Zero-Day

Broadcom Fails to Disclose Zero-Day Exploitation of VMware Vulnerability

China APT, exploited, VMWare, Vulnerabilities, Zero-Day /

Broadcom Fails to Disclose Zero-Day Exploitation of VMware Vulnerability 2025-10-01 at 13:36 By Ionut Arghire Impacting VMware Aria Operations and VMware Tools, the flaw can be exploited to elevate privileges on the VM. The post Broadcom Fails to Disclose Zero-Day Exploitation of VMware Vulnerability appeared first on SecurityWeek. This article is an excerpt from SecurityWeek […]

React to this headline:

Loading spinner

Broadcom Fails to Disclose Zero-Day Exploitation of VMware Vulnerability Read More »

Cisco Firewall Zero-Days Exploited in China-Linked ArcaneDoor Attacks

ArcaneDoor, China, Cisco, exploited, Featured, firewall, Vulnerabilities, Zero-Day /

Cisco Firewall Zero-Days Exploited in China-Linked ArcaneDoor Attacks 2025-09-26 at 10:20 By Ionut Arghire Leading to remote code execution and privilege escalation, the flaws were exploited on Cisco ASA 5500-X series devices that lack secure boot. The post Cisco Firewall Zero-Days Exploited in China-Linked ArcaneDoor Attacks appeared first on SecurityWeek. This article is an excerpt

React to this headline:

Loading spinner

Cisco Firewall Zero-Days Exploited in China-Linked ArcaneDoor Attacks Read More »

Chinese Spies Lurked in Networks for 393 Days, Hunted for Zero-Day Intel

China, China APT, Nation-State, UNC5221, Zero-Day /

Chinese Spies Lurked in Networks for 393 Days, Hunted for Zero-Day Intel 2025-09-25 at 15:33 By Eduard Kovacs Google’s Threat Intelligence Group and Mandiant have shared findings on a recent BrickStorm campaign linked to UNC5221. The post Chinese Spies Lurked in Networks for 393 Days, Hunted for Zero-Day Intel appeared first on SecurityWeek. This article

React to this headline:

Loading spinner

Chinese Spies Lurked in Networks for 393 Days, Hunted for Zero-Day Intel Read More »

Cisco Patches Zero-Day Flaw Affecting Routers and Switches

Cisco, exploited, Featured, Network Security, router, Switch, Vulnerabilities, Zero-Day /

Cisco Patches Zero-Day Flaw Affecting Routers and Switches 2025-09-25 at 11:46 By Ionut Arghire The security defect allows remote attackers with administrative privileges to execute arbitrary code as the root user. The post Cisco Patches Zero-Day Flaw Affecting Routers and Switches appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

React to this headline:

Loading spinner

Cisco Patches Zero-Day Flaw Affecting Routers and Switches Read More »

Chrome 140 Update Patches Sixth Zero-Day of 2025

Chrome, exploited, Vulnerabilities, Zero-Day /

Chrome 140 Update Patches Sixth Zero-Day of 2025 2025-09-18 at 11:10 By Ionut Arghire An exploited type confusion in the V8 JavaScript engine tracked as CVE-2025-10585 was found by Google Threat Analysis Group this week. The post Chrome 140 Update Patches Sixth Zero-Day of 2025 appeared first on SecurityWeek. This article is an excerpt from

React to this headline:

Loading spinner

Chrome 140 Update Patches Sixth Zero-Day of 2025 Read More »

Samsung Patches Zero-Day Exploited Against Android Users

exploited, Featured, Mobile & Wireless, Samsung, spyware, Zero-Day /

Samsung Patches Zero-Day Exploited Against Android Users 2025-09-15 at 11:21 By Ionut Arghire Reported by Meta and WhatsApp, the vulnerability leads to remote code execution and was likely exploited by a spyware vendor. The post Samsung Patches Zero-Day Exploited Against Android Users appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original

React to this headline:

Loading spinner

Samsung Patches Zero-Day Exploited Against Android Users Read More »

Hackers Exploit Sitecore Zero-Day for Malware Delivery

exploited, Sitecore, Vulnerabilities, Zero-Day /

Hackers Exploit Sitecore Zero-Day for Malware Delivery 2025-09-04 at 12:02 By Ionut Arghire Google has observed ViewState deserialization attacks leveraging a sample machine key exposed in older deployment guides. The post Hackers Exploit Sitecore Zero-Day for Malware Delivery appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to this

