0-day

UPDATE (June 2, 2023, 05:55 a.m. ET): Check out our update on this evolving situation. A critical zero-day vulnerability in Progress Software’s enterprise managed file …

A vulnerability (CVE-2023-2868) in Barracuda Networks’ Email Security Gateway (ESG) appliances has been exploited by attackers, the company has warned. About …

Apple has released security updates for iOS and iPadOS, macOS, tvOS and watchOS, delivering fixes for many vulnerabilities but, most importantly, for CVE-2023-32409, a WebKit …

It’s April 2023 Patch Tuesday, and Microsoft has released fixes for 97 CVE-numbered vulnerabilities, including one actively exploited zero-day (CVE-2023-28252). About …

Apple has pushed out security updates that fix two actively exploited zero-day vulnerabilities (CVE-2023-28205, CVE-2023-28206) in macOS, iOS and iPadOS. Reported by …

Malicious threat actors have actively exploited 55 zero-days in 2022 – down from 81 in 2021 – with Microsoft, Google, and Apple products being most targeted. 53 …

It’s March 2023 Patch Tuesday, and Microsoft has delivered fixes for 76 CVE-numbered vulnerabilities, including two actively exploited in the wild (CVE-2023-23397, …

Apple has released security updates that fix a WebKit zero-day vulnerability (CVE-2023-23529) that “may have been actively exploited.” The bug has been fixed in …

The MS Exchange exploit chain recently revealed by Crowdstrike researchers is how the Play ransomware gang breached the Rackspace Hosted Exchange email environment, the …

An unauthenticated remote code execution flaw (CVE-2022-27518) is being leveraged by a Chinese state-sponsored group to compromise Citrix Application Delivery Controller (ADC) …

A critical RCE vulnerability (CVE-2022-42475) in Fortinet’s operating system, FortiOS, is being exploited by attackers, reportedly by a ransomware group. “Fortinet …

Google has patched CVE-2022-4262, a type confusion vulnerability in the V8 JavaScript engine used by Google Chrome (and Chromium), which is being exploited by attackers in the …