Please turn on your JavaScript for this page to function normally.
Cisco
Too many Cisco ASA firewalls still unsecure despite zero-day attack alerts

Despite Cisco and various cybersecurity agencies warning about attackers actively exploting zero-day vulnerabilities (CVE-2025-20333 and CVE-2025-20362) in Cisco Adaptive …

Fortra GoAnywhere
Attackers exploited critical Fortra GoAnywhere flaw in zero-day attacks (CVE-2025-10035)

CVE-2025-10035, a perfect CVSS 10.0 vulnerability in the Fortra GoAnywhere managed file transfer solution, has apparently been exploited in zero-day attacks before the patch …

Cisco
Cisco ASA zero-day vulnerabilities exploited in sophisticated attacks

A widespread campaign aimed at breaching organizations via zero-day vulnerabilities in Cisco Adaptive Security Appliances (ASA) has been revealed by the US, UK, Canadian and …

Cisco
Cisco fixes IOS/IOS XE zero-day exploited by attackers (CVE-2025-20352)

Cisco has fixed 14 vulnerabilities in IOS and IOS XE software, among them CVE-2025-20352, a high-severity vulnerability that has been exploited in zero-day attacks. About …

email
Libraesva ESG zero-day vulnerability exploited by attackers (CVE-2025-59689)

Suspected state-sponsored attackers have exploited a zero-day vulnerability (CVE-2025-59689) in the Libraesva Email Security Gateway (ESG), the Italian email security company …

Google Chrome
Google fixes actively exploited Chrome zero-day vulnerability (CVE-2025-10585)

Google has released a security update for the Chrome stable channel to fix a zero‑day vulnerability (CVE-2025-10585) reported by its Threat Analysis Group (TAG) on Tuesday. …

Sitecore
Sitecore zero-day vulnerability exploited by attackers (CVE-2025-53690)

A threat actor is leveraging a zero-day vulnerability (CVE-2025-53690) and an exposed sample ASP.NET machine key to breach internet-facing, on-premises deployments of several …

Netscaler
NetScaler ADC/Gateway zero-day exploited by attackers (CVE-2025-7775) – updated!

Three new vulnerabilities affecting (Citrix) NetScaler application delivery controller (ADC) and Gateway devices have been made public, one of which (CVE-2025-7775) has been …

Apple
Apple fixes zero-day vulnerability exploited in “extremely sophisticated attack” (CVE-2025-43300)

Apple has fixed yet another vulnerability (CVE-2025-43300) that has apparently been exploited as a zero-day “in an extremely sophisticated attack against specific …

N-able N-central
Vulnerabilities in MSP-friendly RMM solution exploited in the wild (CVE-2025-8875, CVE-2025-8876)

Two vulnerabilities (CVE-2025-8875, CVE-2025-8876) in N-central, a remote monitoring and management (RMM) solution by N-able that’s popular with managed service …

WinRAR zero-day was exploited by two threat actors (CVE-2025-8088)

The RomCom attackers aren’t the only ones that have been leveraging the newly unveiled WinRAR vulnerability (CVE-2025-8088) in zero-day attacks: according to Russian …

Microsoft SharePoint
Storm-2603 spotted deploying ransomware on exploited SharePoint servers

One of the groups that, in the past few weeks, has been exploiting vulnerabilities in on-prem SharePoint installation has been observed deploying Warlock ransomware, Microsoft …

Don't miss

Cybersecurity news
Daily newsletter sent Monday-Friday
Weekly newsletter sent on Mondays
Editor's choice newsletter sent twice a month
Periodical newsletter released when there is breaking news
Weekly newsletter listing new cybersecurity job positions
Monthly newsletter focusing on open source cybersecurity tools