A critical hole in Windows Internet Key Exchange for secure communications, an actively exploited zero day in Microsoft SharePoint and a critical SQL injection vulnerability in a SAP product are the focus of the April Patch Tuesday releases requiring immediate attention from IT security teams. “April’s threat landscape is defined by immediate, real-world exploitation rather than just theoretical vulnerabilities,” said Nick Carroll, ShadowScout team lead at Nightwing. “Security teams must prioritize active zero days in daily use applications like Chrome, Acrobat, and SharePoint, using behavioral threat intelligence over basic CVSS scores to stay ahead of adversaries.” Carroll believes the mos...