Zero-Day

Apple Quashes Two Zero-Days With iOS, MacOS Patches

apple, CVE-2025-31200, CVE-2025-31201, Featured, iOS 18.4.1, macOS, Malware & Threats, Vulnerabilities, Zero-Day /

Apple Quashes Two Zero-Days With iOS, MacOS Patches 2025-04-16 at 23:38 By Ryan Naraine The vulnerabilities are described as code execution and mitigation bypass issues that affect Apple’s iOS, iPadOS and macOS platforms. The post Apple Quashes Two Zero-Days With iOS, MacOS Patches appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View […]

React to this headline:

Loading spinner

Apple Quashes Two Zero-Days With iOS, MacOS Patches Read More »

Microsoft Patches 125 Windows Vulns, Including Exploited CLFS Zero-Day

CVE-2025-29824, Featured, Malware & Threats, Microsoft, Patch Tuesday, Vulnerabilities, Windows CLFS, Zero-Day /

Microsoft Patches 125 Windows Vulns, Including Exploited CLFS Zero-Day 2025-04-08 at 22:03 By Ryan Naraine Patch Tuesday: Microsoft ships urgent cover for another WIndows CLFS vulnerability already exploited in the wild. The post Microsoft Patches 125 Windows Vulns, Including Exploited CLFS Zero-Day appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original

React to this headline:

Loading spinner

Microsoft Patches 125 Windows Vulns, Including Exploited CLFS Zero-Day Read More »

Apple Patches Recent Zero-Days in Older iPhones

apple, exploited, iOS, macOS, patch, Vulnerabilities, Zero-Day /

Apple Patches Recent Zero-Days in Older iPhones 2025-04-01 at 13:39 By Ionut Arghire Apple has released a hefty round of security updates for its desktop and mobile products, patching two recent zero-days in older iPhone models. The post Apple Patches Recent Zero-Days in Older iPhones appeared first on SecurityWeek. This article is an excerpt from

React to this headline:

Loading spinner

Apple Patches Recent Zero-Days in Older iPhones Read More »

Firefox Affected by Flaw Similar to Chrome Zero-Day Exploited in Russia

Chrome, exploited, Featured, Firefox, sandbox escape, Vulnerabilities, Zero-Day /

Firefox Affected by Flaw Similar to Chrome Zero-Day Exploited in Russia 2025-03-28 at 12:26 By Eduard Kovacs Firefox developers have determined that their browser is affected by a vulnerability similar to the recent Chrome sandbox escape zero-day. The post Firefox Affected by Flaw Similar to Chrome Zero-Day Exploited in Russia appeared first on SecurityWeek. This

React to this headline:

Loading spinner

Firefox Affected by Flaw Similar to Chrome Zero-Day Exploited in Russia Read More »

Russian Firm Offers $4 Million for Telegram Exploits

exploit, Operation Zero, Telegram, Vulnerabilities, Zero-Day /

Russian Firm Offers $4 Million for Telegram Exploits 2025-03-24 at 17:19 By Ionut Arghire A Russian exploit acquisition firm says it is willing to pay up to $4 million for full-chain exploits targeting the popular messaging service Telegram. The firm, Operation Zero, is known for selling zero-day exploits exclusively to Russian government and private organizations.

React to this headline:

Loading spinner

Russian Firm Offers $4 Million for Telegram Exploits Read More »

Paragon Spyware Attacks Exploited WhatsApp Zero-Day 

Citizen Lab, exploited, Featured, Graphite, Mobile & Wireless, Paragon, spyware, WhatsApp, Zero-Day /

Paragon Spyware Attacks Exploited WhatsApp Zero-Day  2025-03-20 at 12:03 By Eduard Kovacs Attacks involving Paragon’s Graphite spyware involved a WhatsApp zero-day that could be exploited without any user interaction. The post Paragon Spyware Attacks Exploited WhatsApp Zero-Day  appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to this headline:

React to this headline:

Loading spinner

Paragon Spyware Attacks Exploited WhatsApp Zero-Day  Read More »

FreeType Zero-Day Being Exploited in the Wild

CVE-2025-27363, Facebook, FreeType, Malware & Threats, Meta, Vulnerabilities, Zero-Day /

FreeType Zero-Day Being Exploited in the Wild 2025-03-13 at 19:24 By Ryan Naraine Meta’s Facebook security team warns of live exploitation of a zero-day vulnerability in the open-source FreeType library.  The post FreeType Zero-Day Being Exploited in the Wild appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to

