zero-day Archives • Page 8 of 10 • Daily CyberSecurity

CISA, FBI, NSA Urge Software Industry: Adopt Memory-Safe Languages to Drastically Cut Vulnerabilities Memory-Safe Languages, Software Security

CISA, FBI, NSA Urge Software Industry: Adopt Memory-Safe Languages to Drastically Cut Vulnerabilities

Do Son June 26, 2025

The Cybersecurity and Infrastructure Security Agency (CISA), alongside the FBI, NSA, and key international cybersecurity partners, has...

Team46 (TaxOff) Exploits Google Chrome Zero-Day (CVE-2025-2783) in Sophisticated Phishing Campaign Team46 APT, Google Chrome Zero-Day

Team46 (TaxOff) Exploits Google Chrome Zero-Day (CVE-2025-2783) in Sophisticated Phishing Campaign

Do Son June 17, 2025

In a major revelation, the Threat Intelligence Department of the Positive Technologies Expert Security Center (PT ESC)...

Zero-Click to Root: CISA Flags Active Exploits in Apple iOS and TP-Link Routers

Do Son June 17, 2025

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added two high-risk vulnerabilities to its Known Exploited...

Zero-Day Alert: Remotely Escalate Privileges to SYSTEM via Kerberos Relay – PoC Available Windows Zero-Day Kerberos relay

Zero-Day Alert: Remotely Escalate Privileges to SYSTEM via Kerberos Relay – PoC Available

Do Son June 12, 2025

A newly disclosed vulnerability, CVE-2025-33073, revealed by RedTeam Pentesting GmbH, exposes a critical flaw in Microsoft Windows’...

Stealth Falcon Exploits New Zero-Day (CVE-2025-33053) in Sophisticated Cyberespionage Campaign Stealth Falcon CVE-2025-33053

Stealth Falcon Exploits New Zero-Day (CVE-2025-33053) in Sophisticated Cyberespionage Campaign

Do Son June 10, 2025

A new cyberespionage campaign attributed to the notorious APT group Stealth Falcon has been uncovered by Check...

Microsoft’s June 2025 Patch Tuesday: 2 Zero-Days, 69 Vulnerabilities Patched! Patch Tuesday, Microsoft Security

Microsoft’s June 2025 Patch Tuesday: 2 Zero-Days, 69 Vulnerabilities Patched!

Do Son June 10, 2025

Microsoft’s June 2025 Patch Tuesday rollout has addressed a substantial 69 vulnerabilities, including 10 critical and 57...

Actively Exploited Qualcomm GPU Zero-Days Added to CISA’s KEV Catalog

Do Son June 4, 2025

Three new vulnerabilities in Qualcomm’s Adreno GPU driver have been added to CISA’s Known Exploited Vulnerabilities (KEV)...

Kaspersky Report Reveals Growing Threat from Old Exploits and OS Vulnerabilities in Q1 2025 Cybersecurity, Vulnerabilities

Kaspersky Report Reveals Growing Threat from Old Exploits and OS Vulnerabilities in Q1 2025

Do Son June 3, 2025

Kaspersky’s latest “Exploits and vulnerabilities in Q1 2025” shows that attackers are doubling down on aging exploits,...

CISA Adds 5 Actively Exploited Vulnerabilities to KEV Catalog: ASUS Routers, Craft CMS, and ConnectWise Targeted CISA KEV, Zero-Day Exploits

CISA Adds 5 Actively Exploited Vulnerabilities to KEV Catalog: ASUS Routers, Craft CMS, and ConnectWise Targeted

Do Son June 3, 2025

The Cybersecurity and Infrastructure Security Agency (CISA) has added five new vulnerabilities to its Known Exploited Vulnerabilities...

Chrome Zero-Day Alert: CVE-2025-5419 Actively Exploited in the Wild CVE-2025-5419 Chrome Update, Zero-Day

Chrome Zero-Day Alert: CVE-2025-5419 Actively Exploited in the Wild

Do Son June 2, 2025

Google has rolled out a critical security update for the Chrome browser in its Stable channel, bumping...

