Microsoft’s Patch Tuesday closes 72 vulnerabilities, including 5 zero-days
The company has addressed zero-day vulnerabilities for eight consecutive months without deeming any of them critical at the time of disclosure.
Advertisement
zero-days
SAP zero-day vulnerability under widespread active exploitation
Researchers attribute the attacks to an initial access broker who is exploiting the 10.0 critical vulnerability.
Is Ivanti the problem or a symptom of a systemic issue with network devices?
Exploited vulnerabilities have turned up in Ivanti products 16 times since 2024. That’s more than any other vendor in the network edge device space.
Google addresses 2 actively exploited vulnerabilities in security update
Serbian security services exploited one of the actively exploited vulnerabilities to break into the phone of a youth activist in Serbia, according to Amnesty International.
Apple issues fixes for vulnerabilities in both old and new OS versions
The company released a host of security patches Monday, including ones that address two zero-day vulnerabilities.
Nation-state groups hit hundreds of organizations with Microsoft Windows zero-day
Trend Micro researchers discovered and reported the eight-year-old defect to Microsoft six months ago. The company hasn’t made any commitments to patch or remediate the issue.
Advertisement
Microsoft patches 57 vulnerabilities, including 6 zero-days
More than three-quarters of the vulnerabilities covered in the vendor’s monthly Patch Tuesday update are high-severity flaws.
From credit card fraud to zero-day exploits: Xe Group expanding cybercriminal efforts
The Vietnam-based group has grown more sophisticated since 2013, new research shows.
Android warns of Qualcomm exploit in latest security bulletin
The November security bulletin includes two CVE's reportedly exploited in the wild.
CISA orders Ivanti devices targeted by Chinese hackers be disconnected
An updated emergency directive includes instructions on how to bring affected devices back online securely.