Security News

Apple fixes two zero-days used in attacks on Intel-based Macs
2024-11-19 21:52

Apple released emergency security updates to fix two zero-day vulnerabilities that were exploited in attacks on Intel-based Mac systems. [...]

Microsoft announces Zero Day Quest hacking event with big rewards
2024-11-19 19:04

Microsoft is enhancing its bug bounty initiatives with the launch of the Zero Day Quest hacking event. With $4 million in potential rewards, it focuses on driving research in critical areas such...

Palo Alto Networks tackles firewall-busting zero-days with critical patches
2024-11-19 15:29

Amazing that these two bugs got into a production appliance, say researchers Palo Alto Networks (PAN) finally released a CVE identifier and patch for the zero-day exploit that caused such a fuss...

Microsoft launches Zero Day Quest hacking event with $4 million in rewards
2024-11-19 13:30

​Microsoft announced today at its Ignite annual conference in Chicago, Illinois, that it's expanding its bug bounty programs with Zero Day Quest, a new hacking event focusing on cloud and AI...

Chinese hackers exploit Fortinet VPN zero-day to steal credentials
2024-11-18 21:20

Chinese threat actors use a custom post-exploitation toolkit named 'DeepData' to exploit a zero-day vulnerability in Fortinet's FortiClient Windows VPN client that steal credentials. [...]

Palo Alto Networks patches two firewall zero-days used in attacks
2024-11-18 20:50

Palo Alto Networks has finally released security updates for an actively exploited zero-day vulnerability in its Next-Generation Firewalls (NGFW). [...]

Most of 2023’s Top Exploited Vulnerabilities Were Zero-Days
2024-11-18 15:49

Zero-day vulnerabilities are more commonly used, according to the Five Eyes: Key Findings In 2023, malicious cyber actors exploited more zero-day vulnerabilities to compromise enterprise networks...

Attackers are exploiting 2 zero-days in Palo Alto Networks firewalls (CVE-2024-0012, CVE-2024-9474)
2024-11-18 15:28

Palo Alto Networks has released fixes for two vulnerabilities (CVE-2024-0012 and CVE-2024-9474) in its next-generation firewalls that have been exploited by attackers as zero-days. About the...

NSO Group used another WhatsApp zero-day after being sued, court docs say
2024-11-15 22:04

Israeli surveillance firm NSO Group reportedly used multiple zero-day exploits, including an unknown one named "Erised," that leveraged WhatsApp vulnerabilities to deploy Pegasus spyware in...

Mystery Palo Alto Networks hijack-my-firewall zero-day now officially under exploit
2024-11-15 21:07

Yank access to management interface, stat A critical zero-day vulnerability in Palo Alto Networks' firewall management interface that can allow an unauthenticated attacker to remotely execute code...