Zero-Day

SonicWall Confirms Exploitation of New SMA Zero-Day

exploited, SMA, SonicWall, Vulnerabilities, Zero-Day /

SonicWall Confirms Exploitation of New SMA Zero-Day 2025-01-28 at 13:33 By Eduard Kovacs SonicWall has confirmed that an SMA 1000 zero-day tracked as CVE-2025-23006 has been exploited in the wild. The post SonicWall Confirms Exploitation of New SMA Zero-Day appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to […]

React to this headline:

Loading spinner

SonicWall Confirms Exploitation of New SMA Zero-Day Read More »

Apple Patches First Exploited iOS Zero-Day of 2025

apple, exploited, Featured, iOS, Mobile & Wireless, Vulnerabilities, Zero-Day /

Apple Patches First Exploited iOS Zero-Day of 2025 2025-01-28 at 13:03 By Ionut Arghire Apple has released fixes for dozens of vulnerabilities in its mobile and desktop products, including an iOS zero-day exploited in attacks. The post Apple Patches First Exploited iOS Zero-Day of 2025 appeared first on SecurityWeek. This article is an excerpt from

React to this headline:

Loading spinner

Apple Patches First Exploited iOS Zero-Day of 2025 Read More »

Zero-Day Breach at Rackspace Sparks Vendor Blame Game

Data Breaches, Featured, Rackspace, Ransomware, ScienceLogic, SL1, Supply Chain Security, Zero-Day /

Zero-Day Breach at Rackspace Sparks Vendor Blame Game 2024-10-02 at 21:01 By Ryan Naraine A breach at Rackspace exposes the fragility of the software supply chain, triggering a blame game among vendors over an exploited zero-day. The post Zero-Day Breach at Rackspace Sparks Vendor Blame Game appeared first on SecurityWeek. This article is an excerpt

React to this headline:

Loading spinner

Zero-Day Breach at Rackspace Sparks Vendor Blame Game Read More »

Microsoft Says Recent Windows Vulnerability Exploited as Zero-Day

exploited, Vulnerabilities, Windows, Zero-Day /

Microsoft Says Recent Windows Vulnerability Exploited as Zero-Day 2024-09-16 at 14:46 By Ionut Arghire Microsoft warns that a recently patched Windows vulnerability was exploited in the wild as a zero-day prior to July 2024. The post Microsoft Says Recent Windows Vulnerability Exploited as Zero-Day appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

React to this headline:

Loading spinner

Microsoft Says Recent Windows Vulnerability Exploited as Zero-Day Read More »

Censys Finds Hundreds of Exposed Servers as Volt Typhoon APT Targets ISPs, MSPs

CVE-2024-39717, Cyberwarfare, Nation-State, Versa Director, Volt Typhoon, Zero-Day /

Censys Finds Hundreds of Exposed Servers as Volt Typhoon APT Targets ISPs, MSPs 2024-08-28 at 19:01 By Ryan Naraine Amidst Volt Typhoon zero-day exploitation, Censys finds hundreds of exposed servers presenting ripe attack surface for attackers. The post Censys Finds Hundreds of Exposed Servers as Volt Typhoon APT Targets ISPs, MSPs appeared first on SecurityWeek.

React to this headline:

Loading spinner

Censys Finds Hundreds of Exposed Servers as Volt Typhoon APT Targets ISPs, MSPs Read More »

WPS Office Zero-Day Exploited by South Korea-Linked Cyberspies

exploited, Featured, Nation-State, South Korea, WPS Office, Zero-Day /

WPS Office Zero-Day Exploited by South Korea-Linked Cyberspies 2024-08-28 at 18:01 By Eduard Kovacs A WPS Office zero-day vulnerability tracked as CVE⁠-⁠2024⁠-⁠7262 was exploited by South Korean hacker group APT-C-60. The post WPS Office Zero-Day Exploited by South Korea-Linked Cyberspies appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original

React to this headline:

Loading spinner

WPS Office Zero-Day Exploited by South Korea-Linked Cyberspies Read More »

Google Warns of Exploited Chrome Vulnerability

Chrome, exploited, Vulnerabilities, Zero-Day /

Google Warns of Exploited Chrome Vulnerability 2024-08-27 at 13:33 By Ionut Arghire Google flags another high-severity vulnerability patched with the latest Chrome 128 release as exploited in the wild. The post Google Warns of Exploited Chrome Vulnerability appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source React to

React to this headline:

