-
Zeroday Cloud hacking event awards $320,0000 for 11 zero days
The Zeroday Cloud hacking competition in London has awarded researchers $320,000 for demonstrating critical remote code execution vulnerabilities in components used in cloud infrastructure.
- December 17, 2025
- 06:09 PM
2
-
Cisco warns of unpatched AsyncOS zero-day exploited in attacks
Cisco warned customers today of an unpatched, maximum-severity Cisco AsyncOS zero-day actively exploited in attacks targeting Secure Email Gateway (SEG) and Secure Email and Web Manager (SEWM) appliances.
- December 17, 2025
- 01:45 PM
0
-
New Webinar: Choose Your Own Investigation — Browser Attack Edition
Modern attacks have shifted focus to the browser, yet detection tools remain largely blind to the crucial activity happening there.
Join Push Security on February 11th for an interactive "choose-your-own-adventure" webinar on ClickFix, credential phishing, and other in-browser attacks we've observed in the wild.
-
Sonicwall warns of new SMA1000 zero-day exploited in attacks
SonicWall warned customers today to patch a vulnerability in the SonicWall SMA1000 Appliance Management Console (AMC) that was chained in zero-day attacks to escalate privileges.
- December 17, 2025
- 12:44 PM
- 0
-
Apple fixes two zero-day flaws exploited in 'sophisticated' attacks
Apple has released emergency updates to patch two zero-day vulnerabilities that were exploited in an "extremely sophisticated attack" targeting specific individuals.
- December 12, 2025
- 06:23 PM
- 1
-
New Windows RasMan zero-day flaw gets free, unofficial patches
Free unofficial patches are available for a new Windows zero-day vulnerability that allows attackers to crash the Remote Access Connection Manager (RasMan) service.
- December 12, 2025
- 06:28 AM
- 0
-
Hackers exploit unpatched Gogs zero-day to breach 700 servers
An unpatched zero-day vulnerability in Gogs, a popular self-hosted Git service, has enabled attackers to gain remote code execution on Internet-facing instances and compromise hundreds of servers.
- December 11, 2025
- 08:19 AM
- 0
-
Google fixes eighth Chrome zero-day exploited in attacks in 2025
Google has released emergency updates to fix another Chrome zero-day vulnerability exploited in the wild, marking the eighth such security flaw patched since the start of the year.
- December 11, 2025
- 03:01 AM
- 0
-
Microsoft December 2025 Patch Tuesday fixes 3 zero-days, 57 flaws
Microsoft's December 2025 Patch Tuesday fixes 57 flaws, including one actively exploited and two publicly disclosed zero-day vulnerabilities.
- December 09, 2025
- 01:38 PM
- 6
-
Microsoft "mitigates" Windows LNK flaw exploited as zero-day
Microsoft has silently "mitigated" a high-severity Windows LNK vulnerability exploited by multiple state-backed and cybercrime hacking groups in zero-day attacks.
- December 03, 2025
- 11:45 AM
- 2
-
Google fixes two Android zero days exploited in attacks, 107 flaws
Google has released the December 2025 Android security bulletin, addressing 107 vulnerabilities, including two flaws actively exploited in targeted attacks.
- December 02, 2025
- 09:36 AM
- 0
-
CISA gives govt agencies 7 days to patch new Fortinet flaw
CISA has ordered U.S. government agencies to secure their systems within a week against another vulnerability in Fortinet's FortiWeb web application firewall, which was exploited in zero-day attacks.
- November 19, 2025
- 08:44 AM
- 0
-
Fortinet warns of new FortiWeb zero-day exploited in attacks
Today, Fortinet released security updates to patch a new FortiWeb zero-day vulnerability that threat actors are actively exploiting in attacks.
- November 18, 2025
- 02:01 PM
- 0
-
Google fixes new Chrome zero-day flaw exploited in attacks
Google has released an emergency security update to fix the seventh Chrome zero-day vulnerability exploited in attacks this year.
- November 18, 2025
- 05:13 AM
- 0
-
Hackers exploited Citrix, Cisco ISE flaws in zero-day attacks
An advanced threat actor exploited the critical vulnerabilities "Citrix Bleed 2" (CVE-2025-5777) in NetScaler ADC and Gateway, and CVE-2025-20337 affecting Cisco Identity Service Engine (ISE) as zero-days to deploy custom malware.
- November 12, 2025
- 09:00 AM
- 0
-
Synology fixes BeeStation zero-days demoed at Pwn2Own Ireland
Synology has addressed a critical-severity remote code execution (RCE) vulnerability in BeeStation products that was demonstrated at the recent Pwn2Own hacking competition.
- November 11, 2025
- 05:34 PM
- 0
-
Microsoft November 2025 Patch Tuesday fixes 1 zero-day, 63 flaws
Today is Microsoft's November 2025 Patch Tuesday, which includes security updates for 63 flaws, including one actively exploited zero-day vulnerability.
- November 11, 2025
- 01:45 PM
- 0
-
CISA orders feds to patch Samsung zero-day used in spyware attacks
CISA ordered U.S. federal agencies today to patch a critical Samsung vulnerability that has been exploited in zero-day attacks to deploy LandFall spyware on devices running WhatsApp.
- November 10, 2025
- 03:00 PM
- 0
-
QNAP fixes seven NAS zero-day flaws exploited at Pwn2Own
QNAP has fixed seven zero-day vulnerabilities that security researchers exploited to hack QNAP network-attached storage (NAS) devices during the Pwn2Own Ireland 2025 competition.
- November 07, 2025
- 01:24 PM
- 1
-
China-linked hackers exploited Lanscope flaw as a zero-day in attacks
China-linked cyber-espionage actors tracked as 'Bronze Butler' (Tick) exploited a Motex Lanscope Endpoint Manager vulnerability as a zero-day to deploy an updated version of their Gokcpdoor malware.
- November 01, 2025
- 10:16 AM
- 0
-
Windows zero-day actively exploited to spy on European diplomats
A China-linked hacking group is exploiting a Windows zero-day in attacks targeting European diplomats in Hungary, Belgium, and other European nations.
- October 31, 2025
- 07:29 AM
- 0
0
