Zero-Day Exploits

Fortinet VPN Brute-Force Attacks Signal Potential Zero-Day Exploits

Threat Intelligence

Fortinet VPN Brute-Force Attacks Signal Potential Zero-Day Exploits

A significant increase in brute-force attacks targeting Fortinet SSL VPNs has raised concerns about potential zero-day vulnerabilities....

Microsoft August 2025 Patch Tuesday: Zero-Day in Windows Kerberos Among 107 Flaws

CVE News

Microsoft August 2025 Patch Tuesday: Zero-Day in Windows Kerberos Among 107 Flaws

Microsoft’s August 2025 Patch Tuesday addresses 107 security vulnerabilities, including one actively exploited zero-day in Windows Kerberos....

WinRAR Zero-Day Exploited in Phishing Attacks to Deploy RomCom Malware

CVE News

WinRAR Zero-Day Exploited in Phishing Attacks to Deploy RomCom Malware

A critical WinRAR vulnerability, tracked as CVE-2025-8088, was actively exploited as a zero-day in phishing campaigns to...

OpenVSX Zero-Day Vulnerability: How a Single Flaw Threatened Millions of Developer Environments

CVE News

OpenVSX Zero-Day Vulnerability: How a Single Flaw Threatened Millions of Developer Environments

A critical vulnerability in OpenVSX, the open-source extension marketplace used by popular VS Code forks like Cursor...

Microsoft’s July 2025 Patch Tuesday Addresses 137 Vulnerabilities Including Critical WebDAV Zero-Day

CVE News

Microsoft’s July 2025 Patch Tuesday Addresses 137 Vulnerabilities Including Critical WebDAV Zero-Day

Microsoft’s July 2025 Patch Tuesday has released security updates addressing 137 vulnerabilities across its product line, including...

Graphite Spyware Targets Journalists via iOS Zero-Click Exploits

APT-News

Graphite Spyware Targets Journalists via iOS Zero-Click Exploits

Forensic investigations have confirmed the use of Paragon’s Graphite spyware in zero-click attacks against Apple iOS devices...

Qualcomm Patches Actively Exploited Adreno GPU Zero-Day Vulnerabilities

CVE News

Qualcomm Patches Actively Exploited Adreno GPU Zero-Day Vulnerabilities

Qualcomm has addressed three critical zero-day vulnerabilities in its Adreno Graphics Processing Unit (GPU) driver that were...

Apple Safari Fullscreen BitM Attack: Exploitation and Mitigation

CVE News

Apple Safari Fullscreen BitM Attack: Exploitation and Mitigation

A newly identified weakness in Apple’s Safari browser enables attackers to execute fullscreen browser-in-the-middle (BitM) attacks, potentially...

Critical Unpatched Vulnerabilities in Versa Concerto Expose Systems to Auth Bypass and RCE

CVE News

Critical Unpatched Vulnerabilities in Versa Concerto Expose Systems to Auth Bypass and RCE

Multiple critical vulnerabilities in Versa Networks’ Concerto platform remain unpatched, exposing enterprise networks to authentication bypass and...

Ivanti EPMM Zero-Days Exploited in Chained Remote Code Execution Attacks

CVE News

Ivanti EPMM Zero-Days Exploited in Chained Remote Code Execution Attacks

Ivanti has issued an urgent patch advisory for two zero-day vulnerabilities (CVE-2025-4427 and CVE-2025-4428) affecting its Endpoint...

Microsoft May 2025 Patch Tuesday: 5 Exploited Zero-Days and 72 Flaws Addressed

CVE News

Microsoft May 2025 Patch Tuesday: 5 Exploited Zero-Days and 72 Flaws Addressed

Microsoft’s May 2025 Patch Tuesday has delivered critical security updates addressing 72 vulnerabilities, including five zero-days actively...

Fortinet Patches Critical Zero-Day Exploit in FortiVoice Enterprise Systems

CVE News

Fortinet Patches Critical Zero-Day Exploit in FortiVoice Enterprise Systems

Fortinet has released urgent security updates to address a critical remote code execution (RCE) vulnerability actively exploited...

Google Patches Actively Exploited Android System Vulnerability in May 2025 Update

CVE News

Google Patches Actively Exploited Android System Vulnerability in May 2025 Update

Google has addressed 46 security flaws in its May 2025 Android security updates, including a high-severity vulnerability...

