Overview
Description
Reliance on untrusted inputs in a security decision in Microsoft Office allows an unauthorized attacker to bypass a security feature locally.
Statistics
- 1 Post
Last activity: 10 hours ago
Fediverse
Critical cybersecurity updates from February 1-2, 2026: Microsoft patched an actively exploited Office zero-day (CVE-2026-21509), and Fortinet fixed a critical FortiCloud SSO flaw (CVE-2026-24858). Ivanti released fixes for two exploited EPMM zero-days (CVE-2026-1281, CVE-2026-1340) by February 1, and Bitdefender reported Android RAT malware distributed via Hugging Face (February 2).
In technology, Apple overhauled its online Mac store for a "build-it-yourself" experience (February 1), and Google extended the Fitbit data migration deadline to Google accounts until May 2026.