zero days Archives

The Apple logo is seen on a window of the company’s store in Bangkok on March 5, 2021. (Photo by Mladen ANTONOV / AFP) (Photo by MLADEN ANTONOV/AFP via Getty Images)

Apple discloses zero-day vulnerability, releases emergency patches

Apple released emergency software patches Tuesday that address a newly identified zero-day vulnerability in the company’s WebKit web browser engine. Tracked as CVE-2025-24201, an attacker can potentially…

17 hours ago By Greg Otto

New zero-day exploit targets Ivanti VPN product

After Ivanti detected the activity, Mandiant says it found malware in impacted devices associated with a Chinese-linked threat group.

Jan 9, 2025 By Matt Bracken

Treasury sanctions Chinese cyber company, employee for 2020 global firewall attack

The department’s Office of Foreign Assets Control said Guan Tianfeng used a zero-day exploit to deploy malware on 81,000 firewalls.

Dec 10, 2024 By Matt Bracken

Chairman Michael Turner (R-OH) speaks at a hearing with the House (Select) Intelligence Committee in the Cannon Office Building on March 12, 2024 in Washington, DC. (Photo by Anna Moneymaker/Getty Images)

House Intel Republicans request FBI, SEC briefing on Temu

The members cited concerning news reports, including the exploitation of a zero-day vulnerability by parent company Pinduoduo in 2023.

Sep 25, 2024 By Derek B. Johnson

Mongolian guards stand guard in front of the Genghis Khan statue at the Government Palace in Ulaanbaatar on May 21, 2023. The hackers allegedly conducted watering hole attacks on Mongolian government websites.(Photo by LUDOVIC MARIN/AFP via Getty Images)

Google: apparent Russian hackers play copycat to commercial spyware vendors

The attack campaigns show how spyware tech companies have become more akin to nation-state threat actors.

Aug 29, 2024 By Tim Starks

Google Chrome’s logo is seen at Google’s annual developer conference, Google I/O, at Moscone Center in San Francisco on June 28, 2012 in California. AFP PHOTO / Kimihiro Hoshino (Photo credit should read KIMIHIRO HOSHINO/AFP/GettyImages)

Researchers find decades-old vulnerability in major web browsers

The flaw, called ‘0.0.0.0 day,’ has to do with how browsers handle network requests.

Aug 8, 2024 By Greg Otto

A view of the Verizon logo on Feb. 22, 2024 in New York City. (Photo by Kena Betancur/VIEWpress)

Exploitation of vulnerabilities almost tripled as a source of data breaches last year

Verizon’s annual data breach report identified the MOVEit hack as the “poster child” of the phenomenon.

May 1, 2024 By Tim Starks

From left, Mandiant’s Jurgen Kutscher, Kevin Mandia and Sandra Joyce participate in a panel discussion at the Google Cloud’s Next technology conference in Las Vegas on April 9, 2024. (Scoop News Group photo)

What keeps CISOs up at night? Mandiant leaders share top cyber concerns

A trio of top brass for Mandiant shared the emerging advanced tactics, techniques and procedures that they see troubling cyber professionals.

Apr 12, 2024 By Billy Mitchell