Zero-Day Exploits

Graphite Spyware Targets Journalists via iOS Zero-Click Exploits

APT-News

Graphite Spyware Targets Journalists via iOS Zero-Click Exploits

Forensic investigations have confirmed the use of Paragon’s Graphite spyware in zero-click attacks against Apple iOS devices...

Qualcomm Patches Actively Exploited Adreno GPU Zero-Day Vulnerabilities

CVE News

Qualcomm Patches Actively Exploited Adreno GPU Zero-Day Vulnerabilities

Qualcomm has addressed three critical zero-day vulnerabilities in its Adreno Graphics Processing Unit (GPU) driver that were...

Apple Safari Fullscreen BitM Attack: Exploitation and Mitigation

CVE News

Apple Safari Fullscreen BitM Attack: Exploitation and Mitigation

A newly identified weakness in Apple’s Safari browser enables attackers to execute fullscreen browser-in-the-middle (BitM) attacks, potentially...

Critical Unpatched Vulnerabilities in Versa Concerto Expose Systems to Auth Bypass and RCE

CVE News

Critical Unpatched Vulnerabilities in Versa Concerto Expose Systems to Auth Bypass and RCE

Multiple critical vulnerabilities in Versa Networks’ Concerto platform remain unpatched, exposing enterprise networks to authentication bypass and...

Ivanti EPMM Zero-Days Exploited in Chained Remote Code Execution Attacks

CVE News

Ivanti EPMM Zero-Days Exploited in Chained Remote Code Execution Attacks

Ivanti has issued an urgent patch advisory for two zero-day vulnerabilities (CVE-2025-4427 and CVE-2025-4428) affecting its Endpoint...

Microsoft May 2025 Patch Tuesday: 5 Exploited Zero-Days and 72 Flaws Addressed

CVE News

Microsoft May 2025 Patch Tuesday: 5 Exploited Zero-Days and 72 Flaws Addressed

Microsoft’s May 2025 Patch Tuesday has delivered critical security updates addressing 72 vulnerabilities, including five zero-days actively...

Fortinet Patches Critical Zero-Day Exploit in FortiVoice Enterprise Systems

CVE News

Fortinet Patches Critical Zero-Day Exploit in FortiVoice Enterprise Systems

Fortinet has released urgent security updates to address a critical remote code execution (RCE) vulnerability actively exploited...

Google Patches Actively Exploited Android System Vulnerability in May 2025 Update

CVE News

Google Patches Actively Exploited Android System Vulnerability in May 2025 Update

Google has addressed 46 security flaws in its May 2025 Android security updates, including a high-severity vulnerability...

Apple AirPlay Zero-Click RCE Vulnerabilities: Technical Analysis and Mitigation

CVE News

Apple AirPlay Zero-Click RCE Vulnerabilities: Technical Analysis and Mitigation

A set of critical vulnerabilities in Apple’s AirPlay Protocol and AirPlay SDK, collectively dubbed “AirBorne,” exposes devices...

Apache Tomcat CVE-2025-23181: Unprivileged Command Execution Vulnerability Analysis

CVE News

Apache Tomcat CVE-2025-23181: Unprivileged Command Execution Vulnerability Analysis

A newly disclosed vulnerability in Apache Tomcat, tracked as CVE-2025-23181, allows unprivileged command execution with a CVSS...

19 APT Groups Exploit Vulnerabilities and Spear Phishing in Asia-Based Attacks

APT-News

19 APT Groups Exploit Vulnerabilities and Spear Phishing in Asia-Based Attacks

Recent research by NSFOCUS Fuying Laboratory has uncovered 19 distinct Advanced Persistent Threat (APT) campaigns targeting organizations...

Analysis of iOS Darwin Notification Vulnerability: Impact and Mitigation

CVE News

Analysis of iOS Darwin Notification Vulnerability: Impact and Mitigation

A newly disclosed vulnerability in Apple’s iOS operating system (CVE-2025-24091) allows malicious applications to trigger an irreversible...

Android Malware and Zero-Day Exploits: April 2025 Security Roundup

Threat Intelligence

Android Malware and Zero-Day Exploits: April 2025 Security Roundup

The fourth week of April 2025 saw significant developments in mobile security, particularly around Android malware campaigns...

TechCrunch Cyber Glossary: Key Security Terms and 2025 Threat Landscape

Threat Intelligence

TechCrunch Cyber Glossary: Key Security Terms and 2025 Threat Landscape

TechCrunch’s updated Cyber Glossary serves as a definitive reference for security professionals, clarifying terminology used in modern...

