CISA has added a Microsoft SharePoint vulnerability (CVE-2024-38094) to its Known Exploited Vulnerabilities list, warning of active exploitation that enables remote code execution by authenticated attackers. Agencies must apply patches by November 12, 2024, while Google TAG revealed a separate Samsung zero-day exploit targeting mobile processors for privilege escalation.