Zero-Click Archives • Daily CyberSecurity

Zero-Click Shell: Public Exploit and PoC Disclosed for Android’s Critical ADB Auth Bypass (CVE-2026-0073) Android ADB Auth Bypass CVE-2026-0073 PoC

Zero-Click Shell: Public Exploit and PoC Disclosed for Android’s Critical ADB Auth Bypass (CVE-2026-0073)

Do Son May 11, 2026

A critical vulnerability existing within the core of Android’s developer tools has been exposed, revealing a zero-click...

Critical Zero-Click Android Flaw Grants Remote Shell Access Without Interaction Android Zero-Click RCE CVE-2026-0073 Android sideloading CVE-2024-43096, CVE-2024-43770, CVE-2024-43771, CVE-2024-49747 and, CVE-2024-49748

Android Zero-Click RCE CVE-2026-0073 Android sideloading CVE-2024-43096, CVE-2024-43770, CVE-2024-43771, CVE-2024-49747 and, CVE-2024-49748

Critical Zero-Click Android Flaw Grants Remote Shell Access Without Interaction

Do Son May 5, 2026

Google has issued an urgent warning in its May 2026 Android Security Bulletin regarding a critical vulnerability...

The Zero-Click Vulnerability: Akamai Uncovers Incomplete Patch for APT28 Exploit Zero-Click Exploitation LNK Authentication Coercion

The Zero-Click Vulnerability: Akamai Uncovers Incomplete Patch for APT28 Exploit

Do Son April 27, 2026

Researchers at Akamai have discovered that a previous fix for a high-profile exploit used by the Russian-linked...

Telegram Denies “Zero-Click” Sticker Exploit as 9.8 CVSS Security Alert Ignites a Global Standoff Telegram Zero-Click ZDI-CAN-30207

Telegram Denies “Zero-Click” Sticker Exploit as 9.8 CVSS Security Alert Ignites a Global Standoff

Do Son March 27, 2026

A critical security flaw has been unearthed in Telegram, the world’s leading encrypted messaging platform, drawing significant...

Public PoC Exploit Released for Critical Android Flaw Grants Apps Permissions Without You Knowing Android CVE-2024-23700 Zero-Interaction Exploit Candiru spyware Android vulnerability, security update

Android CVE-2024-23700 Zero-Interaction Exploit Candiru spyware Android vulnerability, security update

Public PoC Exploit Released for Critical Android Flaw Grants Apps Permissions Without You Knowing

Do Son January 23, 2026

A critical privilege escalation vulnerability in the Android ecosystem is raising alarms after security researcher Canyie publicly...

Zero-Click Hijack: The PrestaShop Checkout Flaw That Turns Emails Into Full Account Access, PoC Publishes CVE-2023-39526 PrestaShop

Zero-Click Hijack: The PrestaShop Checkout Flaw That Turns Emails Into Full Account Access, PoC Publishes

Do Son January 5, 2026

A critical vulnerability in the widely used PrestaShop e-commerce platform has been analyzed by vulnerability researcher Ananda...

CISA Emergency Alert: Commercial Spyware Exploiting Zero-Click and Malicious QR Codes to Hijack Messaging Apps Commercial Spyware, Messaging App Compromise

Commercial Spyware, Messaging App Compromise

CISA Emergency Alert: Commercial Spyware Exploiting Zero-Click and Malicious QR Codes to Hijack Messaging Apps

Do Son November 25, 2025

The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent nationwide alert warning that multiple cyber...

Zero-Click Samsung Zero-Day (CVE-2025-21042) Delivered LANDFALL Spyware Via Malicious DNG Images Samsung Zero-Click Spyware, LANDFALL

Zero-Click Samsung Zero-Day (CVE-2025-21042) Delivered LANDFALL Spyware Via Malicious DNG Images

Do Son November 10, 2025

Researchers from Unit 42, the threat intelligence team at Palo Alto Networks, have discovered a previously unknown...

Android Zero-Click RCE (CVE-2025-48593) in System Component Requires Immediate Patch for Versions 13-16 Android Zero-Click RCE, CVE-2025-48593

Android Zero-Click RCE (CVE-2025-48593) in System Component Requires Immediate Patch for Versions 13-16

Do Son November 4, 2025

Google’s November 2025 Android Security Bulletin has addressed multiple vulnerabilities across the platform, including a critical remote...

Researcher Details Zero-Click RCE in Dolby Audio Decoder Affecting Android, iOS, and macOS Dolby Zero-Click RCE, Audio Decoder Overflow

Researcher Details Zero-Click RCE in Dolby Audio Decoder Affecting Android, iOS, and macOS

Do Son October 20, 2025

Researchers Ivan Fratric and Natalie Silvanovich from Google Project Zero have disclosed a critical 0-click vulnerability (CVE-2025-54957,...

Zero-Click NTLM Leak Returns: New LNK Bypass (PoC Available) Bypasses Patch, Exposing Credentials Zero-Click NTLM Credential Leak, LNK Bypass

Zero-Click NTLM Leak Returns: New LNK Bypass (PoC Available) Bypasses Patch, Exposing Credentials

Do Son October 17, 2025

A cybersecurity researcher at Cymulate Research Labs, Ruben Enkaoua, has discovered yet another zero-click NTLM credential leakage...

