Microsoft

Microsoft faced a cyberattack where the CVE-2024-21412 vulnerability in the Defender SmartScreen was exploited to deliver information stealers such as ACR Stealer, Lumma, and Meduza, affecting users in Spain, Thailand, and the US. Attackers utilized crafted links to bypass security features and install malware that stole data and targeted specific regions. Despite Microsoft releasing a patch for the vulnerability, the attack compromised personal and potentially sensitive information. Organizational cybersecurity defenses were challenged by the innovative methods used by the attackers, underscoring the criticality of awareness and proactive security measures.

Source: https://securityaffairs.com/166152/security/cve-2024-21412-flaw-info-stealers.html

"id": "mic000072624",
"linkid": "microsoft",
"type": "Vulnerability",
"date": "7/2024",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"