Open Navigation

zero-day flaw

Palo Alto Networks’ firewall bug under attack brings fresh havoc to thousands of companies

Zack Whittaker
Organizations are urged to patch their Palo Alto firewalls after researchers discover evidence of malicious exploitation dating back to late March.

Hackers exploit zero-day to compromise tens of thousands of Cisco devices

Carly Page
Hackers have exploited an unpatched zero-day vulnerability in Cisco’s networking software to compromise tens of thousands of devices, researchers have warned. Cisco on Monday issued an advisory warn

Google patches zero-day exploited by commercial spyware vendor

Carly Page
Google has rushed to patch a zero-day vulnerability in Chrome that was exploited by a commercial spyware vendor. The vulnerability was reported to the Chrome team by Clement Lecigne of Google’s Thre

Hackers exploit WinRAR zero-day bug to steal funds from broker accounts

Carly Page
Cybercriminals are exploiting a zero-day vulnerability in WinRAR, the venerable shareware archiving tool for Windows, to target traders and steal funds. Cybersecurity company Group-IB discovered the v

Ivanti warns customers another zero-day is under active attack

Carly Page
U.S. software giant Ivanti has scrambled to patch another zero-day vulnerability under active attack. The vulnerability, tracked as CVE-2023-38035 with a vulnerability severity rating of 9.8 out of 10

Microsoft patches Windows zero-day bug used in ransomware attacks

Carly Page
Microsoft has patched a zero-day vulnerability affecting all supported versions of Windows, which researchers say hackers exploited to launch ransomware attacks. Microsoft said in a security alert on

Biden executive order bans federal agencies from using commercial spyware

Zack Whittaker
The Biden administration on Monday announced a new executive order that would broadly ban U.S. federal agencies from using commercially developed spyware that poses threats to human rights and nationa

Security giant Rubrik says hackers used Fortra zero-day to steal internal data

Carly Page
Silicon Valley–based data security company Rubrik has come forward as the latest victim of the Fortra GoAnywhere zero-day vulnerability, which has been linked to hacks targeting a hospital chain and

Apple releases new fix for iPhone zero-day exploited by hackers

Lorenzo Franceschi-Bicchierai
Apple on Monday released a new version of the iPhone and iPad’s operating systems to fix a vulnerability that hackers were exploiting in the wild, meaning they were taking advantage of it to hack Ap

NSA says Chinese hackers are exploiting a zero-day bug in popular networking gear

Carly Page
The U.S. National Security Agency is warning that Chinese government-backed hackers are exploiting a zero-day vulnerability in two widely used Citrix networking products to gain access to targeted net

Microsoft says two new Exchange zero-day bugs under active attack, but no immediate fix

Carly Page
Microsoft has confirmed two unpatched Exchange Server zero-day vulnerabilities are being exploited by cybercriminals in real-world attacks. Vietnamese cybersecurity company GTSC, which first discovere

Zero-Day IE Flaw Highlights The Danger Of Lingering Windows XP Market Share

Alex Wilhelm
If you are reading this in Internet Explorer, you should probably close it and fire up Chrome -- and come back after a newly reported zero-day flaw is patched. Even the U.S. and U.K. governments are w