A recently patched Windows MSHTML (Trident) Platform Spoofing Vulnerability had zero day exploitations since before July 2024, in conjunction with another MSHTML spoofing bug, according to Microsoft. Fixed in this month’s Patch Tuesday update, CVE-2024-43461 is a critical (CVSS 8.8/10) user interface (UI) misrepresentation of critical information vulnerability that allows an attacker to spoof a […]
Category Archives: Zero-day vulnerability
Auto Added by WPeMatico
A zero-day flaw in open source browser, Chromium, which was patched recently, was exploited by a financially motivated North Korean threat actor, Citrine Sleet, to deliver the FudModule rootkit. The vulnerability, tracked as CVE-2024-7971, is a type confusion flaw in the V8 JavaScript and WebAssembly engine that received a critical rating of CVSS 8.8 out […]