Security News

Hackers exploit 52 zero-days on the first day of Pwn2Own Ireland
2024-10-23 14:01

On the first day of Pwn2Own Ireland, participants demonstrated 52 zero-day vulnerabilities across a range of devices, earning a total of $486,250 in cash prizes. [...]

CISA Adds ScienceLogic SL1 Vulnerability to Exploited Catalog After Active Zero-Day Attack
2024-10-22 04:47

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added a critical security flaw impacting ScienceLogic SL1 to its Known Exploited Vulnerabilities (KEV) catalog, following...

Open source LLM tool primed to sniff out Python zero-days
2024-10-20 09:00

The static analyzer uses Claude AI to identify vulns and suggest exploit code Researchers with Seattle-based Protect AI plan to release a free, open source tool that can find zero-day...

Google: 70% of exploited flaws disclosed in 2023 were zero-days
2024-10-16 22:12

Google Mandiant security analysts warn of a worrying new trend of threat actors demonstrating a better capability to discover and exploit zero-day vulnerabilities in software. [...]

Malicious ads exploited Internet Explorer zero day to drop malware
2024-10-16 13:59

The North Korean hacking group ScarCruft launched a large-scale attack in May that leveraged an Internet Explorer zero-day flaw to infect targets with the RokRAT malware and exfiltrate data. [...]

North Korean ScarCruft Exploits Windows Zero-Day to Spread RokRAT Malware
2024-10-16 10:50

The North Korean threat actor known as ScarCruft has been linked to the zero-day exploitation of a now-patched security flaw in Windows to infect devices with malware known as RokRAT. The...

The Rise of Zero-Day Vulnerabilities: Why Traditional Security Solutions Fall Short
2024-10-15 11:00

In recent years, the number and sophistication of zero-day vulnerabilities have surged, posing a critical threat to organizations of all sizes. A zero-day vulnerability is a security flaw in...

Week in review: Microsoft fixes two exploited zero-days, SOC teams are losing trust in security tools
2024-10-13 08:00

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Microsoft patches two zero-days exploited in the wild (CVE-2024-43573, CVE-2024-43572) For October...

Actively exploited Firefox zero-day fixed, update ASAP! (CVE-2024-9680)
2024-10-10 12:29

Mozilla has pushed out an emergency update for its Firefox and Firefox ESR browsers to fix a vulnerability (CVE-2024-9680) that is being exploited in the wild. About CVE-2024-9680 Reported by ESET...

Firefox Zero-Day Under Attack: Update Your Browser Immediately
2024-10-10 04:24

Mozilla has revealed that a critical security flaw impacting Firefox and Firefox Extended Support Release (ESR) has come under active exploitation in the wild. The vulnerability, tracked as...