Topic: zero-day vulnerability
-
Libraesva ESG Zero-Day Exploited in Active Attacks (CVE-2025-59689)
A critical zero-day vulnerability (CVE-2025-59689) in the Libraesva Email Security Gateway is being actively exploited by a suspected state-sponsored actor, allowing arbitrary command execution on affected systems. The flaw is a command injection vulnerability caused by improper input sanitizatio...
Read More » -
Fortinet Patches Critical FortiCloud SSO Zero-Day Under Attack
Fortinet has patched a critical zero-day vulnerability (CVE-2026-24858) that allowed attackers to bypass authentication and gain unauthorized administrative access to firewalls and other security appliances. The flaw specifically affected systems with the FortiCloud Single Sign-On feature enabled...
Read More » -
Logitech Data Breach Exposes User Information
Logitech experienced a data breach due to a zero-day vulnerability in third-party software, leading to unauthorized data copying, but the company promptly patched the issue after a fix was released. The stolen data includes information on employees, consumers, customers, and suppliers, but sensit...
Read More » -
Fortinet Patches Actively Exploited FortiWeb Zero-Day
Fortinet has patched a critical zero-day vulnerability (CVE-2025-64446) in its FortiWeb firewall, which is being actively exploited to create unauthorized admin accounts via unauthenticated HTTP requests. The flaw affects FortiWeb versions 8.0.1 and earlier, with a fix available in version 8.0.2,...
Read More » -
Active Exploit Targets Suspected FortiWeb Zero-Day
A critical zero-day vulnerability (CVE-2025-64446) in Fortinet's FortiWeb is being actively exploited, allowing unauthenticated attackers to create unauthorized admin accounts and gain full administrative access. Fortinet silently patched the flaw in multiple versions, including 8.0.2, but delaye...
Read More » -
Microsoft Patches Critical Zero-Day and 63 Flaws
Microsoft's November 2025 Patch Tuesday addresses 63 vulnerabilities, including one actively exploited zero-day and four critical issues, requiring immediate deployment by system administrators. The update includes the first extended security update (ESU) for Windows 10, urging organizations to u...
Read More » -
CISA Flags Spyware Zero-Day in Urgent Security Alert
US authorities issued a critical security alert for a high-risk vulnerability in Samsung mobile devices, exploited since mid-2024 to install spyware via malicious files on WhatsApp. The vulnerability, CVE-2025-21042 with a CVSS score of 9.8, enables attackers to use LandFall spyware for surveilla...
Read More » -
Zero-Day Attack Hits Gladinet File Sharing Software
A zero-day vulnerability (CVE-2025-11371) in Gladinet's CentreStack and Triofox platforms allows unauthenticated attackers to access sensitive files via Local File Inclusion, with at least three organizations already targeted. Attackers exploit the LFI flaw to retrieve machine keys and chain it w...
Read More » -
Sitecore Zero-Day Exploit Actively Attacked (CVE-2025-53690)
A critical zero-day vulnerability (CVE-2025-53690) in Sitecore on-premises deployments is being actively exploited, allowing unauthorized access and remote code execution. Attackers leverage a known sample ASP.NET machine key to exploit ViewState deserialization, enabling them to deploy malware, ...
Read More » -
Critical Zero-Day Threat for Cursor & Windsurf Users Exposed
A zero-day vulnerability in AI coding tools (e.g., Cursor, Windsurf) exposed developers to machine hijacking via compromised extensions, with attackers exploiting OpenVSX's automated publishing system. The flaw, dubbed VSXPloit, allowed attackers to push malicious updates silently through depende...
Read More » -
Google Patches Critical Chrome Zero-Day Flaw (CVE-2025-10585)
Google has released an urgent security update for Chrome to fix a zero-day vulnerability (CVE-2025-10585) that is being actively exploited, particularly by state-sponsored threat actors. The flaw is a type confusion issue in Chrome's V8 JavaScript engine, marking the second such vulnerability pat...
