Zero-Day Archives

Vulnerabilities

SAP Zero-Day Possibly Exploited by Initial Access Broker

A zero-day vulnerability in SAP NetWeaver potentially affects more than 10,000 internet-facing applications.

Ionut ArghireApril 25, 2025

Threat Intelligence

Ethical Zero Day Marketplace Desired Effect Emerges From Stealth

Desired Effect provides an ethical vulnerability exchange marketplace to help defenders get ahead of attackers.

Kevin TownsendApril 23, 2025

Malware & Threats

Apple Quashes Two Zero-Days With iOS, MacOS Patches

The vulnerabilities are described as code execution and mitigation bypass issues that affect Apple’s iOS, iPadOS and macOS platforms.

Ryan NaraineApril 16, 2025

Malware & Threats

Microsoft Patches 125 Windows Vulns, Including Exploited CLFS Zero-Day

Patch Tuesday: Microsoft ships urgent cover for another WIndows CLFS vulnerability already exploited in the wild.

Ryan NaraineApril 8, 2025

Vulnerabilities

Apple Patches Recent Zero-Days in Older iPhones

Apple has released a hefty round of security updates for its desktop and mobile products, patching two recent zero-days in older iPhone models.

Ionut ArghireApril 1, 2025

Vulnerabilities

Firefox Affected by Flaw Similar to Chrome Zero-Day Exploited in Russia

Firefox developers have determined that their browser is affected by a vulnerability similar to the recent Chrome sandbox escape zero-day.

Eduard KovacsMarch 28, 2025

Vulnerabilities

Russian Firm Offers $4 Million for Telegram Exploits

A Russian exploit acquisition firm is offering up to $4 million for a full-chain exploit targeting messaging service Telegram.

Ionut ArghireMarch 24, 2025

Mobile & Wireless

Paragon Spyware Attacks Exploited WhatsApp Zero-Day

Attacks involving Paragon’s Graphite spyware involved a WhatsApp zero-day that could be exploited without any user interaction.

Eduard KovacsMarch 20, 2025

Malware & Threats

FreeType Zero-Day Being Exploited in the Wild

Meta’s Facebook security team warns of live exploitation of a zero-day vulnerability in the open-source FreeType library.

Ryan NaraineMarch 13, 2025

Vulnerabilities

Newly Patched Windows Zero-Day Exploited for Two Years

Microsoft on Tuesday patched a zero-day vulnerability in the Windows Win32 kernel that has been exploited since March 2023.

Ionut ArghireMarch 12, 2025

Mobile & Wireless

Apple Ships iOS 18.3.2 to Fix Already-Exploited WebKit Flaw

Apple warns that the WebKIt bug "may have been exploited in an extremely sophisticated attack against specific targeted individuals.”

Ryan NaraineMarch 11, 2025

Malware & Threats

Microsoft Flags Six Active Zero-Days, Patches 57 Flaws: Patch Tuesday

Redmond ships major security updates with warnings that a half-dozen Windows vulnerabilities have already been exploited in the wild.

Ryan NaraineMarch 11, 2025

IoT Security

Edimax Camera Zero-Day Disclosed by CISA Exploited by Botnets

Multiple Mirai-based botnets are exploiting CVE-2025-1316, an Edimax IP camera vulnerability that allows remote command execution.

Eduard KovacsMarch 7, 2025

Vulnerabilities

Exploited VMware ESXi Flaws Put Many at Risk of Ransomware, Other Attacks

Scans show that tens of thousands of VMware ESXi instances are affected by CVE-2025-22224 and other vulnerabilities disclosed recently as zero-days.

Eduard KovacsMarch 6, 2025

Vulnerabilities

New Windows Zero-Day Exploited by Chinese APT: Security Firm

ClearSky Cyber Security says it has seen a new Windows zero-day being exploited by a Chinese APT named Mustang Panda.

Eduard KovacsFebruary 14, 2025

Malware & Threats

Microsoft Patches ‘Wormable’ Windows Flaw and File-Deleting Zero-Day

The Microsoft Patch Tuesday machine hummed loudly this month with urgent fixes for a pair of already-exploited Windows zero-days.

Ryan NaraineFebruary 11, 2025

Trimble Cityworks zero-day CVE-2025-0994

ICS/OT

Trimble Cityworks Customers Warned of Zero-Day Exploitation

Trimble Cityworks is affected by a zero-day vulnerability that has been exploited in attacks involving the delivery of malware.

