#microsoft

**According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do?** A user needs to be tricked into running malicious files.

**According to the CVSS metric, privileges required is low (PR:L). What does that mean for this vulnerability?** Any authenticated attacker could trigger this vulnerability. It does not require admin or other elevated privileges.

Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

Cybersecurity researchers have detailed a new sophisticated malware campaign that leverages paid ads on search engines like Google to deliver malware to unsuspecting users looking for popular tools like GitHub Desktop. While malvertising campaigns have become commonplace in recent years, the latest activity gives it a little twist of its own: Embedding a GitHub commit into a page URL containing

Phishers are abusing Apple and Microsoft infrastructure to send out call-back phishing emails with legitimate sender and return addresses.

Cybersecurity never slows down. Every week brings new threats, new vulnerabilities, and new lessons for defenders. For security and IT teams, the challenge is not just keeping up with the news—it’s knowing which risks matter most right now. That’s what this digest is here for: a clear, simple briefing to help you focus where it counts. This week, one story stands out above the rest: the

Explore lessons learned from over two years of Talos IR pre-ransomware engagements, highlighting the key security measures, indicators and recommendations that have proven effective in stopping ransomware attacks before they begin.

A list of topics we covered in the week of September 1 to September 7 of 2025