Malware & Threats Outlook Plays Attacker Tunes: Vulnerability Chain Leading to Zero-Click RCE Akamai researchers document more vulnerabilities and patch bypasses leading to zero-click remote code execution in Microsoft Outlook. Ionut ArghireDecember 19, 2023
Mobile & Wireless Apple Sets Trap to Catch iMessage Impersonators New iMessage Contact Key Verification feature in Apple's iOS and macOS platforms help catch impersonators on its iMessage service. Ryan NaraineDecember 12, 2023
Vulnerabilities Google Patches Seventh Chrome Zero-Day of 2023 The latest Chrome security update addresses the seventh exploited zero-day vulnerability documented in the browser in 2023. Ionut ArghireNovember 29, 2023
Government UK, Korea Warn of DPRK Supply Chain Attacks Involving Zero-Day Flaws UK and Korea say DPRK state-sponsored hackers targeted governments, defense organizations via supply chain attacks. Ionut ArghireNovember 27, 2023
Ransomware SysAid Zero-Day Vulnerability Exploited by Ransomware Group CVE-2023-47246 zero-day vulnerability in SysAid IT service management software has been exploited by Cl0p ransomware affiliates. Eduard KovacsNovember 9, 2023
Malware & Threats Apache ActiveMQ Vulnerability Exploited as Zero-Day The recently patched Apache ActiveMQ vulnerability tracked as CVE-2023-46604 has been exploited as a zero-day since at least October 10. Eduard KovacsNovember 3, 2023
Malware & Threats Russian Hackers Caught Exploiting Roundcube Webmail Zero-Day Russian APT Winter Vivern exploits a zero-day in the Roundcube webmail server in attacks targeting European governments. Ionut ArghireOctober 25, 2023
Malware & Threats Number of Cisco Devices Hacked via Zero-Day Remains High as Attackers Update Implant The number of Cisco devices hacked via recent zero-days remains high, but the attackers have updated their implant. Eduard KovacsOctober 24, 2023
Malware & Threats Cisco Finds Second Zero-Day as Number of Hacked Devices Apparently Drops Cisco has found a second zero-day vulnerability that has been exploited in recent attacks as the number of hacked devices has started dropping. Eduard KovacsOctober 23, 2023
Vulnerabilities Recent NetScaler Vulnerability Exploited as Zero-Day Since August Mandiant says the recently patched Citrix NetScaler vulnerability CVE-2023-4966 had been exploited as zero-day since August. Ionut ArghireOctober 18, 2023
Malware & Threats Tens of Thousands of Cisco Devices Hacked via Zero-Day Vulnerability Tens of thousands of Cisco devices have reportedly been hacked via the exploitation of the zero-day vulnerability CVE-2023-20198. Eduard KovacsOctober 18, 2023
Vulnerabilities Cisco Devices Hacked via IOS XE Zero-Day Vulnerability Cisco is warning customers that a new IOS XE zero-day vulnerability tracked as CVE-2023-20198 is being exploited to hack devices. Eduard KovacsOctober 17, 2023