Zero-Day

Exploit for VMware Zero-Day Flaws Likely Built a Year Before Public Disclosure

Exploit for VMware Zero-Day Flaws Likely Built a Year Before Public Disclosure 2026-01-09 at 13:39 By Ionut Arghire Fresh attacks targeted three VMware ESXi vulnerabilities that were disclosed in March 2025 as zero-days. The post Exploit for VMware Zero-Day Flaws Likely Built a Year Before Public Disclosure appeared first on SecurityWeek. This article is an […]

Exploit for VMware Zero-Day Flaws Likely Built a Year Before Public Disclosure Read More »

Hackers Exploit Zero-Day in Discontinued D-Link Devices

Hackers Exploit Zero-Day in Discontinued D-Link Devices 2026-01-07 at 14:34 By Ionut Arghire The critical-severity vulnerability allows unauthenticated, remote attackers to execute arbitrary shell commands. The post Hackers Exploit Zero-Day in Discontinued D-Link Devices appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Hackers Exploit Zero-Day in Discontinued D-Link Devices Read More »

WatchGuard Patches Firebox Zero-Day Exploited in the Wild

WatchGuard Patches Firebox Zero-Day Exploited in the Wild 2025-12-22 at 15:09 By Ionut Arghire The critical-severity bug in the Fireware OS’s iked process leads to unauthenticated remote code execution. The post WatchGuard Patches Firebox Zero-Day Exploited in the Wild appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

WatchGuard Patches Firebox Zero-Day Exploited in the Wild Read More »

SonicWall Patches Exploited SMA 1000 Zero-Day

SonicWall Patches Exploited SMA 1000 Zero-Day 2025-12-18 at 11:29 By Ionut Arghire The medium-severity flaw has been exploited in combination with a critical bug for remote code execution. The post SonicWall Patches Exploited SMA 1000 Zero-Day appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

SonicWall Patches Exploited SMA 1000 Zero-Day Read More »

China-Linked Hackers Exploiting Zero-Day in Cisco Security Gear

China-Linked Hackers Exploiting Zero-Day in Cisco Security Gear 2025-12-18 at 09:18 By Eduard Kovacs The critical zero-day is tracked as CVE-2025-20393 and it impacts Secure Email Gateway and Secure Email and Web Manager appliances. The post China-Linked Hackers Exploiting Zero-Day in Cisco Security Gear appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

China-Linked Hackers Exploiting Zero-Day in Cisco Security Gear Read More »

Apple Patches Two Zero-Days Tied to Mysterious Exploited Chrome Flaw

Apple Patches Two Zero-Days Tied to Mysterious Exploited Chrome Flaw 2025-12-15 at 13:22 By Eduard Kovacs Apple has released macOS and iOS updates to patch two WebKit zero-days exploited in an “extremely sophisticated” attack. The post Apple Patches Two Zero-Days Tied to Mysterious Exploited Chrome Flaw appeared first on SecurityWeek. This article is an excerpt

Apple Patches Two Zero-Days Tied to Mysterious Exploited Chrome Flaw Read More »

Unpatched Gogs Zero-Day Exploited for Months

Unpatched Gogs Zero-Day Exploited for Months 2025-12-11 at 14:54 By Ionut Arghire The exploited flaw allows attackers to overwrite files outside the repository, leading to remote code execution. The post Unpatched Gogs Zero-Day Exploited for Months appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Unpatched Gogs Zero-Day Exploited for Months Read More »

Google Patches Mysterious Chrome Zero-Day Exploited in the Wild

Google Patches Mysterious Chrome Zero-Day Exploited in the Wild 2025-12-11 at 09:49 By Eduard Kovacs The Chrome zero-day does not have a CVE and it’s unclear who reported it and which browser component it affects. The post Google Patches Mysterious Chrome Zero-Day Exploited in the Wild appeared first on SecurityWeek. This article is an excerpt

Google Patches Mysterious Chrome Zero-Day Exploited in the Wild Read More »

Microsoft Patches 57 Vulnerabilities, Three Zero-Days

Microsoft Patches 57 Vulnerabilities, Three Zero-Days 2025-12-10 at 00:44 By Ionut Arghire Microsoft has addressed a Windows vulnerability exploited as zero-day that allows attackers to obtain System privileges. The post Microsoft Patches 57 Vulnerabilities, Three Zero-Days appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Microsoft Patches 57 Vulnerabilities, Three Zero-Days Read More »

Android’s December 2025 Updates Patch Two Zero-Days

Android’s December 2025 Updates Patch Two Zero-Days 2025-12-02 at 15:15 By Ionut Arghire Google warns that two out of the 107 vulnerabilities patched in Android this month have been exploited in limited, targeted attacks. The post Android’s December 2025 Updates Patch Two Zero-Days appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View

Android’s December 2025 Updates Patch Two Zero-Days Read More »

