Zero-Day

Microsoft Warns of Six Windows Zero-Days Being Actively Exploited

exploit, Featured, Microsoft, Patch Tuesday, Vulnerabilities, Windows, Zero-Day /

Microsoft Warns of Six Windows Zero-Days Being Actively Exploited 2024-08-13 at 23:01 By Ryan Naraine Microsoft’s security response team pushed out documentation for almost 90 vulnerabilities across Windows and OS components and marked several flaws in the actively exploited category. The post Microsoft Warns of Six Windows Zero-Days Being Actively Exploited appeared first on SecurityWeek. […]

React to this headline:

Loading spinner

Microsoft Warns of Six Windows Zero-Days Being Actively Exploited Read More »

Google Patches Android Zero-Day Exploited in Targeted Attacks

Android, exploited, Featured, Vulnerabilities, vulnerability, Zero-Day /

Google Patches Android Zero-Day Exploited in Targeted Attacks 2024-08-06 at 11:01 By Eduard Kovacs Google has patched CVE-2024-36971, a high-severity kernel zero-day vulnerability in Android that has been exploited in targeted attacks.  The post Google Patches Android Zero-Day Exploited in Targeted Attacks appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed

React to this headline:

Loading spinner

Google Patches Android Zero-Day Exploited in Targeted Attacks Read More »

Telegram Zero-Day Enabled Malware Delivery

Malware, Malware & Threats, Telegram, Zero-Day /

Telegram Zero-Day Enabled Malware Delivery 2024-07-23 at 15:16 By Ionut Arghire The EvilVideo zero-day vulnerability in Telegram for Android allowed threat actors to send malicious files disguised as videos. The post Telegram Zero-Day Enabled Malware Delivery appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source React to this

React to this headline:

Loading spinner

Telegram Zero-Day Enabled Malware Delivery Read More »

APT Exploits Windows Zero-Day to Execute Code via Disabled Internet Explorer

exploited, Malware & Threats, Void Banshee, Zero-Day /

APT Exploits Windows Zero-Day to Execute Code via Disabled Internet Explorer 2024-07-16 at 19:16 By Ionut Arghire The Void Banshee APT exploited the CVE-2024-38112 Windows zero-day to infect systems with the Atlantida stealer. The post APT Exploits Windows Zero-Day to Execute Code via Disabled Internet Explorer appeared first on SecurityWeek. This article is an excerpt

React to this headline:

Loading spinner

APT Exploits Windows Zero-Day to Execute Code via Disabled Internet Explorer Read More »

Microsoft Warns of Windows Hyper-V Zero-Day Being Exploited

Adobe, Hyper-V, Incident Response, Malware & Threats, Microsoft, Patch Tuesday, Vulnerabilities, Zero-Day /

Microsoft Warns of Windows Hyper-V Zero-Day Being Exploited 2024-07-09 at 22:04 By Ryan Naraine Patch Tuesday: Microsoft patches more than 140 security vulnerabilities in the Windows ecosystem, including a pair of exploited zero-days. The post Microsoft Warns of Windows Hyper-V Zero-Day Being Exploited appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS

React to this headline:

Loading spinner

Microsoft Warns of Windows Hyper-V Zero-Day Being Exploited Read More »

Cisco Patches NX-OS Zero-Day Exploited by Chinese Cyberspies

Cisco, cyberespionage, exploited, Featured, Malware & Threats, Velvet Ant, Zero-Day /

Cisco Patches NX-OS Zero-Day Exploited by Chinese Cyberspies 2024-07-02 at 12:16 By Ionut Arghire Cisco has patched an NX-OS command injection zero-day exploited by China-linked cyberespionage group Velvet Ant. The post Cisco Patches NX-OS Zero-Day Exploited by Chinese Cyberspies appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source

React to this headline:

Loading spinner

Cisco Patches NX-OS Zero-Day Exploited by Chinese Cyberspies Read More »

Google Warns of Pixel Firmware Zero-Day Under Limited, Targeted Exploitation

CVE-2024-32896, CVE-2024-4610, Google, Google Pixel, Malware & Threats, Mobile & Wireless, Vulnerabilities, Zero-Day /

Google Warns of Pixel Firmware Zero-Day Under Limited, Targeted Exploitation 2024-06-12 at 21:16 By Ryan Naraine The zero-day is tagged as CVE-2024-32896 and described as an elevation of privilege issue in Pixel Firmware. The post Google Warns of Pixel Firmware Zero-Day Under Limited, Targeted Exploitation appeared first on SecurityWeek. This article is an excerpt from