React to this headline:

Loading spinner

Hackers Exploit Sitecore Zero-Day for Malware Delivery Read More »

Two Exploited Vulnerabilities Patched in Android

Android, exploited, Featured, Mobile & Wireless, patch, Zero-Day /

Two Exploited Vulnerabilities Patched in Android 2025-09-04 at 11:40 By Ionut Arghire Elevation of privilege flaws in Android Runtime (CVE-2025-48543) and Linux kernel (CVE-2025-38352) have been exploited in targeted attacks. The post Two Exploited Vulnerabilities Patched in Android appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to this

React to this headline:

Loading spinner

Two Exploited Vulnerabilities Patched in Android Read More »

WhatsApp Zero-Day Exploited in Attacks Targeting Apple Users

CVE-2025-55177, Featured, Vulnerabilities, WhatsApp, Zero-Day /

WhatsApp Zero-Day Exploited in Attacks Targeting Apple Users 2025-09-02 at 14:48 By Ionut Arghire The vulnerability (CVE-2025-55177) was exploited along an iOS/macOS zero-day in suspected spyware attacks. The post WhatsApp Zero-Day Exploited in Attacks Targeting Apple Users appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to this headline:

React to this headline:

Loading spinner

WhatsApp Zero-Day Exploited in Attacks Targeting Apple Users Read More »

Chinese Silk Typhoon Hackers Exploited Commvault Zero-Day

China APT, cloud security, Commvault, Silk Typhoon, Zero-Day /

Chinese Silk Typhoon Hackers Exploited Commvault Zero-Day 2025-08-22 at 16:45 By Ionut Arghire Silk Typhoon was seen exploiting Citrix NetScaler and Commvault vulnerabilities for initial access to victim systems. The post Chinese Silk Typhoon Hackers Exploited Commvault Zero-Day appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to this

React to this headline:

Loading spinner

Chinese Silk Typhoon Hackers Exploited Commvault Zero-Day Read More »

Apple Patches Zero-Day Exploited in Targeted Attacks

apple, iOS, macOS, Vulnerabilities, Zero-Day /

Apple Patches Zero-Day Exploited in Targeted Attacks 2025-08-21 at 13:21 By Ionut Arghire Apple has rolled out iOS and macOS updates that resolve a zero-day vulnerability exploited in highly targeted attacks. The post Apple Patches Zero-Day Exploited in Targeted Attacks appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React

React to this headline:

Loading spinner

Apple Patches Zero-Day Exploited in Targeted Attacks Read More »

Elastic Refutes Claims of Zero-Day in EDR Product

controversy, EDR, Elastic, RCE, Vulnerabilities, Zero-Day /

Elastic Refutes Claims of Zero-Day in EDR Product 2025-08-20 at 17:08 By Ionut Arghire Elastic has found no evidence of a vulnerability leading to RCE after details and PoC of a Defend EDR bypass were published online. The post Elastic Refutes Claims of Zero-Day in EDR Product appeared first on SecurityWeek. This article is an

React to this headline:

Loading spinner

Elastic Refutes Claims of Zero-Day in EDR Product Read More »

Hundreds of N-able N-central Instances Affected by Exploited Vulnerabilities

exploited, N-able, Vulnerabilities, Zero-Day /

Hundreds of N-able N-central Instances Affected by Exploited Vulnerabilities 2025-08-18 at 15:25 By Ionut Arghire More than 870 N-able N-central instances have not been patched against CVE-2025-8875 and CVE-2025-8876, two exploited vulnerabilities. The post Hundreds of N-able N-central Instances Affected by Exploited Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View

React to this headline:

Loading spinner

Hundreds of N-able N-central Instances Affected by Exploited Vulnerabilities Read More »

Russian Hackers Exploited WinRAR Zero-Day in Attacks on Europe, Canada

cyberespionage, exploited, Nation-State, RomCom, Russia, WinRAR, Zero-Day /

Russian Hackers Exploited WinRAR Zero-Day in Attacks on Europe, Canada 2025-08-11 at 12:55 By Eduard Kovacs WinRAR has patched CVE-2025-8088, a zero-day exploited by Russia’s RomCom in attacks on financial, defense, manufacturing and logistics companies. The post Russian Hackers Exploited WinRAR Zero-Day in Attacks on Europe, Canada appeared first on SecurityWeek. This article is an

React to this headline:

