Topic: zero-day exploits
-
Microsoft's Valentine's Day Patch: 6 Critical Zero-Day Fixes
Microsoft's February security update patched 59 vulnerabilities, with six actively exploited as zero-days before the fix, indicating a more aggressive threat landscape. Among the critical flaws patched were high-severity security feature bypasses in Windows Shell and Internet Explorer, which coul...
Read More » -
Urgent Microsoft Update: Patch Windows 10, 11, Server Now
Microsoft has urgently patched a zero-day vulnerability (CVE-2025-62215) in the Windows Kernel, which is already being actively exploited to gain system-level privileges. The flaw involves improper synchronization in concurrent execution, allowing attackers to escalate privileges after initial ac...
Read More » -
Urgent Windows 0-Day and Critical Flaw Actively Exploited
Two critical Windows vulnerabilities are being actively exploited in widespread global attacks, including a zero-day flaw used since 2017 and another that Microsoft failed to patch in a recent update. The zero-day vulnerability (CVE-2025-9491) has been exploited by up to eleven advanced threat gr...
Read More » -
China-Linked Hackers Exploit Cisco Firewall Zero-Days
Cisco has released emergency patches for two actively exploited zero-day vulnerabilities (CVE-2025-20333 and CVE-2025-20362) in its ASA and FTD firewall software, linked to the ArcaneDoor espionage campaign. The vulnerabilities allowed attackers, suspected to be a China-based group, to execute co...
Read More » -
Hackers Exploit Critical Microsoft Zero-Day Bugs in Windows, Office
Microsoft has released critical patches for actively exploited zero-day vulnerabilities in Windows and Office, including a severe flaw (CVE-2026-21510) in the Windows shell that bypasses the SmartScreen security filter. A second critical vulnerability (CVE-2026-21513) exists in the legacy MSHTML ...
Read More » -
Top Cybersecurity Breaches and Attacks of 2025
Sophisticated social engineering and malware campaigns, such as ClickFix and its variants, expanded across operating systems, tricking users into self-inflicted infections and becoming commercialized through paid platforms. The cryptocurrency sector and enterprise software faced massive breaches,...
Read More » -
QNAP Patches Critical Zero-Day Flaws Exploited at Pwn2Own
QNAP has urgently patched seven critical zero-day vulnerabilities exploited during the Pwn2Own Ireland 2025 contest, affecting core components like QTS/QuTS hero operating systems and applications such as Hyper Data Protector and HBS 3. The company advises users to install the latest software upd...
Read More » -
WSUS Flaw Exploited, BIND 9 PoC Published in Security Review
The digital security landscape is rapidly evolving with emerging threats like biometric innovations such as EarID for identity verification and critical infrastructure risks in healthcare and smart homes, requiring proactive defense strategies. New tools and vulnerabilities are shaping cybersecur...
Read More » -
Cisco ASA Firewalls Remain Vulnerable to Zero-Day Attacks
Approximately 48,000 Cisco ASA devices remain vulnerable to active zero-day attacks, posing ongoing risks globally, with the majority located in the U.S. and other key countries. Attackers have used advanced tactics, including disabling logging and intercepting commands, to exploit vulnerabilitie...
Read More » -
CISA Mandates Urgent Patching for Actively Exploited Cisco Zero-Day Flaws
CISA has issued an emergency directive requiring U.S. federal agencies to immediately address two actively exploited critical vulnerabilities (CVE-2025-20333 and CVE-2025-20362) in Cisco ASA and FTD firewalls, which allow unauthenticated remote code execution. Agencies must inventory all affected...
Read More » -
Security Can't Keep Up with Modern Attackers
Cyber threats are evolving faster than defenses, with attackers constantly refining their tactics, techniques, and procedures (TTPs), creating a widening gap between their innovation and traditional security coverage. Zero-day exploits are now widely used by criminal groups, not just nation-state...
Read More » -
CISA Warns: Ransomware Attackers Exploit VMware ESXi Flaw
A critical VMware ESXi vulnerability (CVE-2025-22225) is now actively exploited by ransomware groups, prompting urgent patching calls from CISA. The flaw is part of a trio of zero-days; new analysis reveals a toolkit weaponizing all three, potentially developed by Chinese-speaking actors as early...
Read More » -
Critical Flaw Exposes 10K+ Fortinet Firewalls to 2FA Bypass
A critical five-year-old Fortinet firewall flaw (CVE-2020-12812) allows attackers to bypass two-factor authentication by altering a username's case, and over 10,000 vulnerable devices remain exposed online. Despite a patch being available since 2020, attackers are actively exploiting the vulnerab...
