Zero-Day Exploits

Ivanti EPMM Zero-Days Exploited in Chained Remote Code Execution Attacks

CVE News

Ivanti EPMM Zero-Days Exploited in Chained Remote Code Execution Attacks

Ivanti has issued an urgent patch advisory for two zero-day vulnerabilities (CVE-2025-4427 and CVE-2025-4428) affecting its Endpoint...

Microsoft May 2025 Patch Tuesday: 5 Exploited Zero-Days and 72 Flaws Addressed

CVE News

Microsoft May 2025 Patch Tuesday: 5 Exploited Zero-Days and 72 Flaws Addressed

Microsoft’s May 2025 Patch Tuesday has delivered critical security updates addressing 72 vulnerabilities, including five zero-days actively...

Fortinet Patches Critical Zero-Day Exploit in FortiVoice Enterprise Systems

CVE News

Fortinet Patches Critical Zero-Day Exploit in FortiVoice Enterprise Systems

Fortinet has released urgent security updates to address a critical remote code execution (RCE) vulnerability actively exploited...

Google Patches Actively Exploited Android System Vulnerability in May 2025 Update

CVE News

Google Patches Actively Exploited Android System Vulnerability in May 2025 Update

Google has addressed 46 security flaws in its May 2025 Android security updates, including a high-severity vulnerability...

Apple AirPlay Zero-Click RCE Vulnerabilities: Technical Analysis and Mitigation

CVE News

Apple AirPlay Zero-Click RCE Vulnerabilities: Technical Analysis and Mitigation

A set of critical vulnerabilities in Apple’s AirPlay Protocol and AirPlay SDK, collectively dubbed “AirBorne,” exposes devices...

Apache Tomcat CVE-2025-23181: Unprivileged Command Execution Vulnerability Analysis

CVE News

Apache Tomcat CVE-2025-23181: Unprivileged Command Execution Vulnerability Analysis

A newly disclosed vulnerability in Apache Tomcat, tracked as CVE-2025-23181, allows unprivileged command execution with a CVSS...

19 APT Groups Exploit Vulnerabilities and Spear Phishing in Asia-Based Attacks

APT-News

19 APT Groups Exploit Vulnerabilities and Spear Phishing in Asia-Based Attacks

Recent research by NSFOCUS Fuying Laboratory has uncovered 19 distinct Advanced Persistent Threat (APT) campaigns targeting organizations...

Analysis of iOS Darwin Notification Vulnerability: Impact and Mitigation

CVE News

Analysis of iOS Darwin Notification Vulnerability: Impact and Mitigation

A newly disclosed vulnerability in Apple’s iOS operating system (CVE-2025-24091) allows malicious applications to trigger an irreversible...

Android Malware and Zero-Day Exploits: April 2025 Security Roundup

Threat Intelligence

Android Malware and Zero-Day Exploits: April 2025 Security Roundup

The fourth week of April 2025 saw significant developments in mobile security, particularly around Android malware campaigns...

TechCrunch Cyber Glossary: Key Security Terms and 2025 Threat Landscape

Threat Intelligence

TechCrunch Cyber Glossary: Key Security Terms and 2025 Threat Landscape

TechCrunch’s updated Cyber Glossary serves as a definitive reference for security professionals, clarifying terminology used in modern...

Lazarus Group Targets South Korean Firms with Cross EX, Innorix Exploits and ThreatNeedle Malware

APT-News

Lazarus Group Targets South Korean Firms with Cross EX, Innorix Exploits and ThreatNeedle Malware

The North Korea-linked Lazarus Group has launched a sophisticated campaign targeting at least six South Korean organizations...

Active! Mail Zero-Day RCE Exploited in Attacks Against Japanese Organizations

CVE News

Active! Mail Zero-Day RCE Exploited in Attacks Against Japanese Organizations

A critical zero-day remote code execution (RCE) vulnerability in Active! Mail, a widely used Japanese webmail client,...

Ivanti Connect Secure Zero-Day Exploited by China-Linked APT Since Mid-March 2025

CVE News

Ivanti Connect Secure Zero-Day Exploited by China-Linked APT Since Mid-March 2025

Ivanti has released critical patches for two zero-day vulnerabilities (CVE-2025-22457 and CVE-2025-0282) in its Connect Secure (ICS),...

iPhone Security Alert: Banking Malware and Zero-Day Exploits Threaten Users

Threat Intelligence

iPhone Security Alert: Banking Malware and Zero-Day Exploits Threaten Users

A new wave of cyber threats targeting iPhone users has prompted urgent warnings from security experts. Malicious...

