Security News

Mitel MiCollab zero-day flaw gets proof-of-concept exploit
2024-12-05 11:00

Researchers have uncovered an arbitrary file read zero-day in the Mitel MiCollab collaboration platform, allowing attackers to access files on a server's filesystem. [...]

Japan warns of IO-Data zero-day router flaws exploited in attacks
2024-12-04 15:28

Japan's CERT is warning that hackers are exploiting zero-day vulnerabilities in I-O Data router devices to modify device settings, execute commands, or even turn off the firewall. [...]

New Windows Server 2012 zero-day gets free, unofficial patches
2024-11-29 17:00

Free unofficial security patches have been released through the 0patch platform to address a zero-day vulnerability introduced over two years ago in the Windows Mark of the Web (MotW) security...

Zero-day data security
2024-11-27 05:00

In this Help Net Security video, Carl Froggett, CIO of Deep Instinct, discusses the complexities of modern cloud architectures and why current defenses are falling short. He talks about the rise...

Firefox and Windows zero-days exploited by Russian RomCom hackers
2024-11-26 12:13

​Russian-based RomCom cybercrime group chained two zero-day vulnerabilities in recent attacks targeting Firefox and Tor Browser users across Europe and North America. [...]

RomCom Exploits Zero-Day Firefox and Windows Flaws in Sophisticated Cyberattacks
2024-11-26 10:34

The Russia-aligned threat actor known as RomCom has been linked to the zero-day exploitation of two security flaws, one in Mozilla Firefox and the other in Microsoft Windows, as part of attacks...

RomCom hackers chained Firefox and Windows zero-days to deliver backdoor
2024-11-26 10:00

Russia-aligned APT group RomCom was behind attacks that leveraged CVE-2024-9680, a remote code execution flaw in Firefox, and CVE-2024-49039, an elevation of privilege vulnerability in Windows...

Apple Patches Two Zero-Day Attack Vectors
2024-11-21 19:55

Threat actors exploited two vulnerabilities in Intel-based machines. Google’s Threat Analysis Group discovered the flaws.

Apple fixes 2 zero-days exploited to breach macOS systems (CVE-2024-44309, CVE-2024-44308)
2024-11-20 10:48

Apple has released emergency security updates for macOS Sequoia that fix two zero-day vulnerabilities (CVE-2024-44309, CVE-2024-44308) that “may have been actively exploited on Intel-based Mac...

Apple Releases Urgent Updates to Patch Actively Exploited Zero-Day Vulnerabilities
2024-11-20 04:37

Apple has released security updates for iOS, iPadOS, macOS, visionOS, and its Safari web browser to address two zero-day flaws that have come under active exploitation in the wild. The flaws are...