Collaborate Disseminate
By Waqas
Using Google Chrome? Update your browser to the latest version right now!
This is a post from HackRead.com Read the original post: Google Patches Critical Chrome Vulnerability and Additional Flaws
Continue reading Google Patches Critical Chrome Vulnerability and Additional Flaws
By Deeba Ahmed
Popular File Transfer Software Hit by Zero-Day Exploit: Millions Potentially Exposed – Install Patches Right Now!
This is a post from HackRead.com Read the original post: Popular File Transfer Software CrushFTP Hit by Zero-Day Exploit
Continue reading Popular File Transfer Software CrushFTP Hit by Zero-Day Exploit
A state-sponsored threat actor has managed to compromise Cisco Adaptive Security Appliances (ASA) used on government networks across the globe and use two zero-day vulnerabilities (CVE-2024-20353, CVE-2024-20359) to install backdoors on them, Cisco Tal… Continue reading Hackers backdoored Cisco ASA devices via two zero-days (CVE-2024-20353, CVE-2024-20359)
For nearly four years and perhaps even longer, Forest Blizzard (aka Fancy Bear, aka APT28) has been using a custom tool that exploits a specific vulnerability in Windows Print Spooler service (CVE-2022-38028). Dubbed GooseEgg, the tool is a launcher ap… Continue reading Russian hackers’ custom tool exploits old Windows Print Spooler flaw (CVE-2022-38028)
2023 saw attackers increasingly focusing on the discovery and exploitation of zero-day vulnerabilities in third-party libraries (libvpx, ImagelO) and drivers (Mali GPU, Qualcomm Adreno GPU), as they can affect multiple products and effectively offer mo… Continue reading Zero-day exploitation surged in 2023, Google finds
Apple has fixed two iOS zero-day vulnerabilities (CVE-2024-23225, CVE-2024-23296) exploited by attackers in the wild. CVE-2024-23225 and CVE-2024-23296 On Tuesday, Apple released security updates for all three supported branches of iOS and iPadOS. iOS … Continue reading Apple fixes two actively exploited iOS zero-days (CVE-2024-23225, CVE-2024-23296)
On February 2024 Patch Tuesday, Microsoft has delivered fixes for 72 CVE-numbered vulnerabilities, including two zero-days (CVE-2024-21412, CVE-2024-21351) that are being leveraged by attackers in the wild. About CVE-2024-21412 and CVE-2024-21351 CVE-2… Continue reading Microsoft patches two zero-days exploited by attackers (CVE-2024-21412, CVE-2024-21351)
A zero-day vulnerability that, when triggered, could crash the Windows Event Log service on all supported (and some legacy) versions of Windows could spell trouble for enterprise defenders. Discovered by a security researcher named Florian and reported… Continue reading A zero-day vulnerability (and PoC) to blind defenses relying on Windows event logs
Apple has fixed an actively exploited zero-day vulnerability (CVE-2024-23222) that affects Macs, iPhones, iPads and AppleTVs. About CVE-2024-23222 CVE-2024-23222 is a type confusion issue that affects WebKit – Apple’s browser engine used in… Continue reading Apple fixes actively exploited WebKit zero-day (CVE-2024-23222)
In the new stable release of the Chrome browser, Google has fixed three security vulnerabilities affecting the V8 engine, including one zero-day (CVE-2024-0519) with an existing exploit. About CVE-2024-0519 V8 is an open-source JavaScript and WebAssemb… Continue reading Google fixes actively exploited Chrome zero-day (CVE-2024-0519)