0-day

Microsoft reveals actively exploited Office zero-day, provides emergency fix (CVE-2026-21509)

0-day, Don't miss, Hot stuff, Microsoft, MS Office, News, security update /

Microsoft reveals actively exploited Office zero-day, provides emergency fix (CVE-2026-21509) 2026-01-27 at 11:22 By Zeljka Zorz Microsoft released emergency Office security updates to fix a security feature bypass vulnerability (CVE-2026-21509) that its threat intelligence and security teams spotted being exploited in the wild in zero-day attacks. Users and admins are advised to review the associated […]

Microsoft reveals actively exploited Office zero-day, provides emergency fix (CVE-2026-21509) Read More »

Actively exploited SonicWall zero-day patched (CVE-2025-40602)

0-day, Don't miss, Google Cloud, Hot stuff, News, SonicWall, vulnerability /

Actively exploited SonicWall zero-day patched (CVE-2025-40602) 2025-12-17 at 18:46 By Zeljka Zorz SonicWall has patched a local privilege escalation vulnerability (CVE-2025-40602) affecting its Secure Mobile Access (SMA) 1000 appliances and is urging customers to apply the provided hotfix, as the flaw is being leveraged by attackers. “This vulnerability was reported to be leveraged in combination

Actively exploited SonicWall zero-day patched (CVE-2025-40602) Read More »

Update your Apple devices to fix actively exploited vulnerabilities! (CVE-2025-14174, CVE-2025-43529)

0-day, apple, Don't miss, Hot stuff, iOS, macOS, News, security update /

Update your Apple devices to fix actively exploited vulnerabilities! (CVE-2025-14174, CVE-2025-43529) 2025-12-15 at 12:58 By Zeljka Zorz Apple has issued security updates with fixes for two WebKit vulnerabilities (CVE-2025-14174, CVE-2025-43529) that have been exploited as zero-days. Several days before the release of these updates, Google fixed CVE-2025-14174 in the desktop version of Chrome, though at

Update your Apple devices to fix actively exploited vulnerabilities! (CVE-2025-14174, CVE-2025-43529) Read More »

Google fixes Android vulnerabilities “under targeted exploitation” (CVE-2025-48633, CVE-2025-48572)

0-day, Android, Don't miss, Google, Hot stuff, Motorola Solutions, News, Samsung /

Google fixes Android vulnerabilities “under targeted exploitation” (CVE-2025-48633, CVE-2025-48572) 2025-12-02 at 16:48 By Zeljka Zorz Google has shipped patches for 51 Android vulnerabilities, including two high-severity flaws (CVE-2025-48633, CVE-2025-48572) that “may be under limited, targeted exploitation”. According to the December Android security bulletin, both vulnerabilities affect the Android Framework, which is a collection of core

Google fixes Android vulnerabilities “under targeted exploitation” (CVE-2025-48633, CVE-2025-48572) Read More »

Google patches yet another exploited Chrome zero-day (CVE-2025-13223)

0-day, Chrome, Don't miss, Hot stuff, News, security update, Vivaldi /

Google patches yet another exploited Chrome zero-day (CVE-2025-13223) 2025-11-18 at 14:13 By Zeljka Zorz Google has shipped an emergency fix for a Chrome vulnerability (CVE-2025-13223) reported as actively exploited in the wild by its Threat Analysis Group (TAG). About CVE-2025-13223 CVE-2025-13223 is a type confusion vulnerability in V8, the JavaScript and WebAssembly engine used by

Google patches yet another exploited Chrome zero-day (CVE-2025-13223) Read More »

CISA: Patch Samsung flaw exploited to deliver spyware (CVE-2025-21042)

0-day, CISA, CVE, Don't miss, Government, Hot stuff, News, Palo Alto Networks, Samsung, spyware, vulnerability /

CISA: Patch Samsung flaw exploited to deliver spyware (CVE-2025-21042) 2025-11-11 at 17:38 By Zeljka Zorz CISA has added CVE-2025-21042, a vulnerability affecting Samsung mobile devices, to its Known Exploited Vulnerabilities (KEV) catalog, and has ordered US federal civilian agencies to address it by the start of December. “This type of vulnerability is a frequent attack

CISA: Patch Samsung flaw exploited to deliver spyware (CVE-2025-21042) Read More »

Attackers exploited another Gladinet Triofox zero-day (CVE-2025-12480)

0-day, Don't miss, file-sharing, Gladinet, Hot stuff, Mandiant, News, remote access /

Attackers exploited another Gladinet Triofox zero-day (CVE-2025-12480) 2025-11-11 at 14:47 By Zeljka Zorz Attackers have exploited a now-fixed vulnerability (CVE-2025-12480) in the Gladinet Triofox secure file sharing and remote access platform while it was still a zero-day, Mandiant revealed on Monday. CVE-2025-12480 exploitation and attack details Gladinet’s Triofox solution is used by medium and large

