A vulnerability in Microsoft Windows Error Reporting Service was exploited as a zero-day before being patched by the Black Basta ransomware gang.
Symantec's Threat Hunter team identified an exploit tool for CVE-2024-26169 used in recent attacks that retroactively changed the vulnerability's status to a zero-day.