Security
Headlines
HeadlinesLatestCVEs

Tag

#zero_day

Knocknoc Raises Seed Funding to Scale Its Just-In-Time Network Access Control Technology

Sydney, Australia, 19th March 2025, CyberNewsWire

HackRead
Open in Source
#auth#zero_day
Unpatched Windows Zero-Day Flaw Exploited by 11 State-Sponsored Threat Groups Since 2017

An unpatched security flaw impacting Microsoft Windows has been exploited by 11 state-sponsored groups from China, Iran, North Korea, and Russia as part of data theft, espionage, and financially motivated campaigns that date back to 2017. The zero-day vulnerability, tracked by Trend Micro's Zero Day Initiative (ZDI) as ZDI-CAN-25373, refers to an issue that allows bad actors to execute hidden

Chinese Cyber Espionage Group UNC3886 Backdoored Juniper Routers

UNC3886 hackers target Juniper routers with custom backdoor malware, exploiting outdated systems for stealthy access and espionage. Learn how to stay protected.

March 2025 Patch Tuesday: Microsoft Fixes 57 Vulnerabilities, 7 Zero-Days

Microsoft's March 2025 Patch Tuesday fixes six actively exploited zero-day vulnerabilities, including critical RCE and privilege escalation flaws. Learn how these vulnerabilities impact Windows systems and why immediate patching is essential.

URGENT: Microsoft Patches 57 Security Flaws, Including 6 Actively Exploited Zero-Days

Microsoft on Tuesday released security updates to address 57 security vulnerabilities in its software, including a whopping six zero-days that it said have been actively exploited in the wild. Of the 56 flaws, six are rated Critical, 50 are rated Important, and one is rated Low in severity. Twenty-three of the addressed vulnerabilities are remote code execution bugs and 22 relate to privilege

Apple Releases Patch for WebKit Zero-Day Vulnerability Exploited in Targeted Attacks

Apple on Tuesday released a security update to address a zero-day flaw that it said has been exploited in "extremely sophisticated" attacks. The vulnerability has been assigned the CVE identifier CVE-2025-24201 and is rooted in the WebKit web browser engine component. It has been described as an out-of-bounds write issue that could allow an attacker to craft malicious web content such that it

Microsoft: 6 Zero-Days in March 2025 Patch Tuesday

Microsoft today issued more than 50 security updates for its various Windows operating systems, including fixes for a whopping six zero-day vulnerabilities that are already seeing active exploitation.

Chinese Silk Typhoon Group Targets IT Tools for Network Breaches

Microsoft warns that Chinese espionage group Silk Typhoon now exploits IT tools like remote management apps and cloud services to breach networks.

US Charges 12 Alleged Spies in China’s Freewheeling Hacker-for-Hire Ecosystem

The Justice Department claims 10 alleged hackers and two Chinese government officials took part in a wave of cyberattacks around the globe that included breaching the US Treasury Department and more.

China-Linked Silk Typhoon Expands Cyber Attacks to IT Supply Chains for Initial Access

The China-lined threat actor behind the zero-day exploitation of security flaws in Microsoft Exchange servers in January 2021 has shifted its tactics to target the information technology (IT) supply chain as a means to obtain initial access to corporate networks. That's according to new findings from the Microsoft Threat Intelligence team, which said the Silk Typhoon (formerly Hafnium) hacking