Zero-Day Archives

Mobile & Wireless

Apple Patches 3 Exploited WebKit Zero-Day Vulnerabilities

Apple has patched 3 zero-days, two of which are the vulnerabilities patched with the tech giant’s first Rapid Security Response updates.

Eduard KovacsMay 19, 2023

Vulnerabilities

Microsoft Makes Second Attempt to Patch Recent Outlook Zero-Day

Microsoft has rolled out patches for a vulnerability allowing attackers to bypass mitigations for a critical Outlook zero-day leading to credentials theft.

Ionut ArghireMay 11, 2023

Mobile & Wireless

Android Security Update Patches Kernel Vulnerability Exploited by Spyware Vendor

Google’s latest Android security updates patch over 40 vulnerabilities, including CVE-2023-0266, a kernel flaw exploited as a zero-day by a spyware vendor.

Eduard KovacsMay 5, 2023

Data Breaches

Fortra Completes Investigation Into GoAnywhere Zero-Day Incident

Fortra has shared a summary of its investigation into the GoAnywhere zero-day incident that hit dozens of the company’s customers earlier this year.

Eduard KovacsApril 20, 2023

Vulnerabilities

Google Patches Second Chrome Zero-Day Vulnerability of 2023

Google warns of another zero-day vulnerability in Chrome, only days after addressing a similar issue.

Ionut ArghireApril 19, 2023

Malware & Threats

NSO Group Used at Least 3 iOS Zero-Click Exploits in 2022: Citizen Lab

NSO Group used at least three iOS zero-click exploits in Pegasus attacks in 2022: FindMyPwn, PwnYourHome, and LatentImage.

Eduard KovacsApril 18, 2023

Vulnerabilities

Google Warns of New Chrome Zero-Day Attack

The high-severity vulnerability, tracked as CVE-2023-2033, is described as a type confusion in the Chrome V8 JavaScript engine.

Ryan NaraineApril 14, 2023

Ransomware

Windows Zero-Day Exploited in Nokoyawa Ransomware Attacks

A Windows zero-day tracked as CVE-2023-28252 and fixed by Microsoft with its April Patch Tuesday updates has been exploited in Nokoyawa ransomware attacks.

Eduard KovacsApril 12, 2023