zero-days Archives

Nation-state groups hit hundreds of organizations with Microsoft Windows zero-day

Trend Micro researchers discovered and reported the eight-year-old defect to Microsoft six months ago. The company hasn’t made any commitments to patch or remediate the issue.

4 days ago By Matt Kapko

A view of the Microsoft corporate logo in front of the Microsoft Office building on 41st street and 8th avenue on July 19, 2024 in New York City. (Photo by Craig T Fruchtman/Getty Images)

Microsoft patches 57 vulnerabilities, including 6 zero-days

More than three-quarters of the vulnerabilities covered in the vendor’s monthly Patch Tuesday update are high-severity flaws.

Mar 11, 2025 By Matt Kapko

From credit card fraud to zero-day exploits: Xe Group expanding cybercriminal efforts

The Vietnam-based group has grown more sophisticated since 2013, new research shows.

Feb 3, 2025 By Greg Otto

Screen of smartphone with icons. (Getty Images)

Android warns of Qualcomm exploit in latest security bulletin

The November security bulletin includes two CVE's reportedly exploited in the wild.

Nov 4, 2024 By Christian Vasquez

Director of the Homeland Security Department’s Cybersecurity and Infrastructure Security Agency Jen Easterly prepares to testify at a House Select Committee on the Chinese Communist Party hearing on Capitol Hill in Washington, DC, on January 31, 2024. (Photo by Julia Nikhinson / AFP)

CISA orders Ivanti devices targeted by Chinese hackers be disconnected

An updated emergency directive includes instructions on how to bring affected devices back online securely.

Feb 1, 2024 By AJ Vicens

From left, the NSA’s Darren Turner, OMB’s Nick Polk and CISA’s Michael Duffy participate in a cybersecurity governance panel at ACT-IAC’s Imagine Nation ELC conference in Hershey, Pa., on Oct. 30, 2023. (Scoop News Group photo)

CISA sees increase in zero-day exploitation, official says

Michael Duffy, associate director for capacity building in CISA’s cybersecurity division, says that global zero-day exploits are “really affecting the federal government networks.”

Nov 3, 2023 By Matt Bracken

Google reveals Spanish IT firm’s links to spyware targeting Chrome, Firefox and Microsoft Defender

Google says it has deployed patches for zero-day vulnerabilities that a Spanish tech company may have used to develop spyware.

Nov 30, 2022 By AJ Vicens

Zero-day exploits have sharply increased in the last year.

Zero-day attacks surged in 2021, Mandiant says

2021 accounted for more than 40% of the zero-day exploits undertaken in the last decade, according to the company.

Apr 22, 2022 By Suzanne Smalley

alert, warning, notification, hack, attack, intrusion, disruption, zero-day, exploit — (Getty Images)

Zero-day exploits found and disclosed hit a record high in 2021, Google Project Zero says

There were 58 total. The good news: Detection and disclosure of zero-day exploits have increased, the research team says.

Apr 19, 2022

Aethon TUG hospital robot — A TUG robot from Aethon delivers supplies at UCSF medical center in San Francisco on April 15, 2021. (Photo by Smith Collection/Gado/Getty Images)

Hospital hallway robots get patches for potentially serious bugs

Five zero-days found in Aethon TUG robots included one that could allow an attacker to control the machines, Cynerio said.

Apr 12, 2022 By Joe Warminsky