Zero-Day

Second Ransomware Group Caught Exploiting Windows Flaw as Zero-Day

exploited, Ransomware, Zero-Day /

Second Ransomware Group Caught Exploiting Windows Flaw as Zero-Day 2025-05-07 at 13:02 By Eduard Kovacs At least two ransomware groups exploited the Windows zero-day CVE-2025-29824 before it was patched by Microsoft. The post Second Ransomware Group Caught Exploiting Windows Flaw as Zero-Day appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original […]

React to this headline:

Loading spinner

Second Ransomware Group Caught Exploiting Windows Flaw as Zero-Day Read More »

Second Wave of Attacks Hitting SAP NetWeaver After Zero-Day Compromise

exploited, SAP, Vulnerabilities, Zero-Day /

Second Wave of Attacks Hitting SAP NetWeaver After Zero-Day Compromise 2025-05-06 at 15:39 By Ionut Arghire Threat actors are revisiting SAP NetWeaver instances to leverage webshells deployed via a recent zero-day vulnerability. The post Second Wave of Attacks Hitting SAP NetWeaver After Zero-Day Compromise appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

React to this headline:

Loading spinner

Second Wave of Attacks Hitting SAP NetWeaver After Zero-Day Compromise Read More »

Android Update Patches FreeType Vulnerability Exploited as Zero-Day

Android, exploited, Featured, FreeType, Mobile & Wireless, Zero-Day /

Android Update Patches FreeType Vulnerability Exploited as Zero-Day 2025-05-06 at 12:00 By Ionut Arghire Android’s May 2025 security update includes patches for an exploited vulnerability in the FreeType open source rendering engine. The post Android Update Patches FreeType Vulnerability Exploited as Zero-Day appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original

React to this headline:

Loading spinner

Android Update Patches FreeType Vulnerability Exploited as Zero-Day Read More »

More Details Come to Light on Commvault Vulnerability Exploitation

Commvault, exploited, Vulnerabilities, Zero-Day /

More Details Come to Light on Commvault Vulnerability Exploitation 2025-05-01 at 15:03 By Ionut Arghire Commvault has shared indicators of compromise associated with the exploitation of a vulnerability by state-sponsored hackers. The post More Details Come to Light on Commvault Vulnerability Exploitation appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original

React to this headline:

Loading spinner

More Details Come to Light on Commvault Vulnerability Exploitation Read More »

Google Tracked 75 Zero-Days in 2024

exploit, Google, report, Vulnerabilities, Zero-Day /

Google Tracked 75 Zero-Days in 2024 2025-04-29 at 14:42 By Eduard Kovacs The number of exploited zero-days seen by Google in 2024 dropped to 75, from 98 observed in the previous year. The post Google Tracked 75 Zero-Days in 2024 appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React

React to this headline:

Loading spinner

Google Tracked 75 Zero-Days in 2024 Read More »

Exploited Vulnerability Exposes Over 400 SAP NetWeaver Servers to Attacks

exploited, SAP, Vulnerabilities, Zero-Day /

Exploited Vulnerability Exposes Over 400 SAP NetWeaver Servers to Attacks 2025-04-29 at 13:34 By Ionut Arghire More than 400 SAP NetWeaver servers are impacted by CVE-2025-31324, an exploited remote code execution vulnerability. The post Exploited Vulnerability Exposes Over 400 SAP NetWeaver Servers to Attacks appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

React to this headline:

Loading spinner

Exploited Vulnerability Exposes Over 400 SAP NetWeaver Servers to Attacks Read More »

Craft CMS Zero-Day Exploited to Compromise Hundreds of Websites

CMS, Craft, exploited, Vulnerabilities, vulnerability, Zero-Day /

Craft CMS Zero-Day Exploited to Compromise Hundreds of Websites 2025-04-28 at 17:32 By Ionut Arghire Threat actors have exploited a zero-day vulnerability in Craft CMS to execute PHP code on hundreds of websites. The post Craft CMS Zero-Day Exploited to Compromise Hundreds of Websites appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

React to this headline:

Loading spinner

Craft CMS Zero-Day Exploited to Compromise Hundreds of Websites Read More »