Apple AirPlay Zero-Click RCE Vulnerabilities: Technical Analysis and Mitigation

CVE News

Apple AirPlay Zero-Click RCE Vulnerabilities: Technical Analysis and Mitigation

A set of critical vulnerabilities in Apple’s AirPlay Protocol and AirPlay SDK, collectively dubbed “AirBorne,” exposes devices...

Apache Tomcat CVE-2025-23181: Unprivileged Command Execution Vulnerability Analysis

CVE News

Apache Tomcat CVE-2025-23181: Unprivileged Command Execution Vulnerability Analysis

A newly disclosed vulnerability in Apache Tomcat, tracked as CVE-2025-23181, allows unprivileged command execution with a CVSS...

19 APT Groups Exploit Vulnerabilities and Spear Phishing in Asia-Based Attacks

APT-News

19 APT Groups Exploit Vulnerabilities and Spear Phishing in Asia-Based Attacks

Recent research by NSFOCUS Fuying Laboratory has uncovered 19 distinct Advanced Persistent Threat (APT) campaigns targeting organizations...

Analysis of iOS Darwin Notification Vulnerability: Impact and Mitigation

CVE News

Analysis of iOS Darwin Notification Vulnerability: Impact and Mitigation

A newly disclosed vulnerability in Apple’s iOS operating system (CVE-2025-24091) allows malicious applications to trigger an irreversible...

Android Malware and Zero-Day Exploits: April 2025 Security Roundup

Threat Intelligence

Android Malware and Zero-Day Exploits: April 2025 Security Roundup

The fourth week of April 2025 saw significant developments in mobile security, particularly around Android malware campaigns...

TechCrunch Cyber Glossary: Key Security Terms and 2025 Threat Landscape

Threat Intelligence

TechCrunch Cyber Glossary: Key Security Terms and 2025 Threat Landscape

TechCrunch’s updated Cyber Glossary serves as a definitive reference for security professionals, clarifying terminology used in modern...

Lazarus Group Targets South Korean Firms with Cross EX, Innorix Exploits and ThreatNeedle Malware

APT-News

Lazarus Group Targets South Korean Firms with Cross EX, Innorix Exploits and ThreatNeedle Malware

The North Korea-linked Lazarus Group has launched a sophisticated campaign targeting at least six South Korean organizations...

Posts pagination

1 2 3 Next

Zero-Day Exploits

Fortinet VPN Brute-Force Attacks Signal Potential Zero-Day Exploits

Microsoft August 2025 Patch Tuesday: Zero-Day in Windows Kerberos Among 107 Flaws

WinRAR Zero-Day Exploited in Phishing Attacks to Deploy RomCom Malware

OpenVSX Zero-Day Vulnerability: How a Single Flaw Threatened Millions of Developer Environments

Microsoft’s July 2025 Patch Tuesday Addresses 137 Vulnerabilities Including Critical WebDAV Zero-Day

Graphite Spyware Targets Journalists via iOS Zero-Click Exploits

Qualcomm Patches Actively Exploited Adreno GPU Zero-Day Vulnerabilities

Apple Safari Fullscreen BitM Attack: Exploitation and Mitigation

Critical Unpatched Vulnerabilities in Versa Concerto Expose Systems to Auth Bypass and RCE

Ivanti EPMM Zero-Days Exploited in Chained Remote Code Execution Attacks

Microsoft May 2025 Patch Tuesday: 5 Exploited Zero-Days and 72 Flaws Addressed

Fortinet Patches Critical Zero-Day Exploit in FortiVoice Enterprise Systems

Google Patches Actively Exploited Android System Vulnerability in May 2025 Update

Apple AirPlay Zero-Click RCE Vulnerabilities: Technical Analysis and Mitigation

Apache Tomcat CVE-2025-23181: Unprivileged Command Execution Vulnerability Analysis

19 APT Groups Exploit Vulnerabilities and Spear Phishing in Asia-Based Attacks

Analysis of iOS Darwin Notification Vulnerability: Impact and Mitigation

Android Malware and Zero-Day Exploits: April 2025 Security Roundup

TechCrunch Cyber Glossary: Key Security Terms and 2025 Threat Landscape

Lazarus Group Targets South Korean Firms with Cross EX, Innorix Exploits and ThreatNeedle Malware

You may have missed

U.S. Sanctions Grinex Crypto-Exchange as Garantex Successor in Crackdown on Ransomware Money Laundering

Meta’s Erroneous Instagram Account Bans: Technical Implications for Security Teams

Supreme Court’s Decision on Mississippi Social Media Age Verification Law: Technical and Legal Implications

Microsoft Resolves Critical Windows Server Cluster and VM Stability Issues