A new malicious campaign mixes the ClickFix method with fake CAPTCHA and a signed Microsoft Application Virtualization (App-V ...
ClickFix uses fake CAPTCHAs and a signed Microsoft App-V script to deploy Amatera stealer on enterprise Windows systems.
A "high risk" security vulnerability was found in numerous versions of Microsoft Office. You should install the provided emergency updates ASAP.
Microsoft has released emergency security updates to patch a high-severity Office zero-day vulnerability exploited in attacks ...
Microsoft released out-of-band patches for an actively exploited Microsoft Office zero-day, CVE-2026-21509, a security feature bypass flaw.
Microsoft released patches for CVE-2026-21509, a new Office zero-day vulnerability that can be exploited to bypass security features.
Microsoft has finally addressed a serious zero-day vulnerability affecting multiple Office versions. However, not all users ...
Microsoft suggests the threat is being used in phishing attacks against vulnerable systems since successful exploitation requires local access to the PC.
IntroductionIn September 2025, Zscaler ThreatLabz identified two campaigns, tracked as Gopher Strike and Sheet Attack, by a threat actor that operates in Pakistan and primarily targets entities in the ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results