Apache NotFound PluginPass Path Traversal Vulnerability (CVE-2024-54291): Analysis and Mitigation

CVE News

Apache NotFound PluginPass Path Traversal Vulnerability (CVE-2024-54291): Analysis and Mitigation

A newly disclosed path traversal vulnerability (CVE-2024-54291) in Apache’s NotFound PluginPass has been rated with a high...

Mozilla Patches Critical Windows Sandbox Escape Flaw Linked to Chrome Zero-Day

CVE News

Mozilla Patches Critical Windows Sandbox Escape Flaw Linked to Chrome Zero-Day

Mozilla has issued an emergency update for Firefox on Windows to address a critical sandbox escape vulnerability...

Firefox and Chrome Zero-Days Highlight Systemic Sandbox Risks

CVE News

Firefox and Chrome Zero-Days Highlight Systemic Sandbox Risks

Mozilla has released emergency updates to patch a critical sandbox escape vulnerability (CVE-2025-2857) in Firefox for Windows,...

Mobile Security & Malware Threats: Critical Vulnerabilities and Emerging Risks in March 2025

CVE News

Mobile Security & Malware Threats: Critical Vulnerabilities and Emerging Risks in March 2025

The fourth week of March 2025 has brought significant developments in mobile security and malware, with critical...

Memory Forensics Exposes Ivanti VPN Zero-Day Exploits: A Critical Security Breakdown

Threat Intelligence

Memory Forensics Exposes Ivanti VPN Zero-Day Exploits: A Critical Security Breakdown

Recent forensic investigations by Volexity have uncovered a sophisticated attack campaign exploiting two chained zero-day vulnerabilities in...

Critical Zero-Day Exploit in Palo Alto GlobalProtect Firewalls (CVE-2024-3400) Actively Exploited

CVE News

Critical Zero-Day Exploit in Palo Alto GlobalProtect Firewalls (CVE-2024-3400) Actively Exploited

A critical zero-day vulnerability (CVE-2024-3400) in Palo Alto Networks’ PAN-OS firewalls has been actively exploited since at...

Posts pagination

1 2 Next

Zero-Day Exploits

Ivanti EPMM Zero-Days Exploited in Chained Remote Code Execution Attacks

Microsoft May 2025 Patch Tuesday: 5 Exploited Zero-Days and 72 Flaws Addressed

Fortinet Patches Critical Zero-Day Exploit in FortiVoice Enterprise Systems

Google Patches Actively Exploited Android System Vulnerability in May 2025 Update

Apple AirPlay Zero-Click RCE Vulnerabilities: Technical Analysis and Mitigation

Apache Tomcat CVE-2025-23181: Unprivileged Command Execution Vulnerability Analysis

19 APT Groups Exploit Vulnerabilities and Spear Phishing in Asia-Based Attacks

Analysis of iOS Darwin Notification Vulnerability: Impact and Mitigation

Android Malware and Zero-Day Exploits: April 2025 Security Roundup

TechCrunch Cyber Glossary: Key Security Terms and 2025 Threat Landscape

Lazarus Group Targets South Korean Firms with Cross EX, Innorix Exploits and ThreatNeedle Malware

Active! Mail Zero-Day RCE Exploited in Attacks Against Japanese Organizations

Ivanti Connect Secure Zero-Day Exploited by China-Linked APT Since Mid-March 2025

iPhone Security Alert: Banking Malware and Zero-Day Exploits Threaten Users

Apache NotFound PluginPass Path Traversal Vulnerability (CVE-2024-54291): Analysis and Mitigation

Mozilla Patches Critical Windows Sandbox Escape Flaw Linked to Chrome Zero-Day

Firefox and Chrome Zero-Days Highlight Systemic Sandbox Risks

Mobile Security & Malware Threats: Critical Vulnerabilities and Emerging Risks in March 2025

Memory Forensics Exposes Ivanti VPN Zero-Day Exploits: A Critical Security Breakdown

Critical Zero-Day Exploit in Palo Alto GlobalProtect Firewalls (CVE-2024-3400) Actively Exploited

You may have missed

Procolored Printer Drivers Distributed Malware for Six Months: Technical Analysis and Mitigation

Tor Oniux: Kernel-Level Network Anonymization for Linux Applications

Google Chrome’s Security Update: Blocking Admin-Level Launches in Windows

Australian Human Rights Commission Data Breach: Technical Analysis and Impact