#zero-day-exploit

[ follow ]
#cybersecurity #data-breach #microsoft #imageio #whatsapp #citrix-netscaler #cve-2025-7775 #sharepoint #clop
Information security
fromTheregister
1 day ago

Clop's Oracle EBS rampage reaches Dartmouth College

Dartmouth College suffered data theft after Clop exploited an Oracle E-Business Suite zero-day, exposing names, SSNs, and some financial account information.
Information security
fromTheregister
1 month ago

Zero-day lets nation-state spies cross-examine US law firm

Attackers exploited a zero-day to access Williams & Connolly attorney email accounts in a likely nation-state-linked cyberattack.
fromNextgov.com
2 months ago

CISA issues emergency patching directive for Cisco devices on federal networks

The Cybersecurity and Infrastructure Security Agency is ordering federal agencies to patch Cisco devices that have been exploited by an advanced hacker group, it said in a Thursday alert. The hacking activity targeting the devices "is widespread and involves exploiting zero-day vulnerabilities to gain unauthenticated remote code execution" on various Cisco Adaptive Security Appliances, CISA said. A "zero-day" refers to a software flaw that's being exploited but has not been previously discovered, giving developers zero days to fix it.
Information security
fromTheregister
2 months ago

Zero-day deja vu: Another Cisco IOS bug is under attack

Attackers with low-privilege SNMP creds can crash a device, while those with higher-privilege access can run arbitrary code as root - a straight shot to total box compromise. "The Cisco Product Security Incident Response Team (PSIRT) became aware of successful exploitation of this vulnerability in the wild after local Administrator credentials were compromised," the company said. "Cisco strongly recommends that customers upgrade to a fixed software release to remediate this vulnerability."
Information security
Apple
fromTheregister
2 months ago

Apple backports patch to older kit after 0-day exploitation

Apple backported an ImageIO out-of-bounds write fix to older iPhones and iPads after evidence of exploitation in extremely sophisticated attacks possibly tied to commercial surveillanceware.
#citrix-netscaler
more#citrix-netscaler
Apple
fromThe Hacker News
3 months ago

Apple Patches CVE-2025-43300 Zero-Day in iOS, iPadOS, and macOS Exploited in Targeted Attacks

Apple patched an ImageIO out-of-bounds write zero-day (CVE-2025-43300) actively exploited to cause memory corruption across iOS, iPadOS, and macOS.
#cybersecurity
fromFast Company
4 months ago
Information security

Microsoft SharePoint hack: An active cybersecurity incident could impact tens of thousands of servers

fromFast Company
4 months ago
Information security

Microsoft SharePoint hack: An active cybersecurity incident could impact tens of thousands of servers

more#cybersecurity
fromTheregister
4 months ago

Blame a leak for Microsoft SharePoint attacks: researcher

A leak happened here somewhere,” Dustin Childs, head of threat awareness at Trend Micro's Zero Day Initiative (ZDI), told The Register. “And now you’ve got a zero-day exploit in the wild, and worse than that, you’ve got a zero-day exploit in the wild that bypasses the patch, which came out the next day.
Privacy professionals
Information security
fromThe Verge
4 months ago

Microsoft SharePoint servers are under attack because of a major security flaw

Microsoft's SharePoint software vulnerabilities expose tens of thousands of servers to active attacks, prompting urgent security measures and patch releases.
Privacy professionals
fromTechRepublic
7 months ago

Patch Tuesday: Microsoft Fixes 134 Vulnerabilities, Including 1 Zero-Day

Microsoft's April Patch Tuesday update addressed 134 flaws, including a zero-day vulnerability, raising concerns about security in Windows systems.
[ Load more ]