React to this headline:

Loading spinner

Google Warns of Pixel Firmware Zero-Day Under Limited, Targeted Exploitation Read More »

Check Point VPN Attacks Involve Zero-Day Exploited Since April

Check Point, exploited, Featured, Malware & Threats, VPN, vulnerability, Zero-Day /

Check Point VPN Attacks Involve Zero-Day Exploited Since April 2024-05-30 at 12:46 By Eduard Kovacs The recently disclosed Check Point VPN attacks involve the zero-day vulnerability CVE-2024-24919, which allows hackers to obtain passwords. The post Check Point VPN Attacks Involve Zero-Day Exploited Since April appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

React to this headline:

Loading spinner

Check Point VPN Attacks Involve Zero-Day Exploited Since April Read More »

Google Patches Fourth Chrome Zero-Day in Two Weeks

Chrome, CVE-2024-5274, Featured, Vulnerabilities, vulnerability, Zero-Day /

Google Patches Fourth Chrome Zero-Day in Two Weeks 2024-05-24 at 12:16 By Ionut Arghire Exploited in the wild, Chrome vulnerability CVE-2024-5274 is a high-severity flaw described as a type confusion in the V8 JavaScript and WebAssembly engine. The post Google Patches Fourth Chrome Zero-Day in Two Weeks appeared first on SecurityWeek. This article is an

React to this headline:

Loading spinner

Google Patches Fourth Chrome Zero-Day in Two Weeks Read More »

Third Chrome Zero-Day Patched by Google Within One Week

Chrome, exploited, Vulnerabilities, Zero-Day /

Third Chrome Zero-Day Patched by Google Within One Week 2024-05-16 at 12:16 By Ionut Arghire Google releases Chrome 125 to the stable channel with patches for nine vulnerabilities, including a zero-day. The post Third Chrome Zero-Day Patched by Google Within One Week appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed

React to this headline:

Loading spinner

Third Chrome Zero-Day Patched by Google Within One Week Read More »

Google Patches Second Chrome Zero-Day in One Week

Chrome, exploited, Vulnerabilities, Zero-Day /

Google Patches Second Chrome Zero-Day in One Week 2024-05-14 at 14:46 By Eduard Kovacs Google has announced patches for another Chrome vulnerability that has been exploited in attacks. This is the second zero-day addressed by the company in one week and the third flaw leveraged in malicious attacks in 2024. The new zero-day, tracked as

React to this headline:

Loading spinner

Google Patches Second Chrome Zero-Day in One Week Read More »

Exploited Chrome Zero-Day Patched by Google

Chrome, exploited, Featured, Vulnerabilities, Zero-Day /

Exploited Chrome Zero-Day Patched by Google 2024-05-10 at 15:46 By Eduard Kovacs A Chrome 124 update patches the second Chrome zero-day that has been found to be exploited in malicious attacks in 2024. The post Exploited Chrome Zero-Day Patched by Google appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View

React to this headline:

Loading spinner

Exploited Chrome Zero-Day Patched by Google Read More »

MITRE Hack: China-Linked Group Breached Systems in December 2023

China, cyberespionage, espionage, Featured, Ivanti, MITRE, Nation-State, Zero-Day /

MITRE Hack: China-Linked Group Breached Systems in December 2023 2024-05-07 at 11:16 By Eduard Kovacs MITRE has shared more details on the recent hack, including the new malware involved in the attack and a timeline of the attacker’s activities. The post MITRE Hack: China-Linked Group Breached Systems in December 2023 appeared first on SecurityWeek. This

React to this headline:

Loading spinner

MITRE Hack: China-Linked Group Breached Systems in December 2023 Read More »

Over 1,400 CrushFTP Instances Vulnerable to Exploited Zero-Day

CrushFTP, CVE-2024-4040, Malware & Threats, Vulnerabilities, Zero-Day /

Over 1,400 CrushFTP Instances Vulnerable to Exploited Zero-Day 2024-04-26 at 17:16 By Ionut Arghire More than 1,400 CrushFTP servers remain vulnerable to an actively exploited zero-day for which PoC has been published. The post Over 1,400 CrushFTP Instances Vulnerable to Exploited Zero-Day appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed

React to this headline:

