Topic: zero-day vulnerability
-
Libraesva ESG Zero-Day Exploited in Active Attacks (CVE-2025-59689)
A critical zero-day vulnerability (CVE-2025-59689) in the Libraesva Email Security Gateway is being actively exploited by a suspected state-sponsored actor, allowing arbitrary command execution on affected systems. The flaw is a command injection vulnerability caused by improper input sanitizatio...
Read More » -
Urgent Patch for Critical Cisco SD-WAN Zero-Day Flaw
A critical, actively exploited zero-day vulnerability (CVE-2026-20127) in Cisco SD-WAN products has prompted an urgent joint alert from international cybersecurity agencies, demanding immediate patching. The flaw allows an unauthenticated attacker to bypass security and gain full administrative c...
Read More » -
Cisco SD-WAN Zero-Day Exploited Since 2023 (CVE-2026-20127)
A sophisticated threat actor has been exploiting a zero-day authentication bypass flaw (CVE-2026-20127) in Cisco's Catalyst SD-WAN Controller since at least 2023, gaining high-privileged access to manipulate network configurations. The campaign, attributed to group UAT-8616, uses stealthy techniq...
Read More » -
Apple's Critical Security Update: Install Now
Apple has released an urgent security patch (CVE-2026-20700) for a zero-day vulnerability that is being actively exploited across its major device lines. The flaw, a memory corruption issue, allows attackers to execute arbitrary code for purposes like spyware installation or silent device takeove...
Read More » -
Apple Patches Critical Zero-Day Flaw Actively Exploited in Attacks
Apple has patched a critical zero-day vulnerability (CVE-2026-20700) in its dyld component, which was exploited in a sophisticated, targeted attack against older iOS versions. The updates also fix two related WebKit vulnerabilities, all discovered and reported by Google's Threat Analysis Group, t...
Read More » -
Fortinet Patches Critical FortiCloud SSO Zero-Day Under Attack
Fortinet has patched a critical zero-day vulnerability (CVE-2026-24858) that allowed attackers to bypass authentication and gain unauthorized administrative access to firewalls and other security appliances. The flaw specifically affected systems with the FortiCloud Single Sign-On feature enabled...
Read More » -
Logitech Data Breach Exposes User Information
Logitech experienced a data breach due to a zero-day vulnerability in third-party software, leading to unauthorized data copying, but the company promptly patched the issue after a fix was released. The stolen data includes information on employees, consumers, customers, and suppliers, but sensit...
Read More » -
Fortinet Patches Actively Exploited FortiWeb Zero-Day
Fortinet has patched a critical zero-day vulnerability (CVE-2025-64446) in its FortiWeb firewall, which is being actively exploited to create unauthorized admin accounts via unauthenticated HTTP requests. The flaw affects FortiWeb versions 8.0.1 and earlier, with a fix available in version 8.0.2,...
Read More » -
Active Exploit Targets Suspected FortiWeb Zero-Day
A critical zero-day vulnerability (CVE-2025-64446) in Fortinet's FortiWeb is being actively exploited, allowing unauthenticated attackers to create unauthorized admin accounts and gain full administrative access. Fortinet silently patched the flaw in multiple versions, including 8.0.2, but delaye...
Read More » -
Microsoft Patches Critical Zero-Day and 63 Flaws
Microsoft's November 2025 Patch Tuesday addresses 63 vulnerabilities, including one actively exploited zero-day and four critical issues, requiring immediate deployment by system administrators. The update includes the first extended security update (ESU) for Windows 10, urging organizations to u...
Read More » -
CISA Flags Spyware Zero-Day in Urgent Security Alert
US authorities issued a critical security alert for a high-risk vulnerability in Samsung mobile devices, exploited since mid-2024 to install spyware via malicious files on WhatsApp. The vulnerability, CVE-2025-21042 with a CVSS score of 9.8, enables attackers to use LandFall spyware for surveilla...
Read More » -
Zero-Day Attack Hits Gladinet File Sharing Software
A zero-day vulnerability (CVE-2025-11371) in Gladinet's CentreStack and Triofox platforms allows unauthenticated attackers to access sensitive files via Local File Inclusion, with at least three organizations already targeted. Attackers exploit the LFI flaw to retrieve machine keys and chain it w...
Read More » -
Sitecore Zero-Day Exploit Actively Attacked (CVE-2025-53690)
A critical zero-day vulnerability (CVE-2025-53690) in Sitecore on-premises deployments is being actively exploited, allowing unauthorized access and remote code execution. Attackers leverage a known sample ASP.NET machine key to exploit ViewState deserialization, enabling them to deploy malware, ...
Read More » -
Critical Zero-Day Threat for Cursor & Windsurf Users Exposed
A zero-day vulnerability in AI coding tools (e.g., Cursor, Windsurf) exposed developers to machine hijacking via compromised extensions, with attackers exploiting OpenVSX's automated publishing system. The flaw, dubbed VSXPloit, allowed attackers to push malicious updates silently through depende...
Read More » -
Google Patches Critical Chrome Zero-Day Flaw (CVE-2025-10585)
Google has released an urgent security update for Chrome to fix a zero-day vulnerability (CVE-2025-10585) that is being actively exploited, particularly by state-sponsored threat actors. The flaw is a type confusion issue in Chrome's V8 JavaScript engine, marking the second such vulnerability pat...
Read More » -
Cox Enterprises Hit by Oracle EBS Data Breach
Cox Enterprises suffered a data breach after hackers exploited a zero-day vulnerability in Oracle's E-Business Suite, compromising personal information of thousands and delaying detection until weeks after the attack. The Cl0p ransomware group claimed responsibility, known for weaponizing undisco...
Read More » -
Salesloft & Drift Breach, Sitecore 0-Day: Weekly Security Roundup
Major cybersecurity incidents occurred, including supply chain breaches at companies like Zscaler and Palo Alto Networks through a compromised Salesforce environment, and active exploitation of critical vulnerabilities in Sitecore and SAP S/4HANA software. Artificial intelligence is increasingly ...
Read More » -
Harvard Probes Data Breach from Oracle Zero-Day Flaw
Harvard University is investigating a potential data breach after the Clop ransomware group listed it on its leak portal, likely due to a zero-day vulnerability in Oracle's E-Business Suite servers. The university confirmed the issue is widespread among Oracle clients, applied the security patch ...
Read More » -
GlobalLogic Alerts 10,000 Staff to Data Theft After Oracle Hack
GlobalLogic notified over 10,000 current and former employees of a data breach after attackers exploited a zero-day vulnerability in Oracle's E-Business Suite, compromising sensitive HR data. The breach, attributed to the Clop ransomware group, involved the theft of extensive personal and financi...
Read More » -
Ransomware Hackers Exploit Misconfigured EDR to Disable Security
Modern ransomware groups exploit minor security oversights, such as human error and misconfigurations, to bypass multi-factor authentication and disable critical defenses like EDR systems. Attackers used a variety of tools, including common utilities and legitimate Windows drivers, to disable sec...
Read More »