CISA has issued an urgent warning about a critical Microsoft Outlook vulnerability (CVE-2024-21413) that allows remote code execution through malicious email links. This flaw bypasses Outlook’s protections, potentially leading to credential theft and system compromise. CISA mandates federal agencies to secure systems by February 27, 2025, and recommends applying patches, disabling NTLM authentication, and educating users.
NPM Worm Hits Namastex Packages, Steals Secrets Across Registries
A newly uncovered npm malware campaign is targeting packages linked to Namastex Labs, abusing developer trust to steal sensitive secrets and silently spread across both