Read More » -
Cox Enterprises Hit by Oracle EBS Data Breach
Cox Enterprises suffered a data breach after hackers exploited a zero-day vulnerability in Oracle's E-Business Suite, compromising personal information of thousands and delaying detection until weeks after the attack. The Cl0p ransomware group claimed responsibility, known for weaponizing undisco...
Read More » -
Salesloft & Drift Breach, Sitecore 0-Day: Weekly Security Roundup
Major cybersecurity incidents occurred, including supply chain breaches at companies like Zscaler and Palo Alto Networks through a compromised Salesforce environment, and active exploitation of critical vulnerabilities in Sitecore and SAP S/4HANA software. Artificial intelligence is increasingly ...
Read More » -
Harvard Probes Data Breach from Oracle Zero-Day Flaw
Harvard University is investigating a potential data breach after the Clop ransomware group listed it on its leak portal, likely due to a zero-day vulnerability in Oracle's E-Business Suite servers. The university confirmed the issue is widespread among Oracle clients, applied the security patch ...
Read More » -
GlobalLogic Alerts 10,000 Staff to Data Theft After Oracle Hack
GlobalLogic notified over 10,000 current and former employees of a data breach after attackers exploited a zero-day vulnerability in Oracle's E-Business Suite, compromising sensitive HR data. The breach, attributed to the Clop ransomware group, involved the theft of extensive personal and financi...
Read More » -
Ransomware Hackers Exploit Misconfigured EDR to Disable Security
Modern ransomware groups exploit minor security oversights, such as human error and misconfigurations, to bypass multi-factor authentication and disable critical defenses like EDR systems. Attackers used a variety of tools, including common utilities and legitimate Windows drivers, to disable sec...
Read More » -
SonicWall firewalls targeted in rising Akira ransomware attacks
SonicWall firewalls are being targeted in Akira ransomware attacks, potentially exploiting an undisclosed security flaw, with attackers using compromised SSL VPN connections for initial access. Akira ransomware has extorted over $42 million from 250+ victims, employing tactics like routing authen...
Read More » -
Clop Ransomware Claims Massive 3.5M University of Phoenix Breach
A data breach at the University of Phoenix compromised approximately 3.5 million people, with attackers stealing highly sensitive personal and financial information, including Social Security and bank account numbers. The breach was part of a widespread campaign by the Clop ransomware gang, which...
Read More » -
Dartmouth College Hit by Clop Ransomware Data Breach
Dartmouth College experienced a data breach by the Clop ransomware group, which exploited a zero-day vulnerability in Oracle E-Business Suite to steal personal data, including names and Social Security numbers. The breach affected at least 1,494 individuals, with financial account details also co...
Read More » -
SonicWall Zero-Day Exploit Patched (CVE-2025-40602)
SonicWall has released a critical update for a new, actively exploited local privilege escalation flaw (CVE-2025-40602) in its SMA 1000 series appliances, urging immediate patching. This vulnerability is especially dangerous when chained with a previously patched flaw (CVE-2025-23006), allowing a...
Read More » -
SonicWall SMA Devices Still Infected with Stealthy OVERSTEP Malware
Cybersecurity experts discovered a malware campaign targeting outdated SonicWall SMA 100 devices, deploying the stealthy OVERSTEP backdoor via stolen admin credentials and potential vulnerabilities. The OVERSTEP malware hijacks system functions, steals sensitive data, and evades detection, with a...
Read More » -
Baker University Data Breach Exposes 53,000 People in 2024
A data breach at Baker University compromised the sensitive personal information of over 53,000 individuals, including Social Security numbers, financial details, and medical records. The university discovered unauthorized network access in December 2024 and is offering credit monitoring, but has...
Read More » -
Urgent Oracle EBS Vulnerability Alert (CVE-2025-61884)
A critical security flaw, CVE-2025-61884, has been identified in Oracle's E-Business Suite, affecting versions 12.2.3 to 12.2.14 and potentially earlier versions like 12.1.3, allowing unauthenticated attackers to exploit it via HTTP. Exploitation of this vulnerability could result in unauthorized...
Read More »