Apple fixed the macOS vulnerability in a December security update.
Attackers were attempting to exploit the flaw to distribute the Emotet, Trickbot and Bazaloader malware.
Starting in February 2020, attackers have leveraged weaknesses that occur “by design” in OAuth 2.0 implementations from Microsoft and GitHub.
Microsoft has disrupted "a key piece of infrastructure" used by the China-based threat group known as Nickel or APT15.
Researchers have uncovered malware samples that are targeting a local privilege escalation flaw in Windows Installer.