Read More » -
Pall Mall Process: Defining Responsible Cyber Intrusion
The Pall Mall Process, a joint UK-France initiative with 27 governments and major tech firms, aims to establish international standards for the commercial cyber intrusion industry to curb dangerous practices while acknowledging legitimate security needs. The process is currently consulting with i...
Read More » -
Google: BrickStorm Malware Stole U.S. Data for a Year
A sophisticated cyber espionage campaign using BrickStorm malware successfully stole sensitive data from American technology, legal, SaaS, and BPO companies for over a year before being detected. The malware, attributed to China-linked group UNC5221, is a versatile backdoor that operates stealthi...
Read More » -
AI Forces Boards to Rethink Security Governance
Corporate boards are shifting from simply approving cybersecurity budgets to demanding evidence that these investments contribute to measurable business growth and resilience, while also addressing risks from AI, automation, and edge computing. Organizations using agentic AI for security report s...
Read More » -
NSA-Reported VMware Flaws Patched by Broadcom
Broadcom has released critical patches for two VMware NSX vulnerabilities (CVE-2025-41251 and CVE-2025-41252) that allow unauthenticated attackers to enumerate valid usernames, posing risks of unauthorized access. Additional high-severity flaws were addressed in VMware vCenter (CVE-2025-41250) an...
Read More » -
Google, Apple Issue Emergency Patches for Zero-Day Exploits
Google and Apple issued emergency patches for actively exploited zero-day vulnerabilities, highlighting the threat from advanced, likely state-sponsored hacking operations. The vulnerabilities were identified through a joint effort by Apple's security team and Google's Threat Analysis Group, whic...
Read More » -
CISA Warns of Active Android Attacks - Update Now
CISA has issued an urgent directive for federal employees to apply critical Android security updates by December 23 or stop using their devices, serving as a severe warning to all consumers about active threats. Google and Samsung have confirmed severe, actively exploited vulnerabilities that can...
Read More » -
Spyware Firm CEO Admits Government Client Misused Its Malware
Kaspersky uncovered the Dante spyware, linked to Italy's Memento Labs, which targeted Windows users in Russia and Belarus and was acknowledged by the firm's CEO as their outdated product. Memento Labs, formed from the remnants of the notorious Hacking Team, has shifted focus to mobile spyware and...
Read More » -
Hackers Weaponize Hexstrike-AI to Speed Up Cyberattacks
A new AI-driven tool called Hexstrike-AI, designed for cybersecurity testing, is being misused by threat actors to rapidly exploit vulnerabilities, particularly targeting Citrix NetScaler zero-day flaws. The tool automates complex tasks like reconnaissance, exploit crafting, and payload deploymen...
Read More » -
Urgent Apple Update Fixes Critical Security Exploits
Apple has released urgent security patches for two actively exploited zero-day vulnerabilities (CVE-2025-14174 and CVE-2025-43529) in its WebKit browser engine, which is used across iPhones, iPads, and Macs. The flaws, discovered through a collaboration between Apple and Google, could allow memor...
Read More » -
EU Staff Data Exposed in European Commission Security Breach
The European Commission suffered a cybersecurity breach on January 30th, exposing staff personal data, but the incident was contained within nine hours without device compromise. The attack exploited vulnerabilities in Ivanti Endpoint Manager Mobile software, mirroring a wider campaign targeting ...
Read More » -
Palo Alto Firewall Flaw Lets Hackers Trigger DoS Attacks
A critical vulnerability (CVE-2026-0227) in Palo Alto firewalls could allow unauthenticated attackers to remotely disable them via a denial-of-service attack, forcing devices into an unprotected maintenance mode. Palo Alto Networks has issued patches for affected PAN-OS versions and Prisma Access...
Read More » -
CISA Alerts: Chinese "BrickStorm" Malware Targets VMware Servers
A sophisticated Chinese-linked malware campaign called "Brickstorm" is targeting VMware vSphere servers, using hidden virtual machines to steal credentials and compromise networks, as detailed by U.S. and Canadian cybersecurity agencies. The malware employs advanced evasion techniques like encryp...
Read More » -
Noisy Ransomware Uncovered a Long-Term Espionage Operation
A ransomware group's disruptive attack on two Russian companies inadvertently exposed a long-running, sophisticated cyber espionage operation, highlighting how a visible breach can mask a more insidious threat. The espionage group, QuietCrabs, used a stealthy multi-stage attack with unique malwar...
