Microsoft says attackers are exploiting a previously undisclosed security vulnerability found in all supported versions of Windows, including Windows 10. But the software giant said there is currently no patch for the vulnerability. The security flaw, which Microsoft deems “critical” — its highest severity rating — is found in how Windows handles and renders fonts, according to the advisory posted Monday. The bug can be exploited by tricking a victim into opening a malicious document. Once the document is opened — or viewed in Windows Preview — an attacker can remotely run malware, such as ransomware, on a vulnerable device.
The personal details of more than 538 million users of Chinese social network Weibo are currently available for sale online. In ads posted on the dark web and other places, a hacker claims to have breached Weibo in mid-2019 and obtained a dump of the company's user database, allegedly containing the details for 538 million Weibo users. Personal details include the likes of real names, site usernames, gender, location, and -- for 172 million users -- phone numbers.