The Change Healthcare ransomware attack shows it's difficult to map out - or even identify - the systems that would have the biggest impact if attacked.
Microsoft has patched critical-severity flaws in Windows Hyper-V as part of its regularly scheduled updates, which contained no zero-day flaws this month.
QNAP is warning of three new vulnerabilities in QTS, QuTS hero, QuTScloud and myQNAPcloud.
The Russian threat group known as Midnight Blizzard and APT29 gained access to some Microsoft source code repositories and other sensitive data, the company said.
With a ransomware attack still impacting its payment and claims systems across the country, Change Healthcare said on Thursday that it doesn't expect key system functionalities to be restored until mid-March.