Qualcomm Reveals Active Exploitation of Multiple Zero-Days in Adreno GPU Qualcomm Zero-Days, Snapdragon Vulnerabilities

Qualcomm Reveals Active Exploitation of Multiple Zero-Days in Adreno GPU

Do Son June 2, 2025

Qualcomm has disclosed several critical security flaws in its latest June 2025 Security Bulletin, including multiple zero-day...

PoC Reveals Apple Audio Zero-Day Enabling Remote Code Execution via Malicious Media Files CoreAudio Vulnerability, Apple Zero-Day

PoC Reveals Apple Audio Zero-Day Enabling Remote Code Execution via Malicious Media Files

Do Son June 2, 2025

Apple has patched a high-severity zero-day vulnerability in CoreAudio, the framework responsible for audio playback and processing...

Ivanti EPMM Under Attack: Zero-Day RCE Exploited by China-Linked Group UNC5221 Ivanti EPMM RCE, China-nexus threat

Ivanti EPMM Under Attack: Zero-Day RCE Exploited by China-Linked Group UNC5221

Do Son May 23, 2025

A newly discovered zero-day vulnerability in Ivanti Endpoint Manager Mobile (EPMM) — CVE-2025-4428 — is being actively...

Critical 0-Day: Cityworks Flaw Actively Exploited by Chinese APT UAT-6382

Do Son May 22, 2025

A newly identified Chinese-speaking threat actor cluster, tracked as UAT-6382, is actively exploiting a zero-day vulnerability in...

Unpatched 0-Days (CVSS 10): Versa Concerto Flaws Threaten Enterprise Networks Versa Concerto exploit, SD-WAN security

Unpatched 0-Days (CVSS 10): Versa Concerto Flaws Threaten Enterprise Networks

Do Son May 22, 2025

Versa Concerto, a popular SD-WAN and network orchestration platform used by large enterprises and governments, is under...

Grafana Zero-Day? Emergency Patch Released ‘One Day Ahead of Schedule’ for XSS Flaw Grafana SCIM Flaw CVE-2025-41115 Grafana Vulnerabilities, XSS Flaw Grafana security alert, XSS patch

Grafana Zero-Day? Emergency Patch Released ‘One Day Ahead of Schedule’ for XSS Flaw

Do Son May 22, 2025

Grafana Labs issued an unscheduled security release—Grafana 12.0.0+security-01—alongside patches for all supported versions, addressing a high-severity cross-site...

Pwn2Own Berlin Recap: VMware ESXi, Windows 11 Hacked with Zero-Days

Do Son May 21, 2025

The renowned hacking competition, Pwn2Own 2025 Berlin, recently concluded with cybersecurity researchers securing a total of $1,078,750...

SAP NetWeaver RCE: Zero-Day Allows File Uploads, Qilin Ransomware Connection SAP RCE, CVE-2025-31324

SAP NetWeaver RCE: Zero-Day Allows File Uploads, Qilin Ransomware Connection

Do Son May 20, 2025

In a recent revelation, OP Innovate has uncovered early evidence of real-world exploitation of CVE-2025-31324 (CVSS 10),...

Pwn2Own: Firefox Hacked with JavaScript Zero-Days – Details on the Exploits Firefox security, JavaScript exploit

Pwn2Own: Firefox Hacked with JavaScript Zero-Days – Details on the Exploits

Do Son May 19, 2025

Mozilla has moved swiftly to patch two critical zero-day vulnerabilities in Firefox, both of which were exploited...

CVE-2025-47539: Critical Privilege Escalation Flaw Hits 10K+ WordPress Eventin Sites Privilege Escalation, WordPress Plugin

CVE-2025-47539: Critical Privilege Escalation Flaw Hits 10K+ WordPress Eventin Sites

Do Son May 16, 2025

A high-severity vulnerability in a popular WordPress event management plugin has been disclosed and patched, raising alarms...

Critical Alert 1 Active Exploit Detected Today