zero-day Archives • Page 8 of 10 • Daily CyberSecurity

Microsoft Edge Alert: Two High-Severity Flaws (CVE-2025-6554, CVE-2025-49713) Allow Remote Code Execution, One Actively Exploited Microsoft Edge, Zero-Day Vulnerability

Microsoft Edge Alert: Two High-Severity Flaws (CVE-2025-6554, CVE-2025-49713) Allow Remote Code Execution, One Actively Exploited

Do Son July 4, 2025

Microsoft has released Edge Stable Channel Version 138.0.3351.65, an update that addresses critical browser vulnerabilities impacting Chromium-based...

Actively Exploited Google Chrome Zero-Day (CVE-2025-6554) Added to CISA’s KEV Catalog, PoC Available Chrome security update exploit in the wild Chrome Zero-Day CVE-2026-3909 Chrome Zero-Day PoC CVE-2026-2441 Chrome Zero-Day CVE-2026-2441 Chrome Zero-Day, Active Exploitation CVE-2025-10585 Chrome vulnerability, zero-day exploit CVE-2025-6558 Chrome Zero-Day, V8 Vulnerability Chrome Zero-Day, Security Update

Chrome security update exploit in the wild Chrome Zero-Day CVE-2026-3909 Chrome Zero-Day PoC CVE-2026-2441 Chrome Zero-Day CVE-2026-2441 Chrome Zero-Day, Active Exploitation CVE-2025-10585 Chrome vulnerability, zero-day exploit CVE-2025-6558 Chrome Zero-Day, V8 Vulnerability Chrome Zero-Day, Security Update

Actively Exploited Google Chrome Zero-Day (CVE-2025-6554) Added to CISA’s KEV Catalog, PoC Available

Do Son July 3, 2025

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has officially added a high-severity vulnerability in Google Chrome...

ANSSI Exposes “Houken”: China-Linked Threat Actor Exploiting Ivanti CSA Zero-Days & Deploying Linux Rootkits Houken, Ivanti CSA Zero-Day

ANSSI Exposes “Houken”: China-Linked Threat Actor Exploiting Ivanti CSA Zero-Days & Deploying Linux Rootkits

Do Son July 2, 2025

The French cybersecurity agency ANSSI has exposed a sophisticated threat actor dubbed Houken. First observed exploiting zero-day...

Google Patches Actively Exploited Chrome Zero-Day: CVE-2025-6554 Chrome Zero-Day, V8 Vulnerability

Google Patches Actively Exploited Chrome Zero-Day: CVE-2025-6554

Do Son June 30, 2025

Google has urgently released an update to its Stable channel for Chrome following the discovery of a...

CISA, FBI, NSA Urge Software Industry: Adopt Memory-Safe Languages to Drastically Cut Vulnerabilities Memory-Safe Languages, Software Security

CISA, FBI, NSA Urge Software Industry: Adopt Memory-Safe Languages to Drastically Cut Vulnerabilities

Do Son June 26, 2025

The Cybersecurity and Infrastructure Security Agency (CISA), alongside the FBI, NSA, and key international cybersecurity partners, has...

Team46 (TaxOff) Exploits Google Chrome Zero-Day (CVE-2025-2783) in Sophisticated Phishing Campaign Team46 APT, Google Chrome Zero-Day

Team46 (TaxOff) Exploits Google Chrome Zero-Day (CVE-2025-2783) in Sophisticated Phishing Campaign

Do Son June 17, 2025

In a major revelation, the Threat Intelligence Department of the Positive Technologies Expert Security Center (PT ESC)...

Zero-Click to Root: CISA Flags Active Exploits in Apple iOS and TP-Link Routers

Do Son June 17, 2025

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added two high-risk vulnerabilities to its Known Exploited...

Zero-Day Alert: Remotely Escalate Privileges to SYSTEM via Kerberos Relay – PoC Available Windows Zero-Day Kerberos relay

Zero-Day Alert: Remotely Escalate Privileges to SYSTEM via Kerberos Relay – PoC Available

Do Son June 12, 2025

A newly disclosed vulnerability, CVE-2025-33073, revealed by RedTeam Pentesting GmbH, exposes a critical flaw in Microsoft Windows’...

Stealth Falcon Exploits New Zero-Day (CVE-2025-33053) in Sophisticated Cyberespionage Campaign Stealth Falcon CVE-2025-33053

Stealth Falcon Exploits New Zero-Day (CVE-2025-33053) in Sophisticated Cyberespionage Campaign

Do Son June 10, 2025

A new cyberespionage campaign attributed to the notorious APT group Stealth Falcon has been uncovered by Check...