Loading spinner

Russian Hackers Exploited WinRAR Zero-Day in Attacks on Europe, Canada Read More »

Trend Micro Patches Apex One Vulnerabilities Exploited in Wild

Apex One, exploited, Trend Micro, Vulnerabilities, Zero-Day /

Trend Micro Patches Apex One Vulnerabilities Exploited in Wild 2025-08-06 at 18:08 By Eduard Kovacs Trend Micro has rushed to fix two Apex One zero-days that may have been exploited by Chinese threat actors. The post Trend Micro Patches Apex One Vulnerabilities Exploited in Wild appeared first on SecurityWeek. This article is an excerpt from

React to this headline:

Loading spinner

Trend Micro Patches Apex One Vulnerabilities Exploited in Wild Read More »

SonicWall Hunts for Zero-Day Amid Surge in Firewall Exploitation

Featured, firewall, Ransomware, SonicWall, Vulnerabilities, Zero-Day /

SonicWall Hunts for Zero-Day Amid Surge in Firewall Exploitation 2025-08-05 at 10:58 By Ionut Arghire Threat actors might be exploiting a zero-day vulnerability in SonicWall firewalls in a fresh wave of ransomware attacks. The post SonicWall Hunts for Zero-Day Amid Surge in Firewall Exploitation appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

React to this headline:

Loading spinner

SonicWall Hunts for Zero-Day Amid Surge in Firewall Exploitation Read More »

Microsoft Says Chinese APTs Exploited ToolShell Zero-Days Weeks Before Patch

China APT, exploited, Malware & Threats, Microsoft, SharePoint, ToolShell, Zero-Day /

Microsoft Says Chinese APTs Exploited ToolShell Zero-Days Weeks Before Patch 2025-07-22 at 20:47 By Eduard Kovacs Microsoft says the Chinese threat actors Linen Typhoon, Violet Typhoon, and Storm-2603 have been exploiting the ToolShell zero-days. The post Microsoft Says Chinese APTs Exploited ToolShell Zero-Days Weeks Before Patch appeared first on SecurityWeek. This article is an excerpt

React to this headline:

Loading spinner

Microsoft Says Chinese APTs Exploited ToolShell Zero-Days Weeks Before Patch Read More »

ToolShell Zero-Day Attacks on SharePoint: First Wave Linked to China, Hit High-Value Targets

China, China APT, exploited, Featured, Malware & Threats, SharePoint, ToolShell, Vulnerabilities, Zero-Day /

ToolShell Zero-Day Attacks on SharePoint: First Wave Linked to China, Hit High-Value Targets 2025-07-22 at 11:44 By Eduard Kovacs More details emerged on the ToolShell zero-day attacks targeting SharePoint servers, but confusion remains over the vulnerabilities. The post ToolShell Zero-Day Attacks on SharePoint: First Wave Linked to China, Hit High-Value Targets appeared first on SecurityWeek.

React to this headline:

Loading spinner

ToolShell Zero-Day Attacks on SharePoint: First Wave Linked to China, Hit High-Value Targets Read More »

Microsoft Patches ‘ToolShell’ Zero-Days Exploited to Hack SharePoint Servers

exploited, SharePoint, ToolShell, Vulnerabilities, Zero-Day /

Microsoft Patches ‘ToolShell’ Zero-Days Exploited to Hack SharePoint Servers 2025-07-21 at 12:50 By Eduard Kovacs Microsoft has started releasing updates to fix the exploited SharePoint zero-days tracked as CVE-2025-53770 and CVE-2025-53771. The post Microsoft Patches ‘ToolShell’ Zero-Days Exploited to Hack SharePoint Servers appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original

React to this headline:

Loading spinner

Microsoft Patches ‘ToolShell’ Zero-Days Exploited to Hack SharePoint Servers Read More »

Exploited CrushFTP Zero-Day Provides Admin Access to Servers

CrushFTP, exploited, Vulnerabilities, Zero-Day /

Exploited CrushFTP Zero-Day Provides Admin Access to Servers 2025-07-21 at 10:46 By Ionut Arghire Hackers are exploiting a zero-day vulnerability in CrushFTP to gain administrative privileges on vulnerable servers via HTTPS. The post Exploited CrushFTP Zero-Day Provides Admin Access to Servers appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

React to this headline:

Loading spinner

Exploited CrushFTP Zero-Day Provides Admin Access to Servers Read More »

Scroll to Top