Security
Headlines
HeadlinesLatestCVEs

Tag

#zero_day

11 Nation-State Hackers Exploit Unpatched Windows Flaw Since 2017

Microsoft refuses to patch serious Windows shortcut vulnerability abused in global espionage campaigns!

HackRead
Open in Source
#vulnerability#ios#windows#microsoft#zero_day
Unpatched Windows Zero-Day Flaw Exploited by 11 State-Sponsored Threat Groups Since 2017

An unpatched security flaw impacting Microsoft Windows has been exploited by 11 state-sponsored groups from China, Iran, North Korea, and Russia as part of data theft, espionage, and financially motivated campaigns that date back to 2017. The zero-day vulnerability, tracked by Trend Micro's Zero Day Initiative (ZDI) as ZDI-CAN-25373, refers to an issue that allows bad actors to execute hidden

Chinese Cyber Espionage Group UNC3886 Backdoored Juniper Routers

UNC3886 hackers target Juniper routers with custom backdoor malware, exploiting outdated systems for stealthy access and espionage. Learn how to stay protected.

March 2025 Patch Tuesday: Microsoft Fixes 57 Vulnerabilities, 7 Zero-Days

Microsoft's March 2025 Patch Tuesday fixes six actively exploited zero-day vulnerabilities, including critical RCE and privilege escalation flaws. Learn how these vulnerabilities impact Windows systems and why immediate patching is essential.

URGENT: Microsoft Patches 57 Security Flaws, Including 6 Actively Exploited Zero-Days

Microsoft on Tuesday released security updates to address 57 security vulnerabilities in its software, including a whopping six zero-days that it said have been actively exploited in the wild. Of the 56 flaws, six are rated Critical, 50 are rated Important, and one is rated Low in severity. Twenty-three of the addressed vulnerabilities are remote code execution bugs and 22 relate to privilege

Apple Releases Patch for WebKit Zero-Day Vulnerability Exploited in Targeted Attacks

Apple on Tuesday released a security update to address a zero-day flaw that it said has been exploited in "extremely sophisticated" attacks. The vulnerability has been assigned the CVE identifier CVE-2025-24201 and is rooted in the WebKit web browser engine component. It has been described as an out-of-bounds write issue that could allow an attacker to craft malicious web content such that it

Microsoft: 6 Zero-Days in March 2025 Patch Tuesday

Microsoft today issued more than 50 security updates for its various Windows operating systems, including fixes for a whopping six zero-day vulnerabilities that are already seeing active exploitation.

Chinese Silk Typhoon Group Targets IT Tools for Network Breaches

Microsoft warns that Chinese espionage group Silk Typhoon now exploits IT tools like remote management apps and cloud services to breach networks.

US Charges 12 Alleged Spies in China’s Freewheeling Hacker-for-Hire Ecosystem

The Justice Department claims 10 alleged hackers and two Chinese government officials took part in a wave of cyberattacks around the globe that included breaching the US Treasury Department and more.