#zero-day-exploits

[ follow ]
#cybersecurity #android-security #vulnerabilities #patch-tuesday #windows-security
Information security
fromComputerworld
1 week ago

For January, Patch Tuesday starts off with a bang

Microsoft patched 112 vulnerabilities, including eight critical flaws and three zero-days; Windows and Office updates require immediate prioritization.
Information security
fromWIRED
2 weeks ago

AI's Hacking Skills Are Approaching an 'Inflection Point'

Advances in AI enable models to discover complex software vulnerabilities, increasing both defensive detection and malicious exploitation risks.
Information security
fromThe Hacker News
1 month ago

Weekly Recap: Apple 0-Days, WinRAR Exploit, LastPass Fines, .NET RCE, OAuth Scams & More

Critical zero-day vulnerabilities in Apple and Google products and a .NET SOAPwn flaw are actively exploited; install updates and patch affected software immediately.
Information security
fromTechCrunch
1 month ago

Google and Apple roll out emergency security updates after zero-day attacks | TechCrunch

Apple and Google issued security updates to patch actively exploited zero-day vulnerabilities tied to a likely government-backed hacking campaign targeting specific users.
fromTheregister
1 month ago

Two Android 0-day bugs patched, plus 105 more fixes

The two vulnerabilities are CVE-2025-48633, an information-disclosure flaw in Android's framework component, and CVE-2025-48572, an elevation-of-privilege bug also in the framework component. Both are ranked high severity, and according to Google, both "may be under limited, targeted exploitation." Both of these - plus an additional 105 security holes - all have patches, so it's a good idea to update your Android software ASAP.
Information security
Information security
fromComputerWeekly.com
1 month ago

What lies in store for the security world in 2026? | Computer Weekly

Budget cuts and reduced cybersecurity staffing have degraded defenses, causing longer dwell times, slower detection, and greater exposure to supply‑chain and zero‑day attacks in 2026.
Information security
fromThe Hacker News
2 months ago

Amazon Uncovers Attacks Exploited Cisco ISE and Citrix NetScaler as Zero-Day Flaws

Advanced threat actor exploited zero-day vulnerabilities in Citrix NetScaler ADC and Cisco ISE to deploy a custom web shell backdoor disguised as IdentityAuditAction.
fromTechCrunch
2 months ago

How an ex-L3 Harris Trenchant boss stole and sold cyber exploits to Russia | TechCrunch

Williams, a 39-year-old Australian citizen who was known inside the company as "Doogie," admitted to prosecutors that he stole and sold eight exploits, or " zero-days," which are security flaws in software that are unknown to its maker and are extremely valuable to hack into a target's devices. Williams said some of those exploits, which he stole from his own company Trenchant, were worth $35 million, but he only received $1.3 million in cryptocurrency from the Russian broker.
Information security
Information security
fromWIRED
3 months ago

Ex-L3Harris Cyber Boss Pleads Guilty to Selling Trade Secrets to Russian Firm

A former executive pleaded guilty to selling trade secrets worth at least $1.3 million to a buyer in Russia.
Information security
fromThe Hacker News
4 months ago

Weekly Recap: Cisco 0-Day, Record DDoS, LockBit 5.0, BMC Bugs, ShadowV2 Botnet & More

Advanced threat actors exploit zero-day Cisco flaws and deploy sophisticated malware to target critical infrastructure, cloud apps, and enterprise systems.
#cybersecurity
fromTechCrunch
9 months ago
Privacy technologies

Government hackers are leading the use of attributed zero-days, Google says | TechCrunch

fromTechCrunch
9 months ago
Privacy technologies

Government hackers are leading the use of attributed zero-days, Google says | TechCrunch

more#cybersecurity
Apple
fromThe Hacker News
9 months ago

Apple Patches Two Actively Exploited iOS Flaws Used in Sophisticated Targeted Attacks

Apple released security updates addressing two actively exploited vulnerabilities in its operating systems.
The updates were prompted by reports from Google TAG and focus on core security flaws in audio processing and RPAC components.
[ Load more ]