Details of a high severity remote code execution (RCE) vulnerability in Microsoft's proprietary browser engine 'MSHTML', also known as 'Trident', were released by Microsoft on September 7, 2021, and promptly followed by reports of active exploitation in the wild.

CVE-2021-26084, a critical vulnerability (CVSS score 9.8) in Atlassian Confluence Server and Confluence Data Center, is currently being actively and widely exploited by threat actors.

Cyberint Research observed several unsolicited malicious email (malspam) campaigns in August 2021 through which Masslogger was delivered. First noticed around April 2020, Masslogger is a popular.NET credential stealer used to gather credentials from victims for various applications, and is readily available to purchase on cybercriminal forums for around $100 (US).