Loading spinner

Google Warns of Exploited Chrome Vulnerability Read More »

Google Patches Sixth Exploited Chrome Zero-Day of 2024

Chrome, exploited, Vulnerabilities, Zero-Day /

Google Patches Sixth Exploited Chrome Zero-Day of 2024 2024-08-22 at 13:31 By Ionut Arghire Chrome 128 was released in the stable channel with patches for 38 vulnerabilities, including a V8 JavaScript engine flaw exploited in the wild. The post Google Patches Sixth Exploited Chrome Zero-Day of 2024 appeared first on SecurityWeek. This article is an

React to this headline:

Loading spinner

Google Patches Sixth Exploited Chrome Zero-Day of 2024 Read More »

Copy2Pwn Zero-Day Exploited to Bypass Windows Protections

MotW, security bypass, Vulnerabilities, Windows, Zero-Day /

Copy2Pwn Zero-Day Exploited to Bypass Windows Protections 2024-08-16 at 13:17 By Eduard Kovacs ZDI details a zero-day named Copy2Pwn and tracked as CVE-2024-38213, which cybercriminals exploited to bypass MotW protections in Windows. The post Copy2Pwn Zero-Day Exploited to Bypass Windows Protections appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View

React to this headline:

Loading spinner

Copy2Pwn Zero-Day Exploited to Bypass Windows Protections Read More »

SolarWinds Web Help Desk Vulnerability Possibly Exploited as Zero-Day

Featured, SolarWinds, Vulnerabilities, Zero-Day /

SolarWinds Web Help Desk Vulnerability Possibly Exploited as Zero-Day 2024-08-16 at 13:17 By Ionut Arghire The US cybersecurity agency CISA warns that a recent SolarWinds Web Help Desk vulnerability has been exploited in the wild. The post SolarWinds Web Help Desk Vulnerability Possibly Exploited as Zero-Day appeared first on SecurityWeek. This article is an excerpt

React to this headline:

Loading spinner

SolarWinds Web Help Desk Vulnerability Possibly Exploited as Zero-Day Read More »

Zero-Click Exploit Concerns Drive Urgent Patching of Windows TCP/IP Flaw

IPv6, Malware & Threats, Microsoft, Patch Tuesday, TCP/IP, Vulnerabilities, Zero-Day /

Zero-Click Exploit Concerns Drive Urgent Patching of Windows TCP/IP Flaw 2024-08-15 at 20:01 By Ryan Naraine Security experts are ratcheting up the urgency for Windows admins to patch a wormable, pre-auth remote code execution vulnerability in the Windows TCP/IP stack. The post Zero-Click Exploit Concerns Drive Urgent Patching of Windows TCP/IP Flaw appeared first on

React to this headline:

Loading spinner

Zero-Click Exploit Concerns Drive Urgent Patching of Windows TCP/IP Flaw Read More »

Microsoft Warns of Six Windows Zero-Days Being Actively Exploited

exploit, Featured, Microsoft, Patch Tuesday, Vulnerabilities, Windows, Zero-Day /

Microsoft Warns of Six Windows Zero-Days Being Actively Exploited 2024-08-13 at 23:01 By Ryan Naraine Microsoft’s security response team pushed out documentation for almost 90 vulnerabilities across Windows and OS components and marked several flaws in the actively exploited category. The post Microsoft Warns of Six Windows Zero-Days Being Actively Exploited appeared first on SecurityWeek.

React to this headline:

Loading spinner

Microsoft Warns of Six Windows Zero-Days Being Actively Exploited Read More »

Google Patches Android Zero-Day Exploited in Targeted Attacks

Android, exploited, Featured, Vulnerabilities, vulnerability, Zero-Day /

Google Patches Android Zero-Day Exploited in Targeted Attacks 2024-08-06 at 11:01 By Eduard Kovacs Google has patched CVE-2024-36971, a high-severity kernel zero-day vulnerability in Android that has been exploited in targeted attacks.  The post Google Patches Android Zero-Day Exploited in Targeted Attacks appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed

React to this headline:

Loading spinner

Google Patches Android Zero-Day Exploited in Targeted Attacks Read More »

Telegram Zero-Day Enabled Malware Delivery

Malware, Malware & Threats, Telegram, Zero-Day /

Telegram Zero-Day Enabled Malware Delivery 2024-07-23 at 15:16 By Ionut Arghire The EvilVideo zero-day vulnerability in Telegram for Android allowed threat actors to send malicious files disguised as videos. The post Telegram Zero-Day Enabled Malware Delivery appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source React to this

