Security researchers are currently seeing CVE-2022-22718 being exploited in the wild. This CVE was patched by Microsoft as apart of Patch Tuesday updates on February 8, 2022. However, some organizations delay patches or do not keep up with patch management. CISA is warning organizations that attackers are abusing this vulnerability.
Link: https://thehackernews.com/2022/04/hackers-exploiting-recently-reported.html
SimpleHelp Bug Lets Hackers Create Rogue Remote Support Accounts Article Link: https://www.bleepingcomputer.com/news/security/simplehelp-bug-lets-hackers-create-rogue-remote-support-accounts/ New macOS ClickFix Attack Silently Mounts DMGs to Push Infostealer Article Link: https://www.bleepingcomputer.com/news/security/new-macos-clickfix-attack-silently-mounts-dmgs-to-push-infostealer/
FortiBleed Leak Exposes Fortinet VPN Credentials for 73,000 Devices Article Link: https://www.bleepingcomputer.com/news/security/fortibleed-leak-exposes-fortinet-vpn-credentials-for-73-000-devices/ SQL Server 2025 AI Features Can Be Abused to Exfiltrate Sensitive Data Article
