ZDNet

Microsoft fixes SharePoint zero-day exploits used in cyberattacks and ransomware - how to patch them

Microsoft has patched three critical zero-day SharePoint security flaws that hackers have already exploited to attack more vulnerable organizations. Responding to the exploits, the software giant ...
Ars Technica

Commercial spyware vendor exploits used by Kremlin-backed hackers, Google says

Critics of spyware and exploit sellers have long warned that the advanced hacking sold by commercial surveillance vendors (CSVs) represents a worldwide danger because they inevitably find their way ...
Bleeping Computer

Hackers targeting WhatsUp Gold with public exploit since August

Hackers have been leveraging publicly available exploit code for two critical vulnerabilities in the WhatsUp Gold network availability and performance monitoring solution from Progress Software. The ...
WeLiveSecurity

RomCom exploits Firefox and Windows zero days in the wild

ESET researchers discovered a previously unknown vulnerability in Mozilla products, exploited in the wild by Russia-aligned group RomCom. This is at least the second time that RomCom has been caught ...