Security News

Russian cybercrooks exploiting 7-Zip zero-day vulnerability (CVE-2025-0411)
2025-02-04 13:02

CVE-2025-0411, a Mark-of-the-Web bypass vulnerability in the open-source archiver tool 7-Zip that was fixed in November 2024, has been exploited in zero-day attacks to deliver malware to Ukrainian...

Google fixes Android kernel zero-day exploited in attacks
2025-02-03 20:10

The February 2025 Android security updates patch 48 vulnerabilities, including a zero-day kernel vulnerability that has been exploited in the wild. [...]

BeyondTrust Zero-Day Breach Exposed 17 SaaS Customers via Compromised API Key
2025-02-01 06:40

BeyondTrust has revealed it completed an investigation into a recent cybersecurity incident that targeted some of the company's Remote Support SaaS instances by making use of a compromised API...

Apple zero-day vulnerability exploited to target iPhone users (CVE-2025-24085)
2025-01-28 11:10

Apple has shipped a fix for a zero-day vulnerability (CVE-2025-24085) that is being leveraged by attackers against iPhone users. About CVE-2025-24085 CVE-2025-24085 is a use after free bug in...

Apple Patches Actively Exploited Zero-Day Affecting iPhones, Macs, and More
2025-01-28 03:23

Apple has released software updates to address several security flaws across its portfolio, including a zero-day vulnerability that it said has been exploited in the wild. The vulnerability,...

Apple fixes this year’s first actively exploited zero-day bug
2025-01-27 19:17

​Apple has released security updates to fix this year's first zero-day vulnerability, tagged as actively exploited in attacks targeting iPhone users. [...]

Hackers get $886,250 for 49 zero-days at Pwn2Own Automotive 2025
2025-01-24 13:00

​The Pwn2Own Automotive 2025 hacking contest has ended with security researchers collecting $886,250 after exploiting 49 zero-days. [...]

SonicWall flags critical bug likely exploited as zero-day, rolls out hotfix
2025-01-23 16:36

Big organizations and governments are main users of these gateways SonicWall is warning customers of a critical vulnerability that was potentially already exploited as a zero-day.…

SonicWall warns of SMA1000 RCE flaw exploited in zero-day attacks
2025-01-23 15:45

SonicWall is warning about a pre-authentication deserialization vulnerability in SonicWall SMA1000 Appliance Management Console (AMC) and Central Management Console (CMC), with reports that it has...

SonicWall SMA appliances exploited in zero-day attacks (CVE-2025-23006)
2025-01-23 08:57

A critical zero-day vulnerability (CVE-2025-23006) affecting SonicWall Secure Mobile Access (SMA) 1000 Series appliances is being exploited by attackers. “We strongly advises users of the SMA1000...