Avecto researchers say removing admin rights from users would mitigate many of the threats.

Malicious e-mail attachments used in this campaign don’t display any warnings when opened and silently install malware.

Attacks include a hard-coded password vulnerability that could give attackers unauthorized access to systems.

Researchers now believe attackers may have had prior access to networks and that malware was more sophisticated than originally believed.

One of the bugs could allow a successful attack simply by a user viewing an email in Outlook’s Preview pane.

It’s just the latest reported vulnerability for the secure messaging application.

The attack could have been averted through a technique called subresource integrity, according to researcher Scott Helme.

Cisco has issued patches for the vulnerability, which could be up to seven years old.

Lenovo issued a security bulletin Friday warning customers of two previously disclosed critical Broadcom vulnerabilities impacts 25 models of its popular ThinkPad laptops.

The vulnerability also exposed login credentials for a massive national insurance claims database, Upguard says.