six that have been exploited in the wild. These include a Windows Mark of the Web (MotW) security feature ...
CSOonline

Microsoft Defender SmartScreen bug actively used in stealer campaign

An actively exploited security bypass vulnerability in Microsoft Defender SmartScreen is being exploited in a new stealer campaign to download malicious executables on the victim’s system. Tracked as ...