0-day

Knotweed threat actors exploit Microsoft and Adobe 0-days and deliver Subzero malware

Knotweed threat actors have exploited Microsoft and Adobe 0-day vulnerabilities in targeted attacks against European and Central American customers. The actors also developed Subzero malware used in these attacks.

Knotweed threat actors exploit Microsoft and Adobe 0-days and deliver Subzero malware Read More »

NotLegit: 4-year old Microsoft Azure App Service 0-day vulnerability affects source code repositories

A four-year old Microsoft Azure App Service 0-day vulnerability dubbed “NotLegit” affects hundreds of source code repositories.

NotLegit: 4-year old Microsoft Azure App Service 0-day vulnerability affects source code repositories Read More »

Windows Mobile Device Management 0-day vulnerability could lead to local privilege escalation

A security researcher has discovered a zero-day vulnerability CVE-2021-24084 in Windows Mobile Device Management that could allow information disclosure and local privilege escalation (LPE).

Windows Mobile Device Management 0-day vulnerability could lead to local privilege escalation Read More »

Cyber attackers exploit Accellion FTA 0-day vulnerabilities to steal data

Cyber attackers have been exploiting Accellion File Transfer (FTA) appliance 0-day vulnerabilities to steal data and threaten their victims with extortion attempts.

Cyber attackers exploit Accellion FTA 0-day vulnerabilities to steal data Read More »

Netgear fixes high risk vulnerability in multiple routers and network devices

Netgear has released firmware updates to fix a high severity remote code execution (RCE) vulnerability in multiple Netgear routers and other network devices. A remote attacker could exploit to take control of an affected device.

Netgear fixes high risk vulnerability in multiple routers and network devices Read More »

iOS exploit chains discovered in the wild

A group of hackers have been using compromised websites to launch watering hole attacks against iPhone users who visit the websites. The attacks also use five different exploit chains and exploit 0-day vulnerabilities that don’t require any user interaction.

iOS exploit chains discovered in the wild Read More »