Word attack is possible even with macros turned off, no patch yet available
One zero-day is being actively exploited
None of the publicly disclosed bugs appears to be actively exploited in attacks
The use-after-free vulnerability could enable an attacker to run arbitrary code execution on vulnerable devices
New flaw is much less severe than the Log4jshell vulnerability, but admins are advised to update Log4j once again
Patch Log4j urgently admins urged, as memories of 2017 Equifax hack loom large
Ransomware gangs have amassed big fortunes to compete with traditional buyers of zero-days, researchers find
A zero-day bug in macOS Catalina allowed threat actors to install backdoors on Apple devices
Nearly 10,000 internet-facing servers are estimated to be running on vulnerable software
Apple has also released an urgent software to fix bugs in older iPhones, iPads and iPods