Apple Ups Bounty to $5 Million for Zero-Click Spyware Exploits Bypassing Lockdown Mode Apple Bounty $5M, Zero-Click Exploit Zero-day, Apple security CVE-2025-43300

Apple Bounty $5M, Zero-Click Exploit Zero-day, Apple security CVE-2025-43300

Apple Ups Bounty to $5 Million for Zero-Click Spyware Exploits Bypassing Lockdown Mode

Do Son October 13, 2025

Apple has announced a major overhaul of its Security Bounty vulnerability reward program, set to take effect...

Apple Issues New Spyware Alerts for French Officials and Journalists Apple Zero-Day CVE-2025-43529 WebKit Zero-Day, Targeted iOS Spyware Apple spyware alerts, zero-click attacks Apple, trademark lawsuit CVE-2024-54527 PoC exploit Apple, App Store

Apple Zero-Day CVE-2025-43529 WebKit Zero-Day, Targeted iOS Spyware Apple spyware alerts, zero-click attacks Apple, trademark lawsuit CVE-2024-54527 PoC exploit Apple, App Store

Apple Issues New Spyware Alerts for French Officials and Journalists

Do Son September 12, 2025

Apple occasionally issues spyware attack notifications, publicly disclosing on its website which countries or regions have received...

CISA Flags Two Actively Exploited Vulnerabilities: TP-Link Router Reset Flaw and WhatsApp Zero-Day Chain Ivanti EPMM Vulnerability CVE-2026-1340 CISA KEV Catalog CVE-2026-21385 CISA KEV Update CVE-2008-0015 CISA KEV, Array Networks Command Injection CVE-2025-0111 & CVE-2025-23209 CISA, Known Exploited Vulnerabilities

Ivanti EPMM Vulnerability CVE-2026-1340 CISA KEV Catalog CVE-2026-21385 CISA KEV Update CVE-2008-0015 CISA KEV, Array Networks Command Injection CVE-2025-0111 & CVE-2025-23209 CISA, Known Exploited Vulnerabilities

CISA Flags Two Actively Exploited Vulnerabilities: TP-Link Router Reset Flaw and WhatsApp Zero-Day Chain

Do Son September 3, 2025

The Cybersecurity and Infrastructure Security Agency (CISA) has added two new security flaws to its Known Exploited...

Predators for Hire: A New Report Exposes the Thriving Global Spyware Industry Commercial spyware, Pegasus Predator mobile spyware

Predators for Hire: A New Report Exposes the Thriving Global Spyware Industry

Do Son September 3, 2025

Commercial spyware is no longer the shadowy tool of a few niche companies—it has grown into a...

WhatsApp antitrust API probe India SIM-Binding Mandate Messaging App KYC WhatsApp DMA Interoperability BirdyChat Haiket Denmark Social Media Ban CVE-2025-55177 WhatsApp vulnerability, zero-click flaw npm Malware, System Wipe WhatsApp Windows App, WebView2 Downgrade WhatsApp Ban, US House NSO WhatsApp, Pegasus Spyware WhatsApp iPad iPadOS app

A Critical Zero-Click WhatsApp Flaw, CVE-2025-55177, Was Exploited in Zero-Day Attacks

Do Son August 29, 2025

Meta’s WhatsApp Security Team has patched a zero-day flaw (CVE-2025-55177) in WhatsApp for iOS (prior to v2.25.21.73),...

New Zero-Click Flaw Bypasses Microsoft’s Patch, Leaking NTLM Credentials, PoC Available Smart App Control blocking Armoury Crate, ROG Ally Defender false positive 2026 Microsoft Zero-Day, Cloud Files UAF Microsoft Access end of life CVE-2025-21298 Azure Vulnerabilities

Smart App Control blocking Armoury Crate, ROG Ally Defender false positive 2026 Microsoft Zero-Day, Cloud Files UAF Microsoft Access end of life CVE-2025-21298 Azure Vulnerabilities

New Zero-Click Flaw Bypasses Microsoft’s Patch, Leaking NTLM Credentials, PoC Available

Do Son August 13, 2025

Cymulate Research Labs has uncovered a critical zero-click NTLM credential leakage vulnerability—CVE-2025-50154—that bypasses Microsoft’s April 2025 patch...

EchoLeak: First AI Zero-Click Vulnerability Leaks Data from Microsoft 365 Copilot AI Security, Data Exfiltration

EchoLeak: First AI Zero-Click Vulnerability Leaks Data from Microsoft 365 Copilot

Do Son June 13, 2025

In the age of artificial intelligence, a multitude of AI agents has emerged, yet their rapid proliferation...

Zero-Click iMessage Alert: Paragon’s Graphite Spyware Exploits iOS Flaw, Targets Journalists Zero-Click Spyware, Graphite CVE-2025-43200

Zero-Click iMessage Alert: Paragon’s Graphite Spyware Exploits iOS Flaw, Targets Journalists

Do Son June 12, 2025

On April 29, 2025, Apple issued alerts: select iOS users were being targeted with advanced spyware. Among...

NSO Group Ordered to Pay WhatsApp $167M for Pegasus Spyware Attack

Do Son June 3, 2025

The notorious Israeli commercial spyware developer NSO Group has been ordered by a U.S. court jury to...

Critical Alert 1 Active Exploit Detected Today