Lazarus Group Targets South Korean Firms with Cross EX, Innorix Exploits and ThreatNeedle Malware

APT-News

Lazarus Group Targets South Korean Firms with Cross EX, Innorix Exploits and ThreatNeedle Malware

The North Korea-linked Lazarus Group has launched a sophisticated campaign targeting at least six South Korean organizations...

Active! Mail Zero-Day RCE Exploited in Attacks Against Japanese Organizations

CVE News

Active! Mail Zero-Day RCE Exploited in Attacks Against Japanese Organizations

A critical zero-day remote code execution (RCE) vulnerability in Active! Mail, a widely used Japanese webmail client,...

Ivanti Connect Secure Zero-Day Exploited by China-Linked APT Since Mid-March 2025

CVE News

Ivanti Connect Secure Zero-Day Exploited by China-Linked APT Since Mid-March 2025

Ivanti has released critical patches for two zero-day vulnerabilities (CVE-2025-22457 and CVE-2025-0282) in its Connect Secure (ICS),...

iPhone Security Alert: Banking Malware and Zero-Day Exploits Threaten Users

Threat Intelligence

iPhone Security Alert: Banking Malware and Zero-Day Exploits Threaten Users

A new wave of cyber threats targeting iPhone users has prompted urgent warnings from security experts. Malicious...

Apache NotFound PluginPass Path Traversal Vulnerability (CVE-2024-54291): Analysis and Mitigation

CVE News

Apache NotFound PluginPass Path Traversal Vulnerability (CVE-2024-54291): Analysis and Mitigation

A newly disclosed path traversal vulnerability (CVE-2024-54291) in Apache’s NotFound PluginPass has been rated with a high...

Mozilla Patches Critical Windows Sandbox Escape Flaw Linked to Chrome Zero-Day

CVE News

Mozilla Patches Critical Windows Sandbox Escape Flaw Linked to Chrome Zero-Day

Mozilla has issued an emergency update for Firefox on Windows to address a critical sandbox escape vulnerability...

Posts pagination

1 2 3 Next

Zero-Day Exploits

Graphite Spyware Targets Journalists via iOS Zero-Click Exploits

Qualcomm Patches Actively Exploited Adreno GPU Zero-Day Vulnerabilities

Apple Safari Fullscreen BitM Attack: Exploitation and Mitigation

Critical Unpatched Vulnerabilities in Versa Concerto Expose Systems to Auth Bypass and RCE

Ivanti EPMM Zero-Days Exploited in Chained Remote Code Execution Attacks

Microsoft May 2025 Patch Tuesday: 5 Exploited Zero-Days and 72 Flaws Addressed

Fortinet Patches Critical Zero-Day Exploit in FortiVoice Enterprise Systems

Google Patches Actively Exploited Android System Vulnerability in May 2025 Update

Apple AirPlay Zero-Click RCE Vulnerabilities: Technical Analysis and Mitigation

Apache Tomcat CVE-2025-23181: Unprivileged Command Execution Vulnerability Analysis

19 APT Groups Exploit Vulnerabilities and Spear Phishing in Asia-Based Attacks

Analysis of iOS Darwin Notification Vulnerability: Impact and Mitigation

Android Malware and Zero-Day Exploits: April 2025 Security Roundup

TechCrunch Cyber Glossary: Key Security Terms and 2025 Threat Landscape

Lazarus Group Targets South Korean Firms with Cross EX, Innorix Exploits and ThreatNeedle Malware

Active! Mail Zero-Day RCE Exploited in Attacks Against Japanese Organizations

Ivanti Connect Secure Zero-Day Exploited by China-Linked APT Since Mid-March 2025

iPhone Security Alert: Banking Malware and Zero-Day Exploits Threaten Users

Apache NotFound PluginPass Path Traversal Vulnerability (CVE-2024-54291): Analysis and Mitigation

Mozilla Patches Critical Windows Sandbox Escape Flaw Linked to Chrome Zero-Day

You may have missed

Russia’s Throttling of Cloudflare: Technical Impact and Security Implications

Livestreamed Child Exploitation: Technical and Legal Implications of a Disturbing Case

UNFI Cyberattack: Supply Chain Disruption and Recovery Analysis

Hawaiian Airlines Cyberattack: IT Systems Compromised, Flight Operations Unaffected