Security News

Botnet exploits GeoVision zero-day to install Mirai malware
2024-11-15 19:39

A malware botnet is exploiting a zero-day vulnerability in end-of-life GeoVision devices to compromise and recruit them for likely DDoS or cryptomining attacks. [...]

Palo Alto Networks warns of critical RCE zero-day exploited in attacks
2024-11-15 14:44

Palo Alto Networks is warning that a critical zero-day vulnerability on Next-Generation Firewalls (NGFW) management interfaces, currently tracked as 'PAN-SA-2024-0015,' is actively being exploited...

How a Windows zero-day was exploited in the wild for months (CVE-2024-43451)
2024-11-14 09:57

CVE-2024-43451, a Windows zero-day vulnerability for which Microsoft released a fix on November 2024 Patch Tuesday, has been exploited since at least April 2024, ClearSky researchers have...

Zero-days dominate top frequently exploited vulnerabilities
2024-11-14 05:00

A joint report by leading cybersecurity agencies from the U.S., UK, Canada, Australia, and New Zealand has identified the most commonly exploited vulnerabilities of 2023. Zero-day vulnerabilities...

Microsoft patches Windows zero-day exploited in attacks on Ukraine
2024-11-13 21:33

Suspected Russian hackers were caught exploiting a recently patched Windows vulnerability as a zero-day in ongoing attacks targeting Ukrainian entities. [...]

Microsoft fixes actively exploited zero-days (CVE-2024-43451, CVE-2024-49039)
2024-11-12 20:49

November 2024 Patch Tuesday is here, and Microsoft has dropped fixes for 89 new security issues in its various products, two of which – CVE-2024-43451 and CVE-2024-49039 – are actively exploited...

Microsoft November 2024 Patch Tuesday fixes 4 zero-days, 89 flaws
2024-11-12 19:00

Today is Microsoft's November 2024 Patch Tuesday, which includes security updates for 89 flaws, including four zero-days, two of which are actively exploited. [...]

Microsoft November 2024 Patch Tuesday fixes 4 zero-days, 91 flaws
2024-11-12 19:00

Today is Microsoft's November 2024 Patch Tuesday, which includes security updates for 91 flaws, including four zero-days, two of which are actively exploited. [...]

Google fixes two Android zero-days used in targeted attacks
2024-11-05 14:30

Google fixed two actively exploited Android zero-day flaws as part of its November security updates, addressing a total of 51 vulnerabilities. [...]

Google’s AI Tool Big Sleep Finds Zero-Day Vulnerability in SQLite Database Engine
2024-11-04 10:04

Google said it discovered a zero-day vulnerability in the SQLite open-source database engine using its large language model (LLM) assisted framework called Big Sleep (formerly Project Naptime)....