React to this headline:

Loading spinner

FreeType Zero-Day Being Exploited in the Wild Read More »

Newly Patched Windows Zero-Day Exploited for Two Years

exploited, Vulnerabilities, Windows, Zero-Day /

Newly Patched Windows Zero-Day Exploited for Two Years 2025-03-12 at 14:18 By Ionut Arghire Microsoft on Tuesday patched a zero-day vulnerability in the Windows Win32 kernel that has been exploited since March 2023. The post Newly Patched Windows Zero-Day Exploited for Two Years appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View

React to this headline:

Loading spinner

Newly Patched Windows Zero-Day Exploited for Two Years Read More »

Apple Ships iOS 18.3.2 to Fix Already-Exploited WebKit Flaw

apple, CVE-2025-24201, iOS, iOS 18.3.2, Mobile & Wireless, USB Restricted Mode, Vulnerabilities, Zero-Day /

Apple Ships iOS 18.3.2 to Fix Already-Exploited WebKit Flaw 2025-03-11 at 21:16 By Ryan Naraine Apple warns that the WebKIt bug “may have been exploited in an extremely sophisticated attack against specific targeted individuals.” The post Apple Ships iOS 18.3.2 to Fix Already-Exploited WebKit Flaw appeared first on SecurityWeek. This article is an excerpt from

React to this headline:

Loading spinner

Apple Ships iOS 18.3.2 to Fix Already-Exploited WebKit Flaw Read More »

Patch Tuesday: Microsoft Patches 57 Flaws, Flags Six Active Zero-Days 

critical infrastructure, Malware & Threats, Microsoft, Patch Tuesday, remote code execution, Vulnerabilities, Zero-Day /

Patch Tuesday: Microsoft Patches 57 Flaws, Flags Six Active Zero-Days  2025-03-11 at 21:03 By Ryan Naraine Redmond ships major security updates with warnings that a half-dozen Windows vulnerabilities have already been exploited in the wild. The post Patch Tuesday: Microsoft Patches 57 Flaws, Flags Six Active Zero-Days  appeared first on SecurityWeek. This article is an

React to this headline:

Loading spinner

Patch Tuesday: Microsoft Patches 57 Flaws, Flags Six Active Zero-Days  Read More »

Edimax Camera Zero-Day Disclosed by CISA Exploited by Botnets

botnet, camera, Edimax, exploited, Featured, IoT Security, Malware & Threats, Mirai, Zero-Day /

Edimax Camera Zero-Day Disclosed by CISA Exploited by Botnets 2025-03-07 at 10:31 By Eduard Kovacs Multiple Mirai-based botnets are exploiting CVE-2025-1316, an Edimax IP camera vulnerability that allows remote command execution. The post Edimax Camera Zero-Day Disclosed by CISA Exploited by Botnets appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original

React to this headline:

Loading spinner

Edimax Camera Zero-Day Disclosed by CISA Exploited by Botnets Read More »

Exploited VMware ESXi Flaws Put Many at Risk of Ransomware, Other Attacks

ESX, exploited, Featured, VMWare, Vulnerabilities, Zero-Day /

Exploited VMware ESXi Flaws Put Many at Risk of Ransomware, Other Attacks 2025-03-06 at 12:03 By Eduard Kovacs Scans show that tens of thousands of VMware ESXi instances are affected by CVE-2025-22224 and other vulnerabilities disclosed recently as zero-days. The post Exploited VMware ESXi Flaws Put Many at Risk of Ransomware, Other Attacks appeared first

React to this headline:

Loading spinner

Exploited VMware ESXi Flaws Put Many at Risk of Ransomware, Other Attacks Read More »

New Windows Zero-Day Exploited by Chinese APT: Security Firm

China, exploited, Mustang Panda, Vulnerabilities, Windows, Zero-Day /

New Windows Zero-Day Exploited by Chinese APT: Security Firm 2025-02-14 at 13:52 By Eduard Kovacs ClearSky Cyber Security says it has seen a new Windows zero-day being exploited by a Chinese APT named Mustang Panda.  The post New Windows Zero-Day Exploited by Chinese APT: Security Firm appeared first on SecurityWeek. This article is an excerpt

React to this headline:

Loading spinner

New Windows Zero-Day Exploited by Chinese APT: Security Firm Read More »

Microsoft Patches ‘Wormable’ Windows Flaw and File-Deleting Zero-Day

CVE-2025-21391, CVE-2025-21418, Malware & Threats, Microsoft, Patch Tuesday, Vulnerabilities, Zero-Day /

