SonicWall hit by attackers leveraging zero-day vulnerabilities in its own products?
On Friday evening, SonicWall announced that it “identified a coordinated attack on its internal systems by highly sophisticated threat actors exploiting probable …
Google fixes two actively exploited Chrome zero-days (CVE-2020-16009, CVE-2020-16010)
For the third time in two weeks, Google has patched Chrome zero-day vulnerabilities that are being actively exploited in the wild: CVE-2020-16009 is present in the desktop …
Google discloses actively exploited Windows zero-day (CVE-2020-17087)
Google researchers have made public a Windows kernel zero day vulnerability (CVE-2020-17087) that is being exploited in the wild in tandem with a Google Chrome flaw …
Attackers are exploiting two zero-day flaws in Cisco enterprise-grade routers
A technical support intervention has revealed two zero-day vulnerabilities in the OS running on Cisco enterprise-grade routers that attackers are trying to actively exploit. …
Exploits for vBulletin zero-day released, attacks are ongoing
The fix for CVE-2019-16759, a remote code execution vulnerability in vBulletin that was patched in September 2019, is incomplete, security researcher Amir Etemadieh has …
Researchers flag two zero-days in Windows Print Spooler
In May 2020, Microsoft patched CVE-2020-1048, a privilege escalation vulnerability in the Windows Print Spooler service discovered by Peleg Hadar and Tomer Bar from SafeBreach …
Zoom zero-day flaw allows code execution on victim’s Windows machine
A zero-day vulnerability in Zoom for Windows may be exploited by an attacker to execute arbitrary code on a victim’s computer. The attack doesn’t trigger a …
Attackers exploiting a zero-day in Sophos firewalls, have yours been hit?
Sophos has released an emergency hotfix for an actively exploited zero-day SQL injection vulnerability in its XG Firewalls, and has rolled it out to all units with the …
Two critical Firefox vulnerabilities exploited by attackers, patch now!
Mozilla has released critical security updates for Firefox and Firefox ESR on Friday, patching two vulnerabilities that are being actively exploited by attackers.
Micropatches block exploitation of Windows zero-days under attack
While we wait for Microsoft to provide fixes for the two new Windows RCE zero-days that are being exploited in “limited targeted Windows 7 based attacks,” ACROS …
Government-backed cyber attackers increasingly targeting journalists
Since the start of the year, journalists and news outlets have become preferred targets of government-backed cyber attackers, Google’s Threat Analysis Group (TAG) has noticed. …
Windows users under attack via two new RCE zero-days
Attackers are exploiting two new zero-days in the Windows Adobe Type Manager Library to achieve remote code execution on targeted Windows systems, Microsoft warns. The attacks …
Featured news
Resources
Don't miss
- Cisco fixes ClamAV vulnerability with available PoC and critical Meeting Management flaw
- SonicWall SMA appliances exploited in zero-day attacks (CVE-2025-23006)
- Defense strategies to counter escalating hybrid attacks
- Web Cache Vulnerability Scanner: Open-source tool for detecting web cache poisoning
- Funding soars in a milestone year for Israeli cybersecurity