Collaborate Disseminate
CVE-2024-21412, one of the security bypass zero-days fixed by Microsoft with Patch Tuesday updates, exploited by Water Hydra (DarkCasino).
The post Windows Zero-Day Exploited in Attacks on Financial Market Traders appeared first on SecurityWeek.
Continue reading Windows Zero-Day Exploited in Attacks on Financial Market Traders
Fortinet patches CVE-2024-21762, a critical remote code execution vulnerability that may have been exploited in the wild.
The post Fortinet Warns of New FortiOS Zero-Day appeared first on SecurityWeek.
Continue reading Fortinet Warns of New FortiOS Zero-Day
More than 60 of the Adobe, Google, Android, Microsoft, Mozilla and Apple zero-days that have come to light since 2016 attributed to spyware vendors.
The post Google Links Over 60 Zero-Days to Commercial Spyware Vendors appeared first on SecurityWeek.
Continue reading Google Links Over 60 Zero-Days to Commercial Spyware Vendors
In an unprecedented move, CISA is demanding that federal agencies disconnect all instances of Ivanti Connect Secure and Ivanti Policy Secure products within 48 hours.
The post CISA Sets 48-hour Deadline for Removal of Insecure Ivanti Products appeared … Continue reading CISA Sets 48-hour Deadline for Removal of Insecure Ivanti Products
Akamai flags six zero-day vulnerabilities in Hitron DVRs exploited to ensnare devices in the InfectedSlurs botnet.
The post Hitron DVR Zero-Day Vulnerabilities Exploited by InfectedSlurs Botnet appeared first on SecurityWeek.
Continue reading Hitron DVR Zero-Day Vulnerabilities Exploited by InfectedSlurs Botnet
Apple pushes out fresh versions of its iOS and macOS platforms to fix WebKit vulnerabilities being exploited as zero-day in the wild.
The post Apple Ships iOS 17.3, Warns of WebKit Zero-Day Exploitation appeared first on SecurityWeek.
Continue reading Apple Ships iOS 17.3, Warns of WebKit Zero-Day Exploitation
Every month I’m reading about some zero-day vulnerability being exploited in Google Chrome. I’d like to roughly compare the situation with Firefox in some objective way. It’s ok if it does not fully capture everything (undisclosed vulnerab… Continue reading How can I get a count of high risk vulnerabilities of web browsers? [closed]
Citrix is aware of attacks exploiting two new NetScaler ADC and Gateway zero-day vulnerabilities tracked as CVE-2023-6548 and CVE-2023-6549.
The post Citrix Warns NetScaler ADC Customers of New Zero-Day Exploitation appeared first on SecurityWeek.
Continue reading Citrix Warns NetScaler ADC Customers of New Zero-Day Exploitation
The exploited zero-day, tagged as CVE-2024-0519, is described as an out-of-bounds memory access issue in the V8 JavaScript engine.
The post Google Warns of Chrome Browser Zero-Day Being Exploited appeared first on SecurityWeek.
Continue reading Google Warns of Chrome Browser Zero-Day Being Exploited
The recently disclosed Ivanti VPN zero-days have been exploited to hack at least 1,700 devices, including government, telecoms, defense, and tech.
The post Government, Military Targeted as Widespread Exploitation of Ivanti Zero-Days Begins appeared fir… Continue reading Government, Military Targeted as Widespread Exploitation of Ivanti Zero-Days Begins