Eduard KovacsFebruary 7, 2025

Malware & Threats

Russian Hackers Exploited 7-Zip Zero-Day Against Ukraine

Russian threat groups have been observed exploiting a zero-day vulnerability in 7-Zip against Ukrainian entities.

Ionut ArghireFebruary 5, 2025

Vulnerabilities

SonicWall Confirms Exploitation of New SMA Zero-Day

SonicWall has confirmed that an SMA 1000 zero-day tracked as CVE-2025-23006 has been exploited in the wild.

Eduard KovacsJanuary 28, 2025

Mobile & Wireless

Apple Patches First Exploited iOS Zero-Day of 2025

Apple has released fixes for dozens of vulnerabilities in its mobile and desktop products, including an iOS zero-day exploited in attacks.

Ionut ArghireJanuary 28, 2025

SECURITYWEEK NETWORK:

ICS:

All posts tagged "Zero-Day"

Vulnerabilities

SAP Zero-Day Possibly Exploited by Initial Access Broker

Threat Intelligence

Ethical Zero Day Marketplace Desired Effect Emerges From Stealth

Malware & Threats

Apple Quashes Two Zero-Days With iOS, MacOS Patches

Malware & Threats

Microsoft Patches 125 Windows Vulns, Including Exploited CLFS Zero-Day

Vulnerabilities

Apple Patches Recent Zero-Days in Older iPhones

Vulnerabilities

Firefox Affected by Flaw Similar to Chrome Zero-Day Exploited in Russia

Vulnerabilities

Russian Firm Offers $4 Million for Telegram Exploits

Mobile & Wireless

Paragon Spyware Attacks Exploited WhatsApp Zero-Day

Malware & Threats

FreeType Zero-Day Being Exploited in the Wild

Vulnerabilities

Newly Patched Windows Zero-Day Exploited for Two Years

Mobile & Wireless

Apple Ships iOS 18.3.2 to Fix Already-Exploited WebKit Flaw

Malware & Threats

Microsoft Flags Six Active Zero-Days, Patches 57 Flaws: Patch Tuesday

IoT Security

Edimax Camera Zero-Day Disclosed by CISA Exploited by Botnets

Vulnerabilities

Exploited VMware ESXi Flaws Put Many at Risk of Ransomware, Other Attacks

Vulnerabilities

New Windows Zero-Day Exploited by Chinese APT: Security Firm

Malware & Threats

Microsoft Patches ‘Wormable’ Windows Flaw and File-Deleting Zero-Day

ICS/OT

Trimble Cityworks Customers Warned of Zero-Day Exploitation

Malware & Threats

Russian Hackers Exploited 7-Zip Zero-Day Against Ukraine

Vulnerabilities

SonicWall Confirms Exploitation of New SMA Zero-Day

Mobile & Wireless

Apple Patches First Exploited iOS Zero-Day of 2025

Featured

Cybercrime

Canadian Airline WestJet Hit by Cyberattack

Government

Industry Reactions to Trump Cybersecurity Executive Order: Feedback Friday

Vulnerabilities

Critical Vulnerability Exposes Many Mitel MiCollab Instances to Remote Hacking

Artificial Intelligence

The AI Arms Race: Deepfake Generation vs. Detection

IoT Security

New ‘SmartAttack’ Steals Air-Gapped Data Using Smartwatches

Cybercrime

Interpol Targets Infostealers: 20,000 IPs Taken Down, 32 Arrested, 216,000 Victims Notified

Artificial Intelligence

Cyera Raises $540 Million to Expand AI-Powered Data Security Platform

Latest News

Cloud Security

Google’s $32 Billion Wiz Deal Draws DOJ Antitrust Scrutiny: Report

Tracking & Law Enforcement

Archetyp Dark Web Market Shut Down by Law Enforcement

Data Breaches

Asheville Eye Associates Says 147,000 Impacted by Data Breach

Data Breaches

Zoomcar Says Hackers Accessed Data of 8.4 Million Users

Data Breaches

240,000 Impacted by Data Breach at Eyecare Tech Firm Ocuco

Ransomware

Anubis Ransomware Packs a Wiper to Permanently Delete Files

Artificial Intelligence

Red Teaming AI: The Build Vs Buy Debate

Daily Briefing Newsletter