![Microsoft Exchange](https://img.helpnetsecurity.com/wp-content/uploads/2022/10/03104751/microsoft_exchange-blue2-400x200.jpg)
MS Exchange zero-days: The calm before the storm?
CVE-2022-41040 and CVE-2022-41082, the two exploited MS Exchange zero-days that still have no official fix, have been added to CISA’s Known Exploited Vulnerabilities …
![Microsoft Exchange](https://img.helpnetsecurity.com/wp-content/uploads/2022/09/30072654/microsoft-exchange-hns-400x200.jpg)
Two Microsoft Exchange zero-days exploited by attackers (CVE-2022-41040, CVE-2022-41082)
Attackers are leveraging two zero-day vulnerabilities (CVE-2022-41040, CVE-2022-41082) to breach Microsoft Exchange servers. News of the attacks broke on Wednesday, when …
![Apple macOS iOS](https://img.helpnetsecurity.com/wp-content/uploads/2022/09/13095929/apple-mac-ios-hns-400x200.jpg)
Apple fixes actively exploited zero-day in macOS, iOS (CVE-2022-32917)
Apple has fixed a slew of vulnerabilities in macOS, iOS, and iPadOS, including a zero-day kernel vulnerability (CVE-2022-32917) exploited by attackers in the wild. About …
![QNAP](https://img.helpnetsecurity.com/wp-content/uploads/2021/04/26122228/qnap-white-400x200.jpg)
DeadBolt is hitting QNAP NAS devices via zero-day bug, what to do?
A few days ago – and smack in the middle of the weekend preceding Labor Day (as celebrated in the U.S.) – Taiwan-based QNAP Systems has warned about the latest …
![Apple](https://img.helpnetsecurity.com/wp-content/uploads/2016/03/09113415/apple-1-400x200.jpg)
Apple fixes exploited zero-days: Update your devices! (CVE-2022-32894, CVE-2022-32893)
Apple has released security updates for iOS, iPadOS, and macOS Monterey to fix CVE-2022-32894 and CVE-2022-32893, two code execution vulnerabilities exploited by attackers in …
![Patch Tuesday](https://img.helpnetsecurity.com/wp-content/uploads/2020/04/14193530/patch_tuesday-400x200.jpg)
Microsoft fixes exploited zero-day in Windows CSRSS (CVE-2022-22047)
The July 2022 Patch Tuesday is upon us and has brought fixes for 84 CVEs in various Microsoft products, including an actively exploited zero-day: CVE-2022-22047, an elevation …
![atlassian confluence](https://img.helpnetsecurity.com/wp-content/uploads/2022/06/03160357/atlassian_confluence-400x200.jpg)
Criminal IP analysis report on zero-day vulnerability in Atlassian Confluence
According to Volexity, a webshell was discovered in Atlassian Confluence server during an incident response investigation. Volexity determined that it was a zero-day …
![atlassian confluence](https://img.helpnetsecurity.com/wp-content/uploads/2022/06/03160359/atlassian_confluence2-400x200.jpg)
Unpatched Atlassian Confluence zero-day exploited, fix expected today (CVE-2022-26134)
A critical zero-day vulnerability (CVE-2022-26134) in Atlassian Confluence Data Center and Server is under active exploitation, the software maker has warned on Thursday. …
![Patch Tuesday](https://img.helpnetsecurity.com/wp-content/uploads/2020/04/14193530/patch_tuesday-400x200.jpg)
Microsoft patches Windows LSA spoofing zero-day under active attack (CVE-2022-26925)
May 2022 Patch Tuesday is here, and Microsoft has marked it by releasing fixes for 74 CVE-numbered vulnerabilities, including one zero-day under active attack (CVE-2022-26925) …
![Patch Tuesday](https://img.helpnetsecurity.com/wp-content/uploads/2020/08/11203235/patch-tuesday-mountain-400x200.jpg)
Microsoft fixes actively exploited zero-day reported by the NSA (CVE-2022-24521)
On this April 2022 Patch Tuesday, Microsoft has released patches for 128 CVE-numbered vulnerabilities, including one zero-day exploited in the wild (CVE-2022-24521) and …
![Firefox](https://img.helpnetsecurity.com/wp-content/uploads/2020/06/04170352/firefox-400x200.png)
Mozilla fixes Firefox zero-days exploited in the wild (CVE-2022-26485, CVE-2022-26486)
Mozilla has released an out-of-band security update for Firefox, Firefox Focus, and Thunderbird, fixing two critical vulnerabilities (CVE-2022-26485, CVE-2022-26486) exploited …
![Apple](https://img.helpnetsecurity.com/wp-content/uploads/2017/09/09103013/apple-red-400x200.jpg)
Apple fixes actively exploited iOS, macOS zero-day (CVE-2022-22620)
Another month, another zero-day (CVE-2022-22620) exploited in the wild that has been fixed by Apple. About CVE-2022-22620 CVE-2022-22620 is a use after free issue in WebKit, …
Featured news
Sponsored
Don't miss
- ChatGPTriage: How can CISOs see and control employees’ AI use?
- Managing exam pressure: Tips for certification preparation
- Firmware update hides Bluetooth fingerprints
- Critical Exim vulnerability facilitates malware delivery (CVE-2024-39929)
- Risk related to non-human identities: Believe the hype, reject the FUD