Tag Archives: zeroday

Apple patches 0-day exploited in “extremely sophisticated attack”

Apple on Tuesday patched a critical zero-day vulnerability in virtually all iPhones and iPad models it supports and said it may have been exploited in “an extremely sophisticated attack against specific targeted individuals” using older versions of iOS. The vulnerability, tracked as CVE-2025-24201, resides in Webkit, the browser engine driving Safari and all other browsers… Read More »

FortiGate admins report active exploitation 0-day. Vendor isn’t talking.

Citing the Reddit comment, Beaumont took to Mastodon to explain: “People are quite openly posting what is happening on Reddit now, threat actors are registering rogue FortiGates into FortiManager with hostnames like ‘localhost’ and using them to get RCE.” Beaumont wasn’t immediately available to elaborate. In the same thread, another user said that based on… Read More »

WinRAR 0-day that uses poisoned JPG and TXT files under exploit since April

Getty Images reader comments 43 with A newly discovered zero-day in the widely used WinRAR file-compression program has been exploited for four months by unknown attackers who are using it to install malware when targets open booby-trapped JPGs and other innocuous inside file archives. The vulnerability, residing in the way WinRAR processes the ZIP file… Read More »

How an unpatched Microsoft Exchange 0-day likely caused one of the UK’s biggest hacks ever

Enlarge / Building with Microsoft logo. Getty Images reader comments 8 with It’s looking more and more likely that a critical zero-day vulnerability that went unfixed for more than a month in Microsoft Exchange was the cause of one of the UK’s biggest hacks ever—the breach of the country’s Electoral Commission, which exposed data for… Read More »

Critical Barracuda 0-day was used to backdoor networks for 8 months

reader comments 15 with A critical vulnerability patched 10 days ago in widely used email software from IT security company Barracuda Networks has been under active exploitation since October. The vulnerability has been used to install multiple pieces of malware inside large organization networks and steal data, Barracuda said Tuesday. The software bug, tracked as… Read More »

Hackers drain bitcoin ATMs of $1.5 million by exploiting 0-day bug

Enlarge / A BATM sold by General Bytes. General Bytes reader comments 68 with Share this story Hackers drained millions of dollars in digital coins from cryptocurrency ATMs by exploiting a zero-day vulnerability, leaving customers on the hook for losses that can’t be reversed, the kiosk manufacturer has revealed. The heist targeted ATMs sold by… Read More »

Chrome, Defender, and Firefox 0-days linked to commercial IT firm in Spain

reader comments 13 with 0 posters participating Share this story Google researchers said on Wednesday they have linked a Barcelona, Spain-based IT company to the sale of advanced software frameworks that exploit vulnerabilities in Chrome, Firefox, and Windows Defender. Variston IT bills itself as a provider of tailor-made Information security solutions, including technology for embedded… Read More »

Apple rushes out patch for iPhone and iPad 0-day reported by anonymous source

reader comments 31 with 21 posters participating, including story author Share this story Apple on Monday patched a high-severity zero-day vulnerability that gives attackers the ability to remotely execute malicious code that runs with the highest privileges inside the operating system kernel of fully up-to-date iPhones and iPads. In an advisory, Apple said that CVE-2022-42827,… Read More »

High-severity Microsoft Exchange 0-day under attack threatens 220,000 servers

reader comments 26 with 22 posters participating Share this story Microsoft late Thursday confirmed the existence of two critical vulnerabilities in its Exchange application that have already compromised multiple servers and pose a serious risk to an estimated 220,000 more around the world. The currently unpatched security flaws have been under active exploit since early… Read More »