The besieged security vendor maintains the latest exploited vulnerabilities in its products are entirely linked to unspecified security issues in open-source libraries. Some researchers aren’t buying it.
A view of the Microsoft corporate logo in front of the Microsoft Office building on 41st street and 8th avenue on July 19, 2024 in New York City. (Photo by Craig T Fruchtman/Getty Images)
Microsoft said Storm-2460 has exploited the zero-day in the Windows Common Log File System to attack organizations in the U.S., Venezuela, Spain and Saudi Arabia.
The Apple Inc logo is displayed outside a retail store at the Third Street Promenade in Santa Monica, California on March 20, 2023. (Photo by PATRICK T. FALLON/AFP via Getty Images)
The Apple logo is seen on a window of the company’s store in Bangkok on March 5, 2021. (Photo by Mladen ANTONOV / AFP) (Photo by MLADEN ANTONOV/AFP via Getty Images)
Apple released emergency software patches Tuesday that address a newly identified zero-day vulnerability in the company’s WebKit web browser engine. Tracked as CVE-2025-24201, an attacker can potentially…