searchtwitterarrow rightmail strokearrow leftmail solidfacebooklinkedinplusangle upmagazine plus
Help Net Security - Daily information security news with a focus on enterprise security.
  • News
  • Features
  • Expert analysis
  • Videos
  • Reviews
  • Events
  • Reports
  • Whitepapers
  • Industry news
  • Product showcase
  • Newsletters
  • (IN)SECURE Magazine

0-day

Get our top stories in your inbox

Microsoft patches Windows LSA spoofing zero-day under active attack (CVE-2022-26925)

May 10, 2022

May 2022 Patch Tuesday is here, and Microsoft has marked it by releasing fixes for 74 CVE-numbered vulnerabilities, including one zero-day under active attack (CVE-2022-26925) …

Microsoft fixes actively exploited zero-day reported by the NSA (CVE-2022-24521)

April 12, 2022

On this April 2022 Patch Tuesday, Microsoft has released patches for 128 CVE-numbered vulnerabilities, including one zero-day exploited in the wild (CVE-2022-24521) and …

Mozilla fixes Firefox zero-days exploited in the wild (CVE-2022-26485, CVE-2022-26486)

March 7, 2022

Mozilla has released an out-of-band security update for Firefox, Firefox Focus, and Thunderbird, fixing two critical vulnerabilities (CVE-2022-26485, CVE-2022-26486) exploited …

Apple fixes actively exploited iOS, macOS zero-day (CVE-2022-22620)

February 11, 2022

Another month, another zero-day (CVE-2022-22620) exploited in the wild that has been fixed by Apple. About CVE-2022-22620 CVE-2022-22620 is a use after free issue in WebKit, …

Microsoft patches actively exploited Exchange, Excel zero-days (CVE-2021-42321, CVE-2021-42292)

November 9, 2021

It’s a light November 2021 Patch Tuesday from Microsoft: 55 fixed CVEs, of which two are zero-days under active exploitation: CVE-2021-42321, a Microsoft Exchange RCE, …

Microsoft patches actively exploited Windows zero-day (CVE-2021-40449)

October 12, 2021

On October 2021 Patch Tuesday, Microsoft has fixed 71 CVE-numbered vulnerabilities. Of those, only one was a zero-day exploited in attacks in the wild (CVE-2021-40449) and …

Apple fixes iOS zero-day exploited in the wild (CVE-2021-30883)

October 12, 2021

With the newest iOS and iPad updates, Apple has fixed another vulnerability (CVE-2021-30883) that is being actively exploited by attackers. About CVE-2021-30883 CVE-2021-30883 …

A new zero-day is being exploited to compromise Macs (CVE-2021-30869)

September 24, 2021

Another zero-day in Apple’s software (CVE-2021-30869) is being actively exploited by attackers, forcing the company to push out security updates for macOS Catalina and …

Apple fixes “zero-click” iMessage zero-day exploited to deliver spyware (CVE-2021-30860)

September 14, 2021

Apple has released security updates for macOS, iOS, iPadOS, watchOS and Safari that patch two vulnerabilities (CVE-2021-30860, CVE-2021-30858) that are being exploited in …

Attackers are exploiting zero-day RCE flaw to target Windows users (CVE-2021-40444)

September 8, 2021

Attackers are exploiting CVE-2021-40444, a zero-day remote code execution vulnerability in MSHTML (the main HTML component of the Internet Explorer browser), to compromise …

Microsoft patches actively exploited zero-day (CVE-2021-36948), more Print Spooler flaws

August 10, 2021

Microsoft’s August 2021 Patch Tuesday is pretty lightweight, through it covers a wide variety of Microsoft solutions. 44 CVE-numbered security holes have been plugged, …

Explosion of 0-day exploits: The bad news and the good news

July 15, 2021

Have you noticed that lately we’ve been hearing more about in-the-wild attacks exploiting 0-day vulnerabilities? “Halfway into 2021, there have been 33 0-day …

Posts navigation

1 2 3 4 5 … 21

Featured news

  • VMware issues critical fixes, CISA orders federal agencies to act immediately (CVE-2022-22972)
  • Many security engineers are already one foot out the door. Why?
  • Fix your IT weak spots to guarantee compliance
Easily migrate to the cloud with CIS Hardened Images

What's new

New infosec products of the week: May 20, 2022

Record level of bad bot traffic contributing to rise of online fraud

Two business-grade Netgear VPN routers have security vulnerabilities that can’t be fixed

Email is the riskiest channel for data security

Don't miss

Two business-grade Netgear VPN routers have security vulnerabilities that can’t be fixed

How to ensure that the smart home doesn’t jeopardize data privacy?

U.S. DOJ will no longer prosecute good-faith security researchers under CFAA

VMware issues critical fixes, CISA orders federal agencies to act immediately (CVE-2022-22972)

Many security engineers are already one foot out the door. Why?

Help Net Security - Daily information security news with a focus on enterprise security.
Follow us
  • Features
  • News
  • Expert Analysis
  • Reviews
  • Events
  • Reports
  • Whitepapers
  • Industry news
  • Newsletters
  • Product showcase
  • Twitter

In case you’ve missed it

  • Data centers on steel wheels: Can we trust the safety of the railway infrastructure?
  • Good end user passwords begin with a well-enforced password policy
  • Keep your digital banking safe: Tips for consumers and banks
  • Is cybersecurity talent shortage a myth?

(IN)SECURE Magazine ISSUE 71 (March 2022)

  • Why security strategies need a new perspective
  • The evolution of security analytics
  • Open-source code: How to stay secure while moving fast
Read online
© Copyright 1998-2022 by Help Net Security
Read our privacy policy | About us | Advertise