Mobile & Wireless Predator Spyware Delivered to iOS, Android Devices via Zero-Days, MitM Attacks Predator spyware delivered to iPhones and Android devices using iOS and Chrome zero-day vulnerabilities and MitM attacks. Eduard Kovacs3 days ago
Mobile & Wireless Apple Patches 3 Zero-Days Likely Exploited by Spyware Vendor to Hack iPhones Apple has patched 3 zero-day vulnerabilities that have likely been exploited by a spyware vendor to hack iPhones. Eduard Kovacs6 days ago
Endpoint Security Trend Micro Patches Exploited Zero-Day Vulnerability in Endpoint Security Products Trend Micro has patched CVE-2023-41179, an Apex One zero-day code execution vulnerability that has been exploited in attacks. Eduard KovacsSeptember 19, 2023
Malware & Threats After Apple and Google, Mozilla Also Patches Zero-Day Exploited for Spyware Delivery After Apple and Google, Mozilla has also patched an image processing-related zero-day vulnerability exploited by spyware. Eduard KovacsSeptember 13, 2023
Malware & Threats Zero-Day Summer: Microsoft Warns of Fresh New Software Exploits Microsoft’s struggles with zero-day exploits rolled into a new month with a fresh Patch Tuesday warning about malware attacks in the wild. Ryan NaraineSeptember 12, 2023
Vulnerabilities Google Patches Chrome Zero-Day Reported by Apple, Spyware Hunters Google has released a Chrome 116 security update to patch CVE-2023-4863, the fourth Chrome zero-day vulnerability documented in 2023. Ionut ArghireSeptember 12, 2023
Malware & Threats Cisco ASA Zero-Day Exploited in Akira Ransomware Attacks Cisco is warning of a zero-day vulnerability in Cisco ASA and FTD that can be exploited remotely, without authentication, in brute force attacks. Ionut ArghireSeptember 8, 2023
Mobile & Wireless Android Zero-Day Patched With September 2023 Security Updates Android’s September 2023 security update resolves a high-severity elevation of privilege vulnerability exploited in malicious attacks. Ionut ArghireSeptember 6, 2023
Cybercrime Traders Targeted by Cybercriminals in Attack Exploiting WinRAR Zero-Day A financially motivated cybercrime group has exploited a WinRAR zero-day to deliver malware to traders and steal their money. Eduard KovacsAugust 24, 2023
Vulnerabilities Exploitation of Ivanti Sentry Zero-Day Confirmed While initially it was unclear if the Ivanti Sentry vulnerability CVE-2023-38035 has been exploited, the vendor and CISA have now confirmed it. Eduard KovacsAugust 23, 2023
Vulnerabilities CISA Warns Organizations of Exploited Vulnerability Affecting .NET, Visual Studio CISA has added CVE-2023-38180, a zero-day vulnerability affecting .NET and Visual Studio, to its Known Exploited Vulnerabilities Catalog. Eduard KovacsAugust 10, 2023
Malware & Threats Ivanti Zero-Day Exploited by APT Since at Least April in Norwegian Government Attack The recently patched Ivanti EPMM zero-day CVE-2023-35078 has been exploited to hack the Norwegian government since at least April 2023. Eduard KovacsAugust 2, 2023