Microsoft has rolled out patches for a vulnerability allowing attackers to bypass mitigations for a critical Outlook zero-day leading to credentials theft.
Google’s latest Android security updates patch over 40 vulnerabilities, including CVE-2023-0266, a kernel flaw exploited as a zero-day by a spyware vendor.
A Windows zero-day tracked as CVE-2023-28252 and fixed by Microsoft with its April Patch Tuesday updates has been exploited in Nokoyawa ransomware attacks.