Zero-Day

iTunes is a media player which is developed by Apple Inc. and this application enables users to purchase, organize, and play digital music and videos.  It was launched in 2001 and revolutionized the way people...

The Windows MSHTML platform spoofing vulnerability, CVE-2024-43461, which affects all supported Windows versions, has been exploited in the wild. CVE-2024-43461 was used in attacks by the Void Banshee APT hacking group. Research from Trend Micro...

The cybersecurity landscape in 2024 has been marked by a significant surge in malware and vulnerabilities.  The Key trends include the expansion of Ransomware-as-a-Service (RaaS), an increase in software supply chain attacks, and the exploitation...

Microsoft has addressed a critical zero-day vulnerability affecting its Windows Smart App Control (SAC) and SmartScreen security features. This vulnerability was fixed at Microsoft’s September 2024 Patch Tuesday, which addressed a significant number...

The Russian group RomCom, dubbed Storm-0978, distributes underground ransomware by leveraging the Microsoft Office and Windows HTML RCE zero-day vulnerability identified as CVE-2023-36884. This ransomware encrypts files on victims' Windows computers, similar to typical ransomware,...

Google has released a patch for a critical zero-day vulnerability, CVE-2024-32896, which was actively exploited in the wild. This vulnerability, classified as a high-severity elevation of privilege (EoP) flaw, was discovered in the Android...

Chromium is the foundation for many popular web browsers including Google Chrome and Microsoft Edge, and this is the most lucrative thing that attracts the hackers most. Cybersecurity analysts at Microsoft recently discovered that North...

A botnet is exploiting a new zero-day vulnerability, CVE-2024-7029, in AVTECH CCTV cameras to spread a Mirai variant, which is a command injection vulnerability in the brightness function that allows for remote code execution.  It...

Chinese state-sponsored threat actors have been exploiting a zero-day vulnerability in Versa Director servers, identified as CVE-2024-39717. This vulnerability, discovered by Black Lotus Labs at Lumen Technologies, has been actively targeted since June 2024, affecting...

A critical zero-day vulnerability has been identified in the Arcadyan FMIMG51AX000J model and potentially other devices affiliated with the WiFi Alliance. This flaw allows remote attackers to execute arbitrary code. An independent security researcher...