Loading spinner

Over 1,400 CrushFTP Instances Vulnerable to Exploited Zero-Day Read More »

Palo Alto Networks Releases Fixes for Firewall Zero-Day as First Attribution Attempts Emerge

exploited, Featured, Malware & Threats, Nation-State, Palo Alto Networks, Zero-Day /

Palo Alto Networks Releases Fixes for Firewall Zero-Day as First Attribution Attempts Emerge 2024-04-15 at 14:00 By Eduard Kovacs Palo Alto Networks has started releasing hotfixes for the firewall zero-day CVE-2024-3400, which some have linked to North Korea’s Lazarus.  The post Palo Alto Networks Releases Fixes for Firewall Zero-Day as First Attribution Attempts Emerge appeared

React to this headline:

Loading spinner

Palo Alto Networks Releases Fixes for Firewall Zero-Day as First Attribution Attempts Emerge Read More »

Microsoft Patches Two Zero-Days Exploited for Malware Delivery

exploited, Malware & Threats, Vulnerabilities, Zero-Day /

Microsoft Patches Two Zero-Days Exploited for Malware Delivery 2024-04-10 at 13:27 By Eduard Kovacs Microsoft patches CVE-2024-29988 and CVE-2024-26234, two zero-day vulnerabilities exploited by threat actors to deliver malware. The post Microsoft Patches Two Zero-Days Exploited for Malware Delivery appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source

React to this headline:

Loading spinner

Microsoft Patches Two Zero-Days Exploited for Malware Delivery Read More »

Ivanti CEO Vows Cybersecurity Makeover After Zero-Day Blitz

CVE-2023-46805, CVE-2024-21887, Government, Ivanti, Nation-State, Pulse Secure, Vulnerabilities, Zero-Day /

Ivanti CEO Vows Cybersecurity Makeover After Zero-Day Blitz 2024-04-04 at 22:31 By Ryan Naraine Ivanti releases a carefully scripted YouTube video and an open letter from chief executive Jeff Abbott vowing to fix the entire security organization. The post Ivanti CEO Vows Cybersecurity Makeover After Zero-Day Blitz appeared first on SecurityWeek. This article is an

React to this headline:

Loading spinner

Ivanti CEO Vows Cybersecurity Makeover After Zero-Day Blitz Read More »

Google Report: Despite Surge in Zero-Day Attacks, Exploit Mitigations Are Working

Google TAG, Lockdown Mode, Malware & Threats, Mandiant, Nation-State, Vulnerabilities, Zero-Day /

Google Report: Despite Surge in Zero-Day Attacks, Exploit Mitigations Are Working 2024-03-27 at 17:01 By Ryan Naraine Despite a surge in zero-day attacks, data shows that security investments into OS and software exploit mitigations are forcing attackers to find new attack surfaces and bug patterns. The post Google Report: Despite Surge in Zero-Day Attacks, Exploit

React to this headline:

Loading spinner

Google Report: Despite Surge in Zero-Day Attacks, Exploit Mitigations Are Working Read More »

Chrome Update Patches Zero-Day Vulnerabilities Exploited at Pwn2Own

Google Chrome, Malware & Threats, Pwn2Own, Vulnerabilities, Zero-Day /

Chrome Update Patches Zero-Day Vulnerabilities Exploited at Pwn2Own 2024-03-27 at 17:01 By Ionut Arghire Google ships a security-themed Chrome browser refresh to fix flaws exploited at the CanSecWest Pwn2Own hacking contest. The post Chrome Update Patches Zero-Day Vulnerabilities Exploited at Pwn2Own appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View

React to this headline:

Loading spinner

Chrome Update Patches Zero-Day Vulnerabilities Exploited at Pwn2Own Read More »

Apple Blunts Zero-Day Attacks With iOS 17.4 Update

CVE-2024-23225, CVE-2024-23296, IOS 17.4, Mobile & Wireless, Vulnerabilities, Zero-Day /

Apple Blunts Zero-Day Attacks With iOS 17.4 Update 2024-03-05 at 23:01 By Ryan Naraine Apple rolls out urgent patches to fix multiple security flaws in its flagship iOS platform and warned about zero-day exploits in the wild. The post Apple Blunts Zero-Day Attacks With iOS 17.4 Update appeared first on SecurityWeek. This article is an

React to this headline:

Loading spinner

Apple Blunts Zero-Day Attacks With iOS 17.4 Update Read More »

Scroll to Top