Critical Oracle Identity Manager Flaw Possibly Exploited as Zero-Day

Critical Oracle Identity Manager Flaw Possibly Exploited as Zero-Day 2025-11-21 at 15:47 By Eduard Kovacs CVE-2025-61757 is an unauthenticated remote code execution vulnerability affecting Oracle Identity Manager. The post Critical Oracle Identity Manager Flaw Possibly Exploited as Zero-Day appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Critical Oracle Identity Manager Flaw Possibly Exploited as Zero-Day Read More »

Fortinet Discloses Second Exploited FortiWeb Zero-Day in a Week

Fortinet Discloses Second Exploited FortiWeb Zero-Day in a Week 2025-11-19 at 11:49 By Ionut Arghire An OS command injection flaw, the exploited zero-day allows attackers to execute arbitrary code on the underlying system. The post Fortinet Discloses Second Exploited FortiWeb Zero-Day in a Week appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

Fortinet Discloses Second Exploited FortiWeb Zero-Day in a Week Read More »

Chrome 142 Update Patches Exploited Zero-Day

Chrome 142 Update Patches Exploited Zero-Day 2025-11-18 at 09:33 By Ionut Arghire The flaw was reported by Google’s Threat Analysis Group and was likely exploited by a commercial spyware vendor. The post Chrome 142 Update Patches Exploited Zero-Day appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Chrome 142 Update Patches Exploited Zero-Day Read More »

Cisco ISE, CitrixBleed 2 Vulnerabilities Exploited as Zero-Days: Amazon

Cisco ISE, CitrixBleed 2 Vulnerabilities Exploited as Zero-Days: Amazon 2025-11-13 at 11:57 By Ionut Arghire Amazon has seen a threat actor exploiting CVE-2025-20337 and CVE-2025-5777, two critical Cisco and Citrix vulnerabilities, as zero-days. The post Cisco ISE, CitrixBleed 2 Vulnerabilities Exploited as Zero-Days: Amazon appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

Cisco ISE, CitrixBleed 2 Vulnerabilities Exploited as Zero-Days: Amazon Read More »

Microsoft Patches Actively Exploited Windows Kernel Zero-Day

Microsoft Patches Actively Exploited Windows Kernel Zero-Day 2025-11-11 at 23:07 By Eduard Kovacs Microsoft’s latest Patch Tuesday updates address more than 60 vulnerabilities in Windows and other products. The post Microsoft Patches Actively Exploited Windows Kernel Zero-Day appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Microsoft Patches Actively Exploited Windows Kernel Zero-Day Read More »

Landfall Android Spyware Targeted Samsung Phones via Zero-Day

Landfall Android Spyware Targeted Samsung Phones via Zero-Day 2025-11-07 at 19:39 By Eduard Kovacs Threat actors exploited CVE-2025-21042 to deliver malware via specially crafted images to users in the Middle East.  The post Landfall Android Spyware Targeted Samsung Phones via Zero-Day appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Landfall Android Spyware Targeted Samsung Phones via Zero-Day Read More »

Chrome Zero-Day Exploitation Linked to Hacking Team Spyware

Chrome Zero-Day Exploitation Linked to Hacking Team Spyware 2025-10-27 at 11:33 By Ionut Arghire The threat actor behind Operation ForumTroll used the same toolset typically employed in Dante spyware attacks. The post Chrome Zero-Day Exploitation Linked to Hacking Team Spyware appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Chrome Zero-Day Exploitation Linked to Hacking Team Spyware Read More »

Pwn2Own WhatsApp Hacker Says Exploit Privately Disclosed to Meta

Pwn2Own WhatsApp Hacker Says Exploit Privately Disclosed to Meta 2025-10-24 at 12:43 By Eduard Kovacs Questions have been raised over the technical viability of the purported WhatsApp exploit, but the researcher says he wants to keep his identity private. The post Pwn2Own WhatsApp Hacker Says Exploit Privately Disclosed to Meta appeared first on SecurityWeek. This

Pwn2Own WhatsApp Hacker Says Exploit Privately Disclosed to Meta Read More »

Lanscope Endpoint Manager Zero-Day Exploited in the Wild

Lanscope Endpoint Manager Zero-Day Exploited in the Wild 2025-10-23 at 13:05 By Ionut Arghire The bug has been exploited in the wild as a zero-day and the US cybersecurity agency CISA has added it to its KEV catalog. The post Lanscope Endpoint Manager Zero-Day Exploited in the Wild appeared first on SecurityWeek. This article is

Lanscope Endpoint Manager Zero-Day Exploited in the Wild Read More »

Exploitation of Oracle EBS Zero-Day Started 2 Months Before Patching

Exploitation of Oracle EBS Zero-Day Started 2 Months Before Patching 2025-10-08 at 10:57 By Eduard Kovacs Hundreds of internet-exposed Oracle E-Business Suite instances may still be vulnerable to attacks. The post Exploitation of Oracle EBS Zero-Day Started 2 Months Before Patching appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Exploitation of Oracle EBS Zero-Day Started 2 Months Before Patching Read More »

Scroll to Top