#zero-day-vulnerabilities

[ follow ]
#cybersecurity #microsoft #apple #microsoft-patch-tuesday #ai-cybersecurity #dual-use #runtime-monitoring
fromFortune
2 hours ago

Anthropic's newest model excels at finding security vulnerabilities, but raises cybersecurity risks | Fortune

According to a report from the company's Frontier Red Team, during testing, Opus 4.6 identified over 500 previously unknown zero-day vulnerabilities-flaws that are unknown to people who wrote the software, or the party responsible for patching or fixing it-across open-source software libraries. Notably, the model was not explicitly told to search for the security flaws, but rather it detected and flagged the issues on its own.
Information security
Artificial intelligence
fromInfoWorld
5 hours ago

Claude AI finds 500 high-severity software vulnerabilities

Claude Opus 4.6 uncovered 500 high-severity zero-day vulnerabilities in open-source projects while running in a VM with standard analysis tools and no guidance.
fromTheregister
1 week ago

Automotive systems get pwned at Pwn2Own Automotive 2026

infosec in brief T'was a dark few days for automotive software systems last week, as the third annual Pwn2Own Automotive competition uncovered 76 unique zero-day vulnerabilities in targets ranging from Tesla infotainment to EV chargers. A record 73 entries were included in this year's competition at Automotive World in Tokyo, and, while not all were successful, Trend Micro's Zero Day Initiative still ended up paying out more than $1 million to successful competitors. For those unfamiliar with the structure of a Pwn2Own competition, ethical hackers and security experts enter with plans to perform a certain exploit, which they must do in a limited time.
#microsoft-patch-tuesday
more#microsoft-patch-tuesday
fromThe Hacker News
4 weeks ago

China-Linked Hackers Exploit VMware ESXi Zero-Days to Escape Virtual Machines

Chinese-speaking threat actors are suspected to have leveraged a compromised SonicWall VPN appliance as an initial access vector to deploy a VMware ESXi exploit that may have been developed as far back as February 2024. Cybersecurity firm Huntress, which observed the activity in December 2025 and stopped it before it could progress to the final stage, said it may have resulted in a ransomware attack.
Information security
Apple
fromTheregister
1 month ago

Apple and Google forced into emergency patching 0-day

Apple and Google issued emergency patches for zero-day vulnerabilities actively exploited in sophisticated, targeted attacks.
Information security
fromThe Hacker News
1 month ago

Chrome Targeted by Active In-the-Wild Exploit Tied to Undisclosed High-Severity Flaw

Update Chrome immediately to patch a high-severity, actively exploited vulnerability and multiple other zero-day and medium-severity flaws.
Information security
fromComputerworld
2 months ago

More work for admins as Google patches latest zero-day Chrome vulnerability

Zero-day Chrome vulnerabilities force enterprises to rush manual patches within days, disrupting regular eight-week ESC testing and causing significant operational strain.
Information security
fromComputerworld
3 months ago

For October's Patch Tuesday, a scary number of fixes

Microsoft released 175 updates including four zero-day vulnerabilities; Windows systems require immediate patching while other updates can follow normal schedules.
Information security
fromDataBreaches.Net
4 months ago

CISA Emergency Directive 25-03: Identify and Mitigate Potential Compromise of Cisco Devices - DataBreaches.Net

Critical Cisco ASA zero-day vulnerabilities enable unauthenticated remote code execution and ROM persistence; agencies must immediately mitigate, assess compromise, and remediate ASA and Firepower devices.
Information security
fromThe Hacker News
4 months ago

Cisco ASA Firewall Zero-Day Exploits Deploy RayInitiator and LINE VIPER Malware

Threat actors exploited Cisco ASA zero-day vulnerabilities to deploy advanced RayInitiator and LINE VIPER malware, bypassing protections and achieving persistence.
#cybersecurity
Tech industry
fromTheregister
9 months ago

75 zero-days exploited in 2024 with focus on enterprise tech

Zero-day vulnerabilities are still a prime target for attackers, showing a trend despite fewer reported exploits in 2024.
more#cybersecurity
fromZDNET
6 months ago

Microsoft fixes two SharePoint zero-days under attack, but it's not over - how to patch

CVE-2025-53771 is a SharePoint Server spoofing vulnerability allowing attackers to impersonate trusted users or resources, while CVE-2025-53770 permits remote code execution.
Privacy professionals
Privacy technologies
fromZDNET
8 months ago

Qualcomm patches three exploited security flaws, but you could still be vulnerable

Qualcomm has patched three critical zero-day security vulnerabilities related to its Adreno GPU driver, indicating ongoing exploitation risks.
DevOps
fromComputerWeekly.com
8 months ago

May Patch Tuesday brings five exploited zero-days to fix | Computer Weekly

Microsoft has released fixes for five zero-day vulnerabilities rated as Important severity, actively exploited in the wild.
#apple
fromTechRepublic
9 months ago
Apple

Apple Patches Two Zero-Days Used in 'Extremely Sophisticated' Attacks

Apple addressed critical security vulnerabilities to protect devices from targeted attacks.
The vulnerabilities exploited sophisticated attacks against specific individuals, indicating possible government involvement.
fromComputerworld
9 months ago
Apple

You need to update your Apple devices immediately

Apple's latest security patch addresses urgent zero-day vulnerabilities amidst rising digital chaos and insecurity.
Apple
fromTechRepublic
9 months ago

Apple Patches Two Zero-Days Used in 'Extremely Sophisticated' Attacks

Apple addressed critical security vulnerabilities to protect devices from targeted attacks.
The vulnerabilities exploited sophisticated attacks against specific individuals, indicating possible government involvement.
Apple
fromComputerworld
9 months ago

You need to update your Apple devices immediately

Apple's latest security patch addresses urgent zero-day vulnerabilities amidst rising digital chaos and insecurity.
more#apple
[ Load more ]