#zero-day-exploit

[ follow ]
#cybersecurity #microsoft #imageio #whatsapp #citrix-netscaler #cve-2025-7775 #data-breach #sharepoint #cisa
fromNextgov.com
1 week ago

CISA issues emergency patching directive for Cisco devices on federal networks

The Cybersecurity and Infrastructure Security Agency is ordering federal agencies to patch Cisco devices that have been exploited by an advanced hacker group, it said in a Thursday alert. The hacking activity targeting the devices "is widespread and involves exploiting zero-day vulnerabilities to gain unauthenticated remote code execution" on various Cisco Adaptive Security Appliances, CISA said. A "zero-day" refers to a software flaw that's being exploited but has not been previously discovered, giving developers zero days to fix it.
Information security
fromTheregister
1 week ago

Zero-day deja vu: Another Cisco IOS bug is under attack

Attackers with low-privilege SNMP creds can crash a device, while those with higher-privilege access can run arbitrary code as root - a straight shot to total box compromise. "The Cisco Product Security Incident Response Team (PSIRT) became aware of successful exploitation of this vulnerability in the wild after local Administrator credentials were compromised," the company said. "Cisco strongly recommends that customers upgrade to a fixed software release to remediate this vulnerability."
Information security
Apple
fromTheregister
2 weeks ago

Apple backports patch to older kit after 0-day exploitation

Apple backported an ImageIO out-of-bounds write fix to older iPhones and iPads after evidence of exploitation in extremely sophisticated attacks possibly tied to commercial surveillanceware.
Information security
fromSecurityWeek
2 weeks ago

Samsung Patches Zero-Day Exploited Against Android Users

A high-severity out-of-bounds write in Samsung's image parsing library (CVE-2025-21043) was exploited in the wild and is now patched.
#citrix-netscaler
more#citrix-netscaler
Apple
fromThe Hacker News
1 month ago

Apple Patches CVE-2025-43300 Zero-Day in iOS, iPadOS, and macOS Exploited in Targeted Attacks

Apple patched an ImageIO out-of-bounds write zero-day (CVE-2025-43300) actively exploited to cause memory corruption across iOS, iPadOS, and macOS.
#cybersecurity
fromIT Pro
1 month ago
Canada news

Everything we know so far about the Canadian House of Commons data breach

fromFast Company
2 months ago
Information security

Microsoft SharePoint hack: An active cybersecurity incident could impact tens of thousands of servers

fromIT Pro
1 month ago
Canada news

Everything we know so far about the Canadian House of Commons data breach

fromFast Company
2 months ago
Information security

Microsoft SharePoint hack: An active cybersecurity incident could impact tens of thousands of servers

more#cybersecurity
fromTheregister
2 months ago

Blame a leak for Microsoft SharePoint attacks: researcher

A leak happened here somewhere,” Dustin Childs, head of threat awareness at Trend Micro's Zero Day Initiative (ZDI), told The Register. “And now you’ve got a zero-day exploit in the wild, and worse than that, you’ve got a zero-day exploit in the wild that bypasses the patch, which came out the next day.
Privacy professionals
Information security
fromThe Verge
2 months ago

Microsoft SharePoint servers are under attack because of a major security flaw

Microsoft's SharePoint software vulnerabilities expose tens of thousands of servers to active attacks, prompting urgent security measures and patch releases.
Privacy professionals
fromTechRepublic
5 months ago

Patch Tuesday: Microsoft Fixes 134 Vulnerabilities, Including 1 Zero-Day

Microsoft's April Patch Tuesday update addressed 134 flaws, including a zero-day vulnerability, raising concerns about security in Windows systems.
[ Load more ]