Attackers exploited another Gladinet Triofox zero-day (CVE-2025-12480) Read More »

Italian-made spyware Dante linked to Chrome zero-day exploitation campaign

0-day, APT, Chrome, Don't miss, exploit, Hacking Team, Hot stuff, Kaspersky, Memento Labs, News, spyware, Windows /

Italian-made spyware Dante linked to Chrome zero-day exploitation campaign 2025-10-28 at 16:28 By Zeljka Zorz CVE-2025-2783, a Chrome zero-day vulnerability that was detected being exploited in March 2025 and was subsequently fixed by Google, was used by unknown attackers to deliver LeetAgent, suspected commercial spyware. An analysis of the malware’s code and the campaign’s infrastructure

Italian-made spyware Dante linked to Chrome zero-day exploitation campaign Read More »

Lanscope Endpoint Manager vulnerability exploited in zero-day attacks (CVE-2025-61932)

0-day, CISA, Don't miss, endpoint management, Endpoint Security, Hot stuff, Japan, JPCERT/CC, Motex, News, security update /

Lanscope Endpoint Manager vulnerability exploited in zero-day attacks (CVE-2025-61932) 2025-10-23 at 17:10 By Zeljka Zorz CVE-2025-61932, an “improper verification of source of a communication channel” vulnerability affecting Lanscope Endpoint Manager, has been exploited as a zero-day since April 2025, the Japan Computer Emergency Response Team Coordination Center (JPCERT/CC) warned on Wednesday. According to information received

Lanscope Endpoint Manager vulnerability exploited in zero-day attacks (CVE-2025-61932) Read More »

Hackers used Cisco zero-day to plant rootkits on network switches (CVE-2025-20352)

0-day, Cisco, Don't miss, exploit, Hot stuff, News, rootkits, Trend Micro /

Hackers used Cisco zero-day to plant rootkits on network switches (CVE-2025-20352) 2025-10-17 at 15:29 By Zeljka Zorz Threat actors have leveraged a recently patched IOS/IOS XE vulnerability (CVE-2025-20352) to deploy Linux rootkits on vulnerable Cisco network devices. “The operation targeted victims running older Linux systems that do not have endpoint detection response solutions,” Trend Micro

Hackers used Cisco zero-day to plant rootkits on network switches (CVE-2025-20352) Read More »

SAP zero-day wake-up call: Why ERP systems need a unified defense

0-day, Don't miss, News, Onapsis, threat detection, Video, vulnerability management /

SAP zero-day wake-up call: Why ERP systems need a unified defense 2025-10-17 at 08:52 By Help Net Security In this Help Net Security video, Paul Laudanski, Director of Research at Onapsis, discusses key lessons from the SAP zero-day vulnerability. He explains why business-critical systems like ERP and CRM remain top targets for attackers, since they

SAP zero-day wake-up call: Why ERP systems need a unified defense Read More »

Attackers are exploiting Gladinet CentreStack, Triofox vulnerability with no patch (CVE-2025-11371)

0-day, Don't miss, enterprise, file-sharing, Gladinet, Hot stuff, MSP, News, remote access, SMBs /

Attackers are exploiting Gladinet CentreStack, Triofox vulnerability with no patch (CVE-2025-11371) 2025-10-10 at 13:40 By Zeljka Zorz CVE-2025-11371, a unauthenticated Local File Inclusion vulnerability in Gladinet CentreStack and Triofox file-sharing and remote access platforms, is being exploited by attackers in the wild. While Gladinet is aware of the vulnerability and of its active exploitation, a

Attackers are exploiting Gladinet CentreStack, Triofox vulnerability with no patch (CVE-2025-11371) Read More »

Too many Cisco ASA firewalls still unsecure despite zero-day attack alerts

0-day, Cisco, Don't miss, firewall, Government, government-backed attacks, GreyNoise, Hot stuff, News, Shadowserver /

Too many Cisco ASA firewalls still unsecure despite zero-day attack alerts 2025-10-01 at 13:36 By Zeljka Zorz Despite Cisco and various cybersecurity agencies warning about attackers actively exploting zero-day vulnerabilities (CVE-2025-20333 and CVE-2025-20362) in Cisco Adaptive Security Appliances (ASA) for months, there are still around 48,000 vulnerable appliances out there. The number is provided by

Too many Cisco ASA firewalls still unsecure despite zero-day attack alerts Read More »

Attackers exploited critical Fortra GoAnywhere flaw in zero-day attacks (CVE-2025-10035)

