zero-day Archives • Page 7 of 10 • Daily CyberSecurity

WinRAR Update: Zero-Day Path Traversal Flaw (CVE-2025-8088) Actively Exploited to Deliver Malware WinRAR Zero-Day, Path Traversal CVE-2025-8088

WinRAR Update: Zero-Day Path Traversal Flaw (CVE-2025-8088) Actively Exploited to Deliver Malware

Do Son August 11, 2025

Security researchers at ESET have uncovered a zero-day path traversal vulnerability in the Windows version of WinRAR...

Everon OCPP Vulnerability CVE-2026-26288 ASUSTOR ADM Vulnerability CVE-2026-24936 PrismX MX100 Vulnerability Hard-Coded Credentials Advantech Vulnerability CVE-2025-52694 Eaton UPS Companion, CVE-2025-59887 ASUS Router, Authentication Bypass ASUSTOR DLL Hijacking, Privilege Escalation OpenShift AI, Privilege Escalation GoAnywhere vulnerability CVE-2025-10035 LangChainGo, template injection DeepDiff, class pollution ToolShell Sunshine, CSRF Vulnerability KACE SMA, Critical Vulnerabilities Oracle Zero-Days - PDQ Deploy vulnerability

CISA Warns of “ToolShell”: Critical Exploit Chain Hits SharePoint Servers, Bypasses Authentication

Do Son August 7, 2025

The Cybersecurity and Infrastructure Security Agency (CISA) has released an in-depth Malware Analysis Report warning of a...

Urgent Zero-Day Warning: SonicWall VPNs Under Attack, Akira Ransomware Deployed Within Hours hackerbot-claw campaign Cisco RCE Exploit CVE-2026-20045 SonicWall VPN, Akira Ransomware Nobelium Apache Tomcat, Apache Camel

hackerbot-claw campaign Cisco RCE Exploit CVE-2026-20045 SonicWall VPN, Akira Ransomware Nobelium Apache Tomcat, Apache Camel

Urgent Zero-Day Warning: SonicWall VPNs Under Attack, Akira Ransomware Deployed Within Hours

Do Son August 4, 2025

Huntress has issued a critical alert about what appears to be a zero-day vulnerability in SonicWall Secure...

Metasploit Module Released for Actively Exploited Microsoft SharePoint Flaw CVE-2025-53770 SharePoint RCE, Metasploit Exploit

Metasploit Module Released for Actively Exploited Microsoft SharePoint Flaw CVE-2025-53770

Do Son July 23, 2025

A newly released Metasploit module highlights the critical threat posed by an actively exploited remote code execution...

CISA Alert: Actively Exploited Zero-Days in CrushFTP, Chrome, and SysAid Added to KEV Catalog CISA KEV, Zero-Day Exploitation

CISA Alert: Actively Exploited Zero-Days in CrushFTP, Chrome, and SysAid Added to KEV Catalog

Do Son July 23, 2025

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has updated its Known Exploited Vulnerabilities (KEV) Catalog with four...

Microsoft: China-Backed APTs Actively Exploiting SharePoint Flaws (CVE-2025-49704 & CVE-2025-49706) Fortinet patch bypass 2026, FortiGate SSO authentication exploit SharePoint Zero-Day, China APTs Exploited Vulnerabilities 2023

Fortinet patch bypass 2026, FortiGate SSO authentication exploit SharePoint Zero-Day, China APTs Exploited Vulnerabilities 2023

Microsoft: China-Backed APTs Actively Exploiting SharePoint Flaws (CVE-2025-49704 & CVE-2025-49706)

Do Son July 23, 2025

Last week, the Microsoft Security Response Center (MSRC) issued an urgent advisory regarding active exploitation of critical...

Urgent: Cisco ISE Flaws (CVSS 10.0) Actively Exploited in the Wild – Patch Immediately! Cisco ISE Exploitation

Urgent: Cisco ISE Flaws (CVSS 10.0) Actively Exploited in the Wild – Patch Immediately!

Do Son July 22, 2025

Cisco has issued an urgent update to its security advisory, revealing that three critical remote code execution...

Cisco SD-WAN Vulnerability CVE-2026-20133 FortiGate Compromise Ivanti EPMM Zero-Day CVE-2026-1281 SmarterMail Vulnerability Storm-2603 WatchGuard Zero-Day, IKEv2 Out-of-Bounds Write Cisco Zero-Day, UAT-9686 Chinese APT FortiWeb RCE Exploitation CVE-2025-58034 VMware Zero-Day, Privilege Escalation Sitecore, remote code execution CVE-2025-53690 Windows CLFS, Privilege Escalation CVE-2024-47575 & CVE-2024-11120 CVE-2025-24983 vulnerability

Windows Zero-Day Actively Exploited by Ransomware Gangs – PoC Available!

Do Son July 21, 2025

In April 2025, Microsoft issued a critical security patch addressing a serious vulnerability in the Windows Common...

ToolShell: New SharePoint RCE Zero-Day Chain Under Active Global Exploitation SharePoint RCE, ToolShell Exploit

ToolShell: New SharePoint RCE Zero-Day Chain Under Active Global Exploitation

Do Son July 21, 2025

On the evening of July 18, 2025, Eye Security identified an active, large-scale exploitation of a newly...

SharePoint Server Under Active Zero-Day Attack (CVE-2025-53770, CVSS 9.8), No Patch Yet! SharePoint RCE, Zero-Day Exploitation CVE-2025-53770

SharePoint Server Under Active Zero-Day Attack (CVE-2025-53770, CVSS 9.8), No Patch Yet!

Do Son July 20, 2025

Microsoft has issued an urgent security advisory for on-premises SharePoint Server customers in response to active exploitation...

