Tag: day vulnerabilities
21 articles

September 2025 Patch Tuesday: Must-Have Urgent Fixes
Microsoft’s September 2025 Patch Tuesday fixes more than 80 vulnerabilities—13 rated critical—and while no zero-days or active exploits are reported, this is a timely reminder to patch internet-facing systems and update your devices tonight to close the window for attackers.

Patch Tuesday: Must-Have Critical Windows 10 Fixes
October’s Patch Tuesday fixes more than 170 CVEs — including six zero-days that were actively exploited — so now’s the time to prioritize updates, stage rollouts, and tighten layered defenses to keep attackers from turning those holes into a breach.

BRICKSTORM backdoor: Stunning Dangerous Threat Exposed
BRICKSTORM is a stealthy backdoor tied to a Chinese‑aligned group that quietly harvests telemetry to help build and refine zero‑day exploits—what looks like a low‑impact intrusion today could be tomorrow’s weapon. Security teams should hunt, patch, and harden now before collected data is turned into lasting capability.

zero-day vulnerabilities: Urgent Critical Patch Alert
Don’t wait: Microsoft’s Patch Tuesday fixed 80+ vulnerabilities, including two publicly disclosed zero-days with exploit details already circulating. Prioritize scanning, testing, and deploying patches now — and apply mitigations where needed — before attackers get the upper hand.

automated Android bug-hunting system: Stunning Risk
Meet a tireless, AI-powered bug hunter that found 100+ zero-days in real Android apps — a potential game-changer for faster, wider vulnerability discovery. But beware: automation can flood teams with false positives, extra triage work, and tricky disclosure risks.

NetScaler appliances Must-Have Urgent Patch Alert
Citrix just released fixes for three critical NetScaler zero-days—one already exploited—so update and verify your appliances immediately. Then shore up defenses with segmentation, MFA and monitoring to reduce exposure while you patch.

Ivanti Zero-Days: Risky Threat — Must-Have Fixes
Ivanti Connect Secure appliances were recently abused via two zero-days to install MDifyLoader and unleash Cobalt Strike, turning trusted VPN gateways into powerful footholds for attackers. Act now: patch immediately, enforce MFA and segmentation, and ramp up monitoring and threat hunting to stop this fast-moving threat.

NCSC Unveils Vulnerability Research Institute to Strengthen UK Security
The NCSC’s new Vulnerability Research Institute is set to transform UK cybersecurity by teaming up with experts to spot and stop threats before they strike—making our digital world safer for everyone.

Cybersecurity Alert: Chinese Hackers ‘Salt Typhoon’ Target Viasat
Chinese hackers, known as ‘Salt Typhoon,’ are targeting Viasat in a significant cybersecurity breach. Stay informed about the latest threats.

Microsoft’s June Patch Tuesday: Two Zero-Day Vulnerabilities Needing Immediate Admin Attention
Microsoft’s June Patch Tuesday exposes two zero-day vulnerabilities. Admins must immediately patch to secure systems against potential attacks.

#Infosec2025: Top Six Cyber Trends CISOs Need to Know
Explore six key cyber trends shaping #Infosec2025. CISOs gain vital insights to secure assets and counter emerging digital threats.

Qualcomm Patches Three Zero-Day Exploits Targeting Android Devices via Adreno GPU
Qualcomm patches three zero-day vulnerabilities in its Adreno GPU, securing Android devices against critical exploits.

Major Zero-Day Exploits Uncovered in Versa Networks SD-WAN/SASE Platform
Major Zero-Day Exploits uncovered in Versa Networks’ SD-WAN/SASE platform pose critical risks requiring immediate security action.

Windows 11 and Red Hat Linux hacked on first day of Pwn2Own
Windows 11 and Red Hat Linux were hacked on day one of Pwn2Own, exposing critical vulnerabilities and sparking urgent security reviews.

New Fortinet and Ivanti Zero Days Exploited in the Wild
Fortinet and Ivanti zero-day vulnerabilities are actively exploited in the wild. Apply urgent patches to secure your network against evolving threats.

Microsoft Mitigates Seven Zero-Day Vulnerabilities in May Patch Tuesday Update
Microsoft patches seven zero-day vulnerabilities in its May Patch Tuesday update, fortifying defenses and protecting systems against emerging threats.

Rising Threat: Increased Zero-Day Vulnerabilities in Edge Devices
Edge devices face growing zero-day vulnerabilities that expose networks to critical risks. Discover emerging threats and proactive defense measures.

Google Reveals 75 Zero-Day Vulnerabilities in 2024, with 44% Targeting Enterprise Security Systems
Google reveals 75 zero-day vulnerabilities in 2024; 44% target enterprise security systems. Discover how these cyber threats impact global IT.

CraftChained Zero-Day Exploits in Craft CMS Unveil Alarming Security BreachCraft
two zero-day vulnerabilities in Craft CMS, a popular content management system.

Apple Addresses Two Zero-Day Vulnerabilities Targeting iPhones
Apple has released updates to fix two critical zero-day vulnerabilities in iPhones, enhancing security and protecting user data from potential threats.

Hertz Data Breach: Customer Information Compromised in Cleo Zero-Day Incident
Hertz data breach exposes customer information due to Cleo zero-day vulnerability, raising concerns over data security and privacy.