A critical security flaw, CVE-2025-21298, in Microsoft’s OLE technology enables remote code execution through a zero-click vulnerability in Outlook. Attackers can exploit this memory corruption issue by sending malicious RTF emails, triggering the flaw when previewed. Affecting multiple Windows versions, Microsoft has released patches, and users are urged to apply them and take additional precautions to mitigate risks.
Hackers hijacked CPUID downloads, served STX RAT to victims – Help Net Security
Hackers hijacked CPUID downloads, served STX RAT to victims Help Net Security