CVE-2025-54309: CrushFTP Targeted in Active Exploits Due to Unpatched Zero-Day Vulnerability CrushFTP Zero-Day, File Transfer Security

CVE-2025-54309: CrushFTP Targeted in Active Exploits Due to Unpatched Zero-Day Vulnerability

Do Son July 19, 2025

CrushFTP, a widely used secure file transfer server, has issued an urgent advisory regarding a critical zero-day...

Critical Cisco ISE Flaw CVE-2025-20337 (CVSS 10.0) Allows Unauthenticated Root RCE – Patch Immediately Cisco ISE, RCE Vulnerability

Critical Cisco ISE Flaw CVE-2025-20337 (CVSS 10.0) Allows Unauthenticated Root RCE – Patch Immediately

Do Son July 17, 2025

A critical vulnerability was found in Cisco Identity Services Engine (ISE) and Cisco ISE-PIC. Tracked as CVE-2025-20337,...

Google’s Big Sleep AI Foils Live Zero-Day Exploit in SQLite (CVE-2025-6965) AI Cybersecurity, Vulnerability Hunting

Google’s Big Sleep AI Foils Live Zero-Day Exploit in SQLite (CVE-2025-6965)

Do Son July 17, 2025

In a demonstration of artificial intelligence applied to cybersecurity, Google has revealed that its AI agent, Big...

Urgent Chrome Update: Google Patches Critical Zero-Day (CVE-2025-6558) Under Active Attack Chrome Zero-Day CVE-2026-3909 Chrome Zero-Day PoC CVE-2026-2441 Chrome Zero-Day CVE-2026-2441 Chrome Zero-Day, Active Exploitation CVE-2025-10585 Chrome vulnerability, zero-day exploit CVE-2025-6558 Chrome Zero-Day, V8 Vulnerability Chrome Zero-Day, Security Update

Chrome Zero-Day CVE-2026-3909 Chrome Zero-Day PoC CVE-2026-2441 Chrome Zero-Day CVE-2026-2441 Chrome Zero-Day, Active Exploitation CVE-2025-10585 Chrome vulnerability, zero-day exploit CVE-2025-6558 Chrome Zero-Day, V8 Vulnerability Chrome Zero-Day, Security Update

Urgent Chrome Update: Google Patches Critical Zero-Day (CVE-2025-6558) Under Active Attack

Do Son July 15, 2025

Google has released a critical Stable Channel update for Chrome Desktop (version 138.0.7204.157/.158), addressing six security vulnerabilities,...

Microsoft’s July 2025 Patch Tuesday: 140 Flaws Fixed, Including Zero-Day, RCEs & AMD CPU Threats Patch Tuesday, Microsoft Security

Microsoft’s July 2025 Patch Tuesday: 140 Flaws Fixed, Including Zero-Day, RCEs & AMD CPU Threats

Do Son July 9, 2025

Microsoft’s July 2025 Patch Tuesday arrives with a hefty load: a total of 140 vulnerabilities patched, including...

Chinese State-Sponsored Hacker Xu Zewei Arrested in Italy for COVID-19 Research & Exchange Server Hacks China Cyberespionage, HAFNIUM Arrest

Chinese State-Sponsored Hacker Xu Zewei Arrested in Italy for COVID-19 Research & Exchange Server Hacks

Do Son July 9, 2025

The U.S. Department of Justice (DOJ) has unsealed a nine-count indictment against Xu Zewei (徐泽伟), 33, a...

Microsoft Edge Alert: Two High-Severity Flaws (CVE-2025-6554, CVE-2025-49713) Allow Remote Code Execution, One Actively Exploited Microsoft Edge, Zero-Day Vulnerability

Microsoft Edge Alert: Two High-Severity Flaws (CVE-2025-6554, CVE-2025-49713) Allow Remote Code Execution, One Actively Exploited

Do Son July 4, 2025

Microsoft has released Edge Stable Channel Version 138.0.3351.65, an update that addresses critical browser vulnerabilities impacting Chromium-based...

Actively Exploited Google Chrome Zero-Day (CVE-2025-6554) Added to CISA’s KEV Catalog, PoC Available Chrome Zero-Day CVE-2026-3909 Chrome Zero-Day PoC CVE-2026-2441 Chrome Zero-Day CVE-2026-2441 Chrome Zero-Day, Active Exploitation CVE-2025-10585 Chrome vulnerability, zero-day exploit CVE-2025-6558 Chrome Zero-Day, V8 Vulnerability Chrome Zero-Day, Security Update

Actively Exploited Google Chrome Zero-Day (CVE-2025-6554) Added to CISA’s KEV Catalog, PoC Available

Do Son July 3, 2025

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has officially added a high-severity vulnerability in Google Chrome...

ANSSI Exposes “Houken”: China-Linked Threat Actor Exploiting Ivanti CSA Zero-Days & Deploying Linux Rootkits Houken, Ivanti CSA Zero-Day

ANSSI Exposes “Houken”: China-Linked Threat Actor Exploiting Ivanti CSA Zero-Days & Deploying Linux Rootkits

Do Son July 2, 2025

The French cybersecurity agency ANSSI has exposed a sophisticated threat actor dubbed Houken. First observed exploiting zero-day...

Google Patches Actively Exploited Chrome Zero-Day: CVE-2025-6554 Chrome Zero-Day, V8 Vulnerability

Google Patches Actively Exploited Chrome Zero-Day: CVE-2025-6554

Do Son June 30, 2025

Google has urgently released an update to its Stable channel for Chrome following the discovery of a...

Critical Alert 1 Active Exploit Detected Today