ZDNet

Researcher says Zoom web server is vulnerable to remote code execution

For Zoom, the hits just keep on coming. The latest is the arrival of a long-mooted remote code execution (RCE) exploit that is said to be harboured in the controversial local web server which had been ...
The Verge

Serious Zoom security flaw could let websites hijack Mac cameras

Today, security researcher Jonathan Leitschuh has publicly disclosed a serious zero-day vulnerability for the Zoom video conferencing app on Macs. He has demonstrated that any website can open up a ...
Dark Reading

Zero-Click Zoom Bug Allows Code Execution Just by Sending a Message

A vulnerability chain discovered in Zoom's chat functionality can be exploited to allow zero-click remote code execution (RCE), threat hunters have revealed. Google's Project Zero uncovered an attack ...