searchtwitterarrow rightmail strokearrow leftmail solidfacebooklinkedinplusangle upmagazine plus
Help Net Security - Daily information security news with a focus on enterprise security.
Help Net Security - Daily information security news with a focus on enterprise security.
  • News
  • Features
  • Expert analysis
  • Videos
  • Reviews
  • Events
  • Whitepapers
  • Industry news
  • Product showcase
  • Newsletters

0-day

Get our top stories in your inbox

Apple fixes exploited iOS, iPadOS zero-day (CVE-2022-42827)

October 25, 2022

For the ninth time this year, Apple has released fixes for a zero-day vulnerability (CVE-2022-42827) exploited by attackers to compromise iPhones. About CVE-2022-42827 …

Microsoft patches Windows flaw exploited in the wild (CVE-2022-41033)

October 11, 2022

October 2022 Patch Tuesday is here, with fixes for 85 CVE-numbered vulnerabilities, including CVE-2022-41033, a vulnerability in Windows COM+ Event System Service that has …

Auth bypass bug in FortiOS, FortiProxy is exploited in the wild (CVE-2022-40684)

October 11, 2022

After privately warning customers last week that they need to patch or mitigate CVE-2022-40684, a critical vulnerability affecting FortiOS, FortiProxy, and FortiSwitchManager, …

Unpatched Zimbra RCE bug exploited by attackers (CVE-2022-41352)

October 10, 2022

A still unpatched vulnerability (CVE-2022-41352) in Zimbra Collaboration is being exploited by attackers to achieve remote code execution on vulnerable servers. About the …

MS Exchange zero-days: The calm before the storm?

October 3, 2022

CVE-2022-41040 and CVE-2022-41082, the two exploited MS Exchange zero-days that still have no official fix, have been added to CISA’s Known Exploited Vulnerabilities …

Two Microsoft Exchange zero-days exploited by attackers (CVE-2022-41040, CVE-2022-41082)

September 30, 2022

Attackers are leveraging two zero-day vulnerabilities (CVE-2022-41040, CVE-2022-41082) to breach Microsoft Exchange servers. News of the attacks broke on Wednesday, when …

Apple fixes actively exploited zero-day in macOS, iOS (CVE-2022-32917)

September 13, 2022

Apple has fixed a slew of vulnerabilities in macOS, iOS, and iPadOS, including a zero-day kernel vulnerability (CVE-2022-32917) exploited by attackers in the wild. About …

DeadBolt is hitting QNAP NAS devices via zero-day bug, what to do?

September 6, 2022

A few days ago – and smack in the middle of the weekend preceding Labor Day (as celebrated in the U.S.) – Taiwan-based QNAP Systems has warned about the latest …

Apple fixes exploited zero-days: Update your devices! (CVE-2022-32894, CVE-2022-32893)

August 18, 2022

Apple has released security updates for iOS, iPadOS, and macOS Monterey to fix CVE-2022-32894 and CVE-2022-32893, two code execution vulnerabilities exploited by attackers in …

Microsoft fixes exploited zero-day in Windows CSRSS (CVE-2022-22047)

July 12, 2022

The July 2022 Patch Tuesday is upon us and has brought fixes for 84 CVEs in various Microsoft products, including an actively exploited zero-day: CVE-2022-22047, an elevation …

Criminal IP analysis report on zero-day vulnerability in Atlassian Confluence

June 17, 2022

According to Volexity, a webshell was discovered in Atlassian Confluence server during an incident response investigation. Volexity determined that it was a zero-day …

Unpatched Atlassian Confluence zero-day exploited, fix expected today (CVE-2022-26134)

June 3, 2022

A critical zero-day vulnerability (CVE-2022-26134) in Atlassian Confluence Data Center and Server is under active exploitation, the software maker has warned on Thursday. …

Posts navigation

1 2 3 4 5 6 … 23

Featured news

  • CISO-approved strategies for software supply chain security
  • Phishers use encrypted file attachments to steal Microsoft 365 account credentials
  • New Buhti ransomware uses leaked payloads and public exploits
Spin Up A CIS Hardened Image

Sponsored

The best defense against cyber threats for lean security teams

Webinar: Tips from MSSPs to MSSPs – starting a vCISO practice

Security in the cloud with more automation

CISOs struggle with stress and limited resources

Don't miss

CISO-approved strategies for software supply chain security

Phishers use encrypted file attachments to steal Microsoft 365 account credentials

New Buhti ransomware uses leaked payloads and public exploits

Strengthening travel safety protocols with ISO 31030

Phishing campaign targets ChatGPT users

Cybersecurity news
Help Net Security - Daily information security news with a focus on enterprise security.
© Copyright 1998-2023 by Help Net Security
Read our privacy policy | About us | Advertise
Follow us