Bleeping Computer

Google discovers Windows exploit framework used to deploy spyware

Google's Threat Analysis Group (TAG) has linked an exploit framework that targets now-patched vulnerabilities in the Chrome and Firefox web browsers and the Microsoft Defender security app to a ...
Dark Reading

CISA: ZK Java Framework RCE Flaw Under Active Exploit

A high-severity authentication bypass vulnerability in a widely used open source Java framework is under active exploit by threat actors, who are using the flaw to deploy backdoors to unpatched ...