South Korean Companies Targeted by Lazarus via Watering Hole Attacks, Zero-Days

Lazarus, Nation-State, North Korea, South Korea, watering hole, Zero-Day /

South Korean Companies Targeted by Lazarus via Watering Hole Attacks, Zero-Days 2025-04-25 at 14:31 By Ionut Arghire Multiple South Korean organizations across industries have been targeted in a recent Lazarus campaign dubbed Operation SyncHole. The post South Korean Companies Targeted by Lazarus via Watering Hole Attacks, Zero-Days appeared first on SecurityWeek. This article is an

React to this headline:

Loading spinner

South Korean Companies Targeted by Lazarus via Watering Hole Attacks, Zero-Days Read More »

SAP Zero-Day Possibly Exploited by Initial Access Broker

exploited, Featured, initial access broker, SAP, Vulnerabilities, Zero-Day /

SAP Zero-Day Possibly Exploited by Initial Access Broker 2025-04-25 at 12:38 By Ionut Arghire A zero-day vulnerability in SAP NetWeaver potentially affects more than 10,000 internet-facing applications. The post SAP Zero-Day Possibly Exploited by Initial Access Broker appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to this headline:

React to this headline:

Loading spinner

SAP Zero-Day Possibly Exploited by Initial Access Broker Read More »

Ethical Zero Day Marketplace Desired Effect Emerges From Stealth

exploit, Threat Intelligence, Vulnerabilities, Zero-Day /

Ethical Zero Day Marketplace Desired Effect Emerges From Stealth 2025-04-23 at 17:48 By Kevin Townsend Desired Effect provides an ethical vulnerability exchange marketplace to help defenders get ahead of attackers. The post Ethical Zero Day Marketplace Desired Effect Emerges From Stealth appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

React to this headline:

Loading spinner

Ethical Zero Day Marketplace Desired Effect Emerges From Stealth Read More »

Apple Quashes Two Zero-Days With iOS, MacOS Patches

apple, CVE-2025-31200, CVE-2025-31201, Featured, iOS 18.4.1, macOS, Malware & Threats, Vulnerabilities, Zero-Day /

Apple Quashes Two Zero-Days With iOS, MacOS Patches 2025-04-16 at 23:38 By Ryan Naraine The vulnerabilities are described as code execution and mitigation bypass issues that affect Apple’s iOS, iPadOS and macOS platforms. The post Apple Quashes Two Zero-Days With iOS, MacOS Patches appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View

React to this headline:

Loading spinner

Apple Quashes Two Zero-Days With iOS, MacOS Patches Read More »

Microsoft Patches 125 Windows Vulns, Including Exploited CLFS Zero-Day

CVE-2025-29824, Featured, Malware & Threats, Microsoft, Patch Tuesday, Vulnerabilities, Windows CLFS, Zero-Day /

Microsoft Patches 125 Windows Vulns, Including Exploited CLFS Zero-Day 2025-04-08 at 22:03 By Ryan Naraine Patch Tuesday: Microsoft ships urgent cover for another WIndows CLFS vulnerability already exploited in the wild. The post Microsoft Patches 125 Windows Vulns, Including Exploited CLFS Zero-Day appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original

React to this headline:

Loading spinner

Microsoft Patches 125 Windows Vulns, Including Exploited CLFS Zero-Day Read More »

Apple Patches Recent Zero-Days in Older iPhones

apple, exploited, iOS, macOS, patch, Vulnerabilities, Zero-Day /

Apple Patches Recent Zero-Days in Older iPhones 2025-04-01 at 13:39 By Ionut Arghire Apple has released a hefty round of security updates for its desktop and mobile products, patching two recent zero-days in older iPhone models. The post Apple Patches Recent Zero-Days in Older iPhones appeared first on SecurityWeek. This article is an excerpt from

React to this headline:

Loading spinner

Apple Patches Recent Zero-Days in Older iPhones Read More »

Firefox Affected by Flaw Similar to Chrome Zero-Day Exploited in Russia

Chrome, exploited, Featured, Firefox, sandbox escape, Vulnerabilities, Zero-Day /

Firefox Affected by Flaw Similar to Chrome Zero-Day Exploited in Russia 2025-03-28 at 12:26 By Eduard Kovacs Firefox developers have determined that their browser is affected by a vulnerability similar to the recent Chrome sandbox escape zero-day. The post Firefox Affected by Flaw Similar to Chrome Zero-Day Exploited in Russia appeared first on SecurityWeek. This

