A wave of phishing attacks identified in December targeting mainly Outlook users are difficult for both email scanners and victims to flag, researchers said.
https://threatpost.com/attackers-exploit-flaw-google-docs-comments/177412/
Threat actors already are exploiting vulnerability, dubbed ‘Follina’ and originally identified back in April, to target organizations in Russia and Tibet, researchers said.
https://threatpost.com/microsoft-workaround-0day-attack/179776/