Zero-Day

Cybersecurity researchers at EXPMON have uncovered an intriguing "zero-day behavior" in PDF samples that could potentially be exploited by attackers to leak sensitive NTLM authentication data. The discovery highlights vulnerabilities in how Adobe Reader...

Ivanti publicly disclosed two critical vulnerabilities CVE-2025-0282 and CVE-2025-0283 affecting its Connect Secure (ICS) VPN appliances. The announcement comes amidst alarming reports of active zero-day exploitation of CVE-2025-0282, identified by cybersecurity firm Mandiant as...

Oracle has issued an urgent security alert regarding a critical vulnerability in its Agile Product Lifecycle Management (PLM) Framework that is actively being exploited in the wild. The vulnerability, tracked as CVE-2024-21287, allows unauthenticated...

New identical Windows Theme Zero-Day Vulnerability Let Attackers Steal Credentials vulnerability that might allow attackers to obtain NTLM credentials of compromised systems while fixing CVE-2024-38030, a medium-severity Windows Themes spoofing issue. Acros Security researchers reported...

Samsung has devices affected by a critical security vulnerability (CVE-2024-44068) that affects multiple Exynos mobile processors actively exploited in the wild. The high-severity flaw impacts several processor models, including the Exynos 9820, 9825, 980, 990,...

The first day of Pwn2Own Ireland 2024 has concluded with an impressive showcase of cybersecurity prowess, as hackers demonstrated their skills by uncovering 52 zero-day vulnerabilities. The event, held at Trend Micro’s offices in...

A joint report by AhnLab Security Emergency response Center (ASEC) and the National Cyber Security Center (NCSC) has revealed a new zero-day vulnerability (CVE-2024-38178) in Microsoft Internet Explorer (IE) being actively exploited by North...

Researchers have uncovered a sophisticated attack campaign targeting Ivanti Cloud Services Appliance (CSA) users. Nation-state actors are exploiting multiple zero-day vulnerabilities in the CSA to gain unauthorized access to victims' networks and establish a...

iTunes is a media player which is developed by Apple Inc. and this application enables users to purchase, organize, and play digital music and videos.  It was launched in 2001 and revolutionized the way people...

The Windows MSHTML platform spoofing vulnerability, CVE-2024-43461, which affects all supported Windows versions, has been exploited in the wild. CVE-2024-43461 was used in attacks by the Void Banshee APT hacking group. Research from Trend Micro...