React to this headline:

Loading spinner

Firefox Affected by Flaw Similar to Chrome Zero-Day Exploited in Russia Read More »

Russian Firm Offers $4 Million for Telegram Exploits

exploit, Operation Zero, Telegram, Vulnerabilities, Zero-Day /

Russian Firm Offers $4 Million for Telegram Exploits 2025-03-24 at 17:19 By Ionut Arghire A Russian exploit acquisition firm says it is willing to pay up to $4 million for full-chain exploits targeting the popular messaging service Telegram. The firm, Operation Zero, is known for selling zero-day exploits exclusively to Russian government and private organizations.

React to this headline:

Loading spinner

Russian Firm Offers $4 Million for Telegram Exploits Read More »

Paragon Spyware Attacks Exploited WhatsApp Zero-Day 

Citizen Lab, exploited, Featured, Graphite, Mobile & Wireless, Paragon, spyware, WhatsApp, Zero-Day /

Paragon Spyware Attacks Exploited WhatsApp Zero-Day  2025-03-20 at 12:03 By Eduard Kovacs Attacks involving Paragon’s Graphite spyware involved a WhatsApp zero-day that could be exploited without any user interaction. The post Paragon Spyware Attacks Exploited WhatsApp Zero-Day  appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to this headline:

React to this headline:

Loading spinner

Paragon Spyware Attacks Exploited WhatsApp Zero-Day  Read More »

FreeType Zero-Day Being Exploited in the Wild

CVE-2025-27363, Facebook, FreeType, Malware & Threats, Meta, Vulnerabilities, Zero-Day /

FreeType Zero-Day Being Exploited in the Wild 2025-03-13 at 19:24 By Ryan Naraine Meta’s Facebook security team warns of live exploitation of a zero-day vulnerability in the open-source FreeType library.  The post FreeType Zero-Day Being Exploited in the Wild appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to

React to this headline:

Loading spinner

FreeType Zero-Day Being Exploited in the Wild Read More »

Newly Patched Windows Zero-Day Exploited for Two Years

exploited, Vulnerabilities, Windows, Zero-Day /

Newly Patched Windows Zero-Day Exploited for Two Years 2025-03-12 at 14:18 By Ionut Arghire Microsoft on Tuesday patched a zero-day vulnerability in the Windows Win32 kernel that has been exploited since March 2023. The post Newly Patched Windows Zero-Day Exploited for Two Years appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View

React to this headline:

Loading spinner

Newly Patched Windows Zero-Day Exploited for Two Years Read More »

Apple Ships iOS 18.3.2 to Fix Already-Exploited WebKit Flaw

apple, CVE-2025-24201, iOS, iOS 18.3.2, Mobile & Wireless, USB Restricted Mode, Vulnerabilities, Zero-Day /

Apple Ships iOS 18.3.2 to Fix Already-Exploited WebKit Flaw 2025-03-11 at 21:16 By Ryan Naraine Apple warns that the WebKIt bug “may have been exploited in an extremely sophisticated attack against specific targeted individuals.” The post Apple Ships iOS 18.3.2 to Fix Already-Exploited WebKit Flaw appeared first on SecurityWeek. This article is an excerpt from

React to this headline:

Loading spinner

Apple Ships iOS 18.3.2 to Fix Already-Exploited WebKit Flaw Read More »

Patch Tuesday: Microsoft Patches 57 Flaws, Flags Six Active Zero-Days 

critical infrastructure, Malware & Threats, Microsoft, Patch Tuesday, remote code execution, Vulnerabilities, Zero-Day /

Patch Tuesday: Microsoft Patches 57 Flaws, Flags Six Active Zero-Days  2025-03-11 at 21:03 By Ryan Naraine Redmond ships major security updates with warnings that a half-dozen Windows vulnerabilities have already been exploited in the wild. The post Patch Tuesday: Microsoft Patches 57 Flaws, Flags Six Active Zero-Days  appeared first on SecurityWeek. This article is an

React to this headline:

Loading spinner

Patch Tuesday: Microsoft Patches 57 Flaws, Flags Six Active Zero-Days  Read More »

Scroll to Top