React to this headline:

Loading spinner

Telegram Zero-Day Enabled Malware Delivery Read More »

APT Exploits Windows Zero-Day to Execute Code via Disabled Internet Explorer

exploited, Malware & Threats, Void Banshee, Zero-Day /

APT Exploits Windows Zero-Day to Execute Code via Disabled Internet Explorer 2024-07-16 at 19:16 By Ionut Arghire The Void Banshee APT exploited the CVE-2024-38112 Windows zero-day to infect systems with the Atlantida stealer. The post APT Exploits Windows Zero-Day to Execute Code via Disabled Internet Explorer appeared first on SecurityWeek. This article is an excerpt

React to this headline:

Loading spinner

APT Exploits Windows Zero-Day to Execute Code via Disabled Internet Explorer Read More »

Microsoft Warns of Windows Hyper-V Zero-Day Being Exploited

Adobe, Hyper-V, Incident Response, Malware & Threats, Microsoft, Patch Tuesday, Vulnerabilities, Zero-Day /

Microsoft Warns of Windows Hyper-V Zero-Day Being Exploited 2024-07-09 at 22:04 By Ryan Naraine Patch Tuesday: Microsoft patches more than 140 security vulnerabilities in the Windows ecosystem, including a pair of exploited zero-days. The post Microsoft Warns of Windows Hyper-V Zero-Day Being Exploited appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS

React to this headline:

Loading spinner

Microsoft Warns of Windows Hyper-V Zero-Day Being Exploited Read More »

Cisco Patches NX-OS Zero-Day Exploited by Chinese Cyberspies

Cisco, cyberespionage, exploited, Featured, Malware & Threats, Velvet Ant, Zero-Day /

Cisco Patches NX-OS Zero-Day Exploited by Chinese Cyberspies 2024-07-02 at 12:16 By Ionut Arghire Cisco has patched an NX-OS command injection zero-day exploited by China-linked cyberespionage group Velvet Ant. The post Cisco Patches NX-OS Zero-Day Exploited by Chinese Cyberspies appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source

React to this headline:

Loading spinner

Cisco Patches NX-OS Zero-Day Exploited by Chinese Cyberspies Read More »

Google Warns of Pixel Firmware Zero-Day Under Limited, Targeted Exploitation

CVE-2024-32896, CVE-2024-4610, Google, Google Pixel, Malware & Threats, Mobile & Wireless, Vulnerabilities, Zero-Day /

Google Warns of Pixel Firmware Zero-Day Under Limited, Targeted Exploitation 2024-06-12 at 21:16 By Ryan Naraine The zero-day is tagged as CVE-2024-32896 and described as an elevation of privilege issue in Pixel Firmware. The post Google Warns of Pixel Firmware Zero-Day Under Limited, Targeted Exploitation appeared first on SecurityWeek. This article is an excerpt from

React to this headline:

Loading spinner

Google Warns of Pixel Firmware Zero-Day Under Limited, Targeted Exploitation Read More »

Check Point VPN Attacks Involve Zero-Day Exploited Since April

Check Point, exploited, Featured, Malware & Threats, VPN, vulnerability, Zero-Day /

Check Point VPN Attacks Involve Zero-Day Exploited Since April 2024-05-30 at 12:46 By Eduard Kovacs The recently disclosed Check Point VPN attacks involve the zero-day vulnerability CVE-2024-24919, which allows hackers to obtain passwords. The post Check Point VPN Attacks Involve Zero-Day Exploited Since April appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

React to this headline:

Loading spinner

Check Point VPN Attacks Involve Zero-Day Exploited Since April Read More »

Google Patches Fourth Chrome Zero-Day in Two Weeks

Chrome, CVE-2024-5274, Featured, Vulnerabilities, vulnerability, Zero-Day /

Google Patches Fourth Chrome Zero-Day in Two Weeks 2024-05-24 at 12:16 By Ionut Arghire Exploited in the wild, Chrome vulnerability CVE-2024-5274 is a high-severity flaw described as a type confusion in the V8 JavaScript and WebAssembly engine. The post Google Patches Fourth Chrome Zero-Day in Two Weeks appeared first on SecurityWeek. This article is an

React to this headline:

Loading spinner

Google Patches Fourth Chrome Zero-Day in Two Weeks Read More »

Scroll to Top