Adobe releases emergency fix for Flash Player zero-day exploited in the wild
Adobe has released an out-of-band security update for Adobe Flash Player that patches a zero-day remote code execution vulnerability actively exploited in the wild. Kaspersky …
October Patch Tuesday: 61 bugs and one zero-day fixed
For its October Patch Tuesday, Microsoft has patched 61 vulnerabilities (27 of them critical) and one Office zero-day labeled as “important.” The zero-day The …
Patch Tuesday: 80+ vulnerabilities fixed, one exploited in the wild
As part of its regular, monthly Patch Tuesday update, Microsoft has released patches for 81 new vulnerabilities, including a zero-day in the .NET Framework. The September …
Two Foxit Reader RCE zero-day vulnerabilities disclosed
Trend Micro’s Zero Day Initiative has released details about two remote code execution zero-day flaws affecting popular freemium PDF tool Foxit Reader. The first one …
Rising information security threats, and what to do about them
The digital threat landscape faced by enterprises large and small is in perpetual flux, and keeping an eye on things and adapting defenses should be of primary importance to …
Cisco patches leaked 0-day in 300+ of its switches
Cisco has plugged a critical security hole in over 300 of its switches, and is urging users to apply the patches as soon as possible because an exploit for it has been …
MS Office zero-day is used to infect millions of users with Dridex
The still unpatched MS Office zero-day vulnerability publicized by McAfee and FireEye researchers this weekend is being exploited to deliver the infamous Dridex banking …
MS Office zero-day exploited in attacks – no enabling of macros required!
A new zero-day flaw affecting all versions of Microsoft Office is being exploited in attacks in the wild, and no user is safe – not even those who use a fully patched …
Actively exploited zero-day in IIS 6.0 affects 60,000+ servers
Microsoft Internet Information Services (IIS) 6.0 sports a zero-day vulnerability (CVE-2017-7269) that was exploited in the wild last summer and is likely also being exploited …
DoubleAgent attack uses built-in Windows tool to hijack applications
Security researchers from computer and network security outfit Cybellum have revealed a new zero-day code injection and persistence technique that can be used by attackers to …
Several high risk 0-day vulnerabilities affecting SAP HANA found
Onapsis discovered several high risk vulnerabilities affecting SAP HANA platforms. If exploited, these vulnerabilities would allow an attacker, whether inside or outside the …
Leaked: Docs cataloguing CIA’s frightening hacking capabilities
WikiLeaks has released 8,761 documents and files they claim originate from the US Central Intelligence Agency (CIA) – more specifically, from an “isolated, …
Featured news
Resources
Don't miss
- Cisco fixes ClamAV vulnerability with available PoC and critical Meeting Management flaw
- SonicWall SMA appliances exploited in zero-day attacks (CVE-2025-23006)
- Defense strategies to counter escalating hybrid attacks
- Web Cache Vulnerability Scanner: Open-source tool for detecting web cache poisoning
- Funding soars in a milestone year for Israeli cybersecurity