Microsoft Patches ‘Wormable’ Windows Flaw and File-Deleting Zero-Day 2025-02-11 at 22:06 By Ryan Naraine The Microsoft Patch Tuesday machine hummed loudly this month urgent fixes for a pair of already-exploited Windows zero-days. The post Microsoft Patches ‘Wormable’ Windows Flaw and File-Deleting Zero-Day appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original

React to this headline:

Loading spinner

Microsoft Patches ‘Wormable’ Windows Flaw and File-Deleting Zero-Day Read More »

Trimble Cityworks Customers Warned of Zero-Day Exploitation

CityWorks, exploited, ICS, ICS/OT, Trimble, Zero-Day /

Trimble Cityworks Customers Warned of Zero-Day Exploitation 2025-02-07 at 12:05 By Eduard Kovacs Trimble Cityworks is affected by a zero-day vulnerability that has been exploited in attacks involving the delivery of malware. The post Trimble Cityworks Customers Warned of Zero-Day Exploitation appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

React to this headline:

Loading spinner

Trimble Cityworks Customers Warned of Zero-Day Exploitation Read More »

Russian Hackers Exploited 7-Zip Zero-Day Against Ukraine

7-Zip, exploited, Malware & Threats, Russia, Ukraine, Zero-Day /

Russian Hackers Exploited 7-Zip Zero-Day Against Ukraine 2025-02-05 at 14:09 By Ionut Arghire Russian threat groups have been observed exploiting a zero-day vulnerability in 7-Zip against Ukrainian entities. The post Russian Hackers Exploited 7-Zip Zero-Day Against Ukraine appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to this headline:

React to this headline:

Loading spinner

Russian Hackers Exploited 7-Zip Zero-Day Against Ukraine Read More »

Cyble’s Weekly Vulnerability Update: Critical SonicWall Zero-Day and Exploited Flaws Discovered

vulnerability, Weekly Vulnerability, Zero-Day /

Cyble’s Weekly Vulnerability Update: Critical SonicWall Zero-Day and Exploited Flaws Discovered 2025-01-31 at 12:36 By daksh sharma Overview Cyble’s weekly vulnerability insights to clients cover key vulnerabilities discovered between January 22 and January 28, 2025. The findings highlight a range of vulnerabilities across various platforms, including critical issues that are already being actively exploited. Notably,

React to this headline:

Loading spinner

Cyble’s Weekly Vulnerability Update: Critical SonicWall Zero-Day and Exploited Flaws Discovered Read More »

SonicWall Confirms Exploitation of New SMA Zero-Day

exploited, SMA, SonicWall, Vulnerabilities, Zero-Day /

SonicWall Confirms Exploitation of New SMA Zero-Day 2025-01-28 at 13:33 By Eduard Kovacs SonicWall has confirmed that an SMA 1000 zero-day tracked as CVE-2025-23006 has been exploited in the wild. The post SonicWall Confirms Exploitation of New SMA Zero-Day appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to

React to this headline:

Loading spinner

SonicWall Confirms Exploitation of New SMA Zero-Day Read More »

Apple Patches First Exploited iOS Zero-Day of 2025

apple, exploited, Featured, iOS, Mobile & Wireless, Vulnerabilities, Zero-Day /

Apple Patches First Exploited iOS Zero-Day of 2025 2025-01-28 at 13:03 By Ionut Arghire Apple has released fixes for dozens of vulnerabilities in its mobile and desktop products, including an iOS zero-day exploited in attacks. The post Apple Patches First Exploited iOS Zero-Day of 2025 appeared first on SecurityWeek. This article is an excerpt from

React to this headline:

Loading spinner

Apple Patches First Exploited iOS Zero-Day of 2025 Read More »

Zero-Day Breach at Rackspace Sparks Vendor Blame Game

Data Breaches, Featured, Rackspace, Ransomware, ScienceLogic, SL1, Supply Chain Security, Zero-Day /

Zero-Day Breach at Rackspace Sparks Vendor Blame Game 2024-10-02 at 21:01 By Ryan Naraine A breach at Rackspace exposes the fragility of the software supply chain, triggering a blame game among vendors over an exploited zero-day. The post Zero-Day Breach at Rackspace Sparks Vendor Blame Game appeared first on SecurityWeek. This article is an excerpt

React to this headline:

Loading spinner

Zero-Day Breach at Rackspace Sparks Vendor Blame Game Read More »

Scroll to Top