Security News

Google fixes Android zero-day exploited by Serbian authorities
2025-03-04 11:38

Google has released patches for 43 vulnerabilities in Android's March 2025 security update, including two zero-days. Serbian authorities have used one of the zero-days to unlock confiscated devices. [...]

⚡ THN Weekly Recap: Alerts on Zero-Day Exploits, AI Breaches, and Crypto Heists
2025-03-03 11:58

This week, a 23-year-old Serbian activist found themselves at the crossroads of digital danger when a sneaky zero-day exploit turned their Android device into a target. Meanwhile, Microsoft pulled...

Amnesty Finds Cellebrite’s Zero-Day Used to Unlock Serbian Activist’s Android Phone
2025-02-28 16:48

A 23-year-old Serbian youth activist had their Android phone targeted by a zero-day exploit developed by Cellebrite to unlock the device, according to a new report from Amnesty International. "The...

Serbian police used Cellebrite zero-day hack to unlock Android phones
2025-02-28 16:27

Serbian authorities have reportedly used an Android zero-day exploit chain developed by Cellebrite to unlock the device of a student activist in the country and attempt to install spyware. [...]

Microsoft fixes Power Pages zero-day bug exploited in attacks
2025-02-20 14:34

Microsoft has issued a security bulletin for a high-severity elevation of privilege vulnerability in Power Pages, which hackers exploited as a zero-day in attacks. [...]

A PostgreSQL zero-day was also exploited in US Treasury hack (CVE-2025-1094)
2025-02-17 13:48

The suspected Chinese state-sponsored hackers who breached workstations of several US Treasury employees in December 2024 did so by leveraging not one, but two zero-days, according to Rapid7...

Critical PostgreSQL bug tied to zero-day attack on US Treasury
2025-02-14 14:19

High-complexity bug unearthed by infoseccers, as Rapid7 probes exploit further A high-severity SQL injection bug in the PostgreSQL interactive tool was exploited alongside the zero-day used to...

PostgreSQL flaw exploited as zero-day in BeyondTrust breach
2025-02-14 14:15

​Rapid7's vulnerability research team says attackers exploited a PostgreSQL security flaw as a zero-day to breach the network of privileged access management company BeyondTrust in December. [...]

PostgreSQL Vulnerability Exploited Alongside BeyondTrust Zero-Day in Targeted Attacks
2025-02-14 05:03

Threat actors who were behind the exploitation of a zero-day vulnerability in BeyondTrust Privileged Remote Access (PRA) and Remote Support (RS) products in December 2024 likely also exploited a...

Patch Tuesday: Microsoft Patches Two Actively Exploited Zero-Day Flaws
2025-02-12 20:25

February’s report on Microsoft patches includes 56 vulnerabilities, two of which are zero-day flaws that have been exploited.