Microsoft’s June 2025 Patch Tuesday: 2 Zero-Days, 69 Vulnerabilities Patched! Patch Tuesday, Microsoft Security

Microsoft’s June 2025 Patch Tuesday: 2 Zero-Days, 69 Vulnerabilities Patched!

Do Son June 10, 2025

Microsoft’s June 2025 Patch Tuesday rollout has addressed a substantial 69 vulnerabilities, including 10 critical and 57...

Actively Exploited Qualcomm GPU Zero-Days Added to CISA’s KEV Catalog

Do Son June 4, 2025

Three new vulnerabilities in Qualcomm’s Adreno GPU driver have been added to CISA’s Known Exploited Vulnerabilities (KEV)...

Kaspersky Report Reveals Growing Threat from Old Exploits and OS Vulnerabilities in Q1 2025 Cybersecurity, Vulnerabilities

Kaspersky Report Reveals Growing Threat from Old Exploits and OS Vulnerabilities in Q1 2025

Do Son June 3, 2025

Kaspersky’s latest “Exploits and vulnerabilities in Q1 2025” shows that attackers are doubling down on aging exploits,...

CISA Adds 5 Actively Exploited Vulnerabilities to KEV Catalog: ASUS Routers, Craft CMS, and ConnectWise Targeted CISA KEV, Zero-Day Exploits

CISA Adds 5 Actively Exploited Vulnerabilities to KEV Catalog: ASUS Routers, Craft CMS, and ConnectWise Targeted

Do Son June 3, 2025

The Cybersecurity and Infrastructure Security Agency (CISA) has added five new vulnerabilities to its Known Exploited Vulnerabilities...

Chrome Zero-Day Alert: CVE-2025-5419 Actively Exploited in the Wild CVE-2025-5419 Chrome Update, Zero-Day

Chrome Zero-Day Alert: CVE-2025-5419 Actively Exploited in the Wild

Do Son June 2, 2025

Google has rolled out a critical security update for the Chrome browser in its Stable channel, bumping...

Qualcomm Reveals Active Exploitation of Multiple Zero-Days in Adreno GPU Qualcomm Zero-Days, Snapdragon Vulnerabilities

Qualcomm Reveals Active Exploitation of Multiple Zero-Days in Adreno GPU

Do Son June 2, 2025

Qualcomm has disclosed several critical security flaws in its latest June 2025 Security Bulletin, including multiple zero-day...

PoC Reveals Apple Audio Zero-Day Enabling Remote Code Execution via Malicious Media Files CoreAudio Vulnerability, Apple Zero-Day

PoC Reveals Apple Audio Zero-Day Enabling Remote Code Execution via Malicious Media Files

Do Son June 2, 2025

Apple has patched a high-severity zero-day vulnerability in CoreAudio, the framework responsible for audio playback and processing...

Ivanti EPMM Under Attack: Zero-Day RCE Exploited by China-Linked Group UNC5221 Ivanti EPMM RCE, China-nexus threat

Ivanti EPMM Under Attack: Zero-Day RCE Exploited by China-Linked Group UNC5221

Do Son May 23, 2025

A newly discovered zero-day vulnerability in Ivanti Endpoint Manager Mobile (EPMM) — CVE-2025-4428 — is being actively...

Critical 0-Day: Cityworks Flaw Actively Exploited by Chinese APT UAT-6382

Do Son May 22, 2025

A newly identified Chinese-speaking threat actor cluster, tracked as UAT-6382, is actively exploiting a zero-day vulnerability in...

Unpatched 0-Days (CVSS 10): Versa Concerto Flaws Threaten Enterprise Networks Versa Concerto exploit, SD-WAN security

Unpatched 0-Days (CVSS 10): Versa Concerto Flaws Threaten Enterprise Networks

Do Son May 22, 2025

Versa Concerto, a popular SD-WAN and network orchestration platform used by large enterprises and governments, is under...

Grafana Zero-Day? Emergency Patch Released ‘One Day Ahead of Schedule’ for XSS Flaw Grafana SCIM Flaw CVE-2025-41115 Grafana Vulnerabilities, XSS Flaw Grafana security alert, XSS patch

Grafana Zero-Day? Emergency Patch Released ‘One Day Ahead of Schedule’ for XSS Flaw

Do Son May 22, 2025

Grafana Labs issued an unscheduled security release—Grafana 12.0.0+security-01—alongside patches for all supported versions, addressing a high-severity cross-site...

Critical Alert 2 Active Exploits Detected Today