Read More » -
Ex-L3Harris Exec Convicted for Selling Cyber Exploits to Russia
Peter Williams, a former L3Harris Trenchant executive, pleaded guilty to stealing and selling classified cybersecurity materials to a Russian entity from 2022 to 2025, involving at least eight protected cyber-exploit components. He used his senior position and security clearance to steal trade se...
Read More » -
Microsoft Secures IE Mode After Hackers Exploit Legacy Backdoor
Microsoft has strengthened Internet Explorer mode security in Edge after attackers exploited zero-day vulnerabilities in August 2025, using social engineering to compromise systems. Attackers tricked users into reloading pages in IE mode, leveraging Chakra engine exploits for remote code executio...
Read More » -
Microsoft, Adobe, SAP Issue Critical September 2025 Patch Tuesday Updates
The September 2025 Patch Tuesday included critical security updates from Microsoft, Adobe, and SAP, addressing numerous vulnerabilities not currently under active exploitation. Microsoft patched over 80 flaws, including a privilege escalation issue in Windows NTLM and a high-risk remote code exec...
Read More » -
Your Digital Footprint: How Geolocation Puts Your Privacy at Risk
Geolocation data from smartphones and apps creates a significant privacy risk, enabling cybercriminals to exploit traceable information for targeted attacks. These geofenced threats, like the Stuxnet worm, can remain dormant until reaching specific locations, making early detection difficult and ...
Read More » -
Microsoft Teams Targeted by Fake IT Support Scams
A new wave of phishing attacks is exploiting Microsoft Teams, using fake IT support accounts to trick employees into installing malware that gives attackers full network control. Attackers are shifting from email to Teams due to its trusted role in business, impersonating IT staff to deploy remot...
Read More » -
Clop Hackers Stole Data Using Oracle Zero-Day Since August
The Clop ransomware group exploited a critical zero-day vulnerability (CVE-2025-61882) in Oracle's E-Business Suite, enabling remote code execution and leading to widespread data theft and extortion attempts. Security researchers and analysts confirmed the vulnerability allows unauthenticated att...
Read More » -
MFA Bypass Leads to Major Infostealer Attack on 50 Firms
A major data breach affecting around 50 global companies was enabled by the lack of multi-factor authentication (MFA), allowing an attacker to use stolen credentials for cloud file-sharing platforms. The attacker, using credentials harvested by infostealer malware, accessed accounts where passwor...
Read More » -
Fortinet warns of critical FortiCloud SSO auth bypass flaw
Fortinet has patched two critical authentication bypass vulnerabilities (CVE-2025-59718 & CVE-2025-59719) in several products, which could allow attackers to gain unauthorized access via a crafted SAML message. The affected FortiCloud SSO feature is not enabled by default on new devices, but it i...
Read More » -
CISA Urges Immediate VMware Patch for Chinese Hacker Exploit
CISA has issued an urgent directive for U.S. government agencies to patch a critical VMware vulnerability (CVE-2025-41244) that allows privilege escalation to root level, requiring action within three weeks. The vulnerability is actively exploited by UNC5174, a Chinese state-sponsored group, whic...
Read More » -
Checkout.com donates ransom to charity after data breach
Checkout.com experienced a data breach when the ShinyHunters cybercrime group accessed a legacy cloud storage system, but the company has refused to pay the ransom. The compromised data includes internal documents and customer onboarding materials from 2020 and earlier, affecting a minority of cu...
Read More » -
Microsoft fixes critical Office zero-day under active attack
Microsoft has urgently patched a critical, actively exploited zero-day vulnerability (CVE-2026-21509) in Office, which allows attackers to bypass security features by tricking users into opening malicious files. While patches are available for Office 2021, LTSC 2021/2024, and Microsoft 365, secur...
Read More » -
Stolen Credentials: Why Hackers Still Prefer Them
Stolen credentials are cybercriminals' top tool due to their simplicity and effectiveness, bypassing the need for advanced hacking techniques. Passwords remain the weakest security link, with slow adoption of stronger measures like MFA and passkeys, while reused passwords amplify risks. Combolist...
Read More » -
IT Leaders' Top 2026 Fears: AI and Cyber Risk
Cybersecurity threats are the top disruptor shaping IT strategy for 2026, with AI advancement and regulation as a close second major concern. AI-generated attacks are viewed as the most significant threat to data integrity, leading to strategic investments in cybersecurity and data resilience. Mo...
Read More »