Tag: zero-day

Here you will find all the articles with the tag: zero-day.

Apple blocks update for zeroday, new fix not yet ready

Apple blocks update for zeroday, new fix not yet ready

Apple is blocking the RSR update the company sent to iPhone, iPad and Mac yesterday. The update served to fix a zero-day in WebKit but caused problems downloading websites. Apple products are left vulnerable in the meantime. Apple further adds to its explanation of the issued Rapid Security Re... Read more

date11 months ago
iPhone, iPad and Mac get emergency update for WebKit zero-day

iPhone, iPad and Mac get emergency update for WebKit zero-day

A new zero-day in WebKit is impacting iPhones, Mac devices and iPads. Suspecting the zero-day is being actively exploited, the company is pushing an update. Apple is implementing a Rapid Security Response (RSR) update on iPhones, iPads and Macs. "This Rapid Security Response provides important ... Read more

date11 months ago
Hackers exploit zero-day in WordPress plugin Ultimate Member

Hackers exploit zero-day in WordPress plugin Ultimate Member

Hackers have once again found a way to break into WordPress accounts. This time, a zero-day in the Ultimate Member plugin grants access. Hackers can penetrate 200,000 WordPress websites through a zero-day in the Ultimate Member plugin. The plugin serves website visitors with a simple account re... Read more

date12 months ago
Pwn2Own event yields 27 zero-days

Pwn2Own event yields 27 zero-days

Security researchers managed to discover as many as 27 zero-days in major enterprise software during the three days of the Pwn2Own Vancouver 2023 event. Zero-days were found in Windows 11, Ubuntu and macOS, among others, as well as in Oracle and VMware products and Tesla's firmware. The various ... Read more

date1 year ago
New phishing threats exploit zero-day vulnerabilities in Windows

New phishing threats exploit zero-day vulnerabilities in Windows

Recent phishing attacks use a zero-day Windows vulnerability to drop the Qbot malware without displaying Windows' usual security warnings, BleepingComputer reports. When users download files from an 'untrusted' remote location, such as an Internet website or an email attachment, Windows adds a s... Read more

date2 years ago
Cybercriminals hack Microsoft Exchange servers with zero-days

Cybercriminals hack Microsoft Exchange servers with zero-days

Microsoft confirms that cybercriminals are exploiting two zero-day vulnerabilities in Exchange Server 2013, 2016 and 2019. The vulnerabilities allow cybercriminals to conduct remote code execution attacks. The bugs were discovered by GTSC. The security company published a mitigation guide. The ... Read more

date2 years ago
Google issues another update to fix a zero-day in Chrome

Google issues another update to fix a zero-day in Chrome

Google issued an update to the Stable channel of its Chrome browser on Wednesday containing a patch for a vulnerability currently in the wild. According to Google's alert, CVE-2022-2856 is a remedy for "insufficient validation of untrusted input in Intents." Intents often convey data from one pr... Read more

date2 years ago
Cato Networks fixes zero-day vulnerability in Microsoft Office

Cato Networks fixes zero-day vulnerability in Microsoft Office

Cato Networks developed a workaround for a zero-day vulnerability recently found in Microsoft Office. Customers of Cato Networks are immune to the vulnerability. Cato Networks provides a Secure Access Service Edge service (SASE). The service has two components. First, it connects customers' appl... Read more

date2 years ago
1 2 3 4 5