0-day, Don't miss, enterprise, Fortra, Hot stuff, News, Rapid7, WatchTowr /

Attackers exploited critical Fortra GoAnywhere flaw in zero-day attacks (CVE-2025-10035) 2025-09-26 at 17:50 By Zeljka Zorz CVE-2025-10035, a perfect CVSS 10.0 vulnerability in the Fortra GoAnywhere managed file transfer solution, has apparently been exploited in zero-day attacks before the patch was released on September 15, 2025. Evidence of in-the-wild exploitation revealed On September 18, Fortra

Attackers exploited critical Fortra GoAnywhere flaw in zero-day attacks (CVE-2025-10035) Read More »

Cisco ASA zero-day vulnerabilities exploited in sophisticated attacks

0-day, backdoor, CISA, Cisco, Don't miss, firewall, Government, government-backed attacks, Hot stuff, malware analysis, NCSC, News /

Cisco ASA zero-day vulnerabilities exploited in sophisticated attacks 2025-09-26 at 14:19 By Zeljka Zorz A widespread campaign aimed at breaching organizations via zero-day vulnerabilities in Cisco Adaptive Security Appliances (ASA) has been revealed by the US, UK, Canadian and Australian cybersecurity agencies. The suspected state-sponsored threat actor behind it is believed to be the one

Cisco ASA zero-day vulnerabilities exploited in sophisticated attacks Read More »

Cisco fixes IOS/IOS XE zero-day exploited by attackers (CVE-2025-20352)

0-day, Cisco, Don't miss, enterprise, Hot stuff, News, security update, SMBs /

Cisco fixes IOS/IOS XE zero-day exploited by attackers (CVE-2025-20352) 2025-09-25 at 15:33 By Zeljka Zorz Cisco has fixed 14 vulnerabilities in IOS and IOS XE software, among them CVE-2025-20352, a high-severity vulnerability that has been exploited in zero-day attacks. About CVE-2025-20352 Cisco IOS software can be found on older models of Cisco Catalyst switches, Integrated

Cisco fixes IOS/IOS XE zero-day exploited by attackers (CVE-2025-20352) Read More »

Libraesva ESG zero-day vulnerability exploited by attackers (CVE-2025-59689)

0-day, Don't miss, email security, government-backed attacks, Hot stuff, Libraesva, News, security update /

Libraesva ESG zero-day vulnerability exploited by attackers (CVE-2025-59689) 2025-09-24 at 15:17 By Zeljka Zorz Suspected state-sponsored attackers have exploited a zero-day vulnerability (CVE-2025-59689) in the Libraesva Email Security Gateway (ESG), the Italian email security company has confirmed. About CVE-2025-59689 CVE-2025-59689 is a command injection vulnerability caused by improper sanitization when removing active code from files

Libraesva ESG zero-day vulnerability exploited by attackers (CVE-2025-59689) Read More »

Google fixes actively exploited Chrome zero-day vulnerability (CVE-2025-10585)

0-day, Chrome, Don't miss, Google, Hot stuff, News /

Google fixes actively exploited Chrome zero-day vulnerability (CVE-2025-10585) 2025-09-18 at 16:00 By Zeljka Zorz Google has released a security update for the Chrome stable channel to fix a zero‑day vulnerability (CVE-2025-10585) reported by its Threat Analysis Group (TAG) on Tuesday. “Google is aware that an exploit for CVE-2025-10585 exists in the wild,” the company announced.

Google fixes actively exploited Chrome zero-day vulnerability (CVE-2025-10585) Read More »

Sitecore zero-day vulnerability exploited by attackers (CVE-2025-53690)

0-day, Don't miss, enterprise, Hot stuff, Mandiant, News, Sitecore, SMBs /

Sitecore zero-day vulnerability exploited by attackers (CVE-2025-53690) 2025-09-04 at 14:48 By Zeljka Zorz A threat actor is leveraging a zero-day vulnerability (CVE-2025-53690) and an exposed sample ASP.NET machine key to breach internet-facing, on-premises deployments of several Sitecore solutions, Mandiant has revealed. About CVE-2025-53690 CVE-2025-53690 is a ViewState deserialization vulnerability that affects any version of Sitecore

Sitecore zero-day vulnerability exploited by attackers (CVE-2025-53690) Read More »

NetScaler ADC/Gateway zero-day exploited by attackers (CVE-2025-7775)

0-day, backdoor, Citrix, Don't miss, Hot stuff, NetScaler, News, web shell /

NetScaler ADC/Gateway zero-day exploited by attackers (CVE-2025-7775) 2025-08-26 at 16:35 By Zeljka Zorz Three new vulnerabilities affecting (Citrix) NetScaler application delivery controller (ADC) and Gateway devices have been made public, one of which (CVE-2025-7775) has been targeted in zero-day attacks. “Exploits of CVE-2025-7775 on unmitigated appliances have been observed,” Citrix has confirmed, and released security

NetScaler ADC/Gateway zero-day exploited by attackers (CVE-2025-7775) Read More »

Scroll to Top