Microsoft on Tuesday issued fixes for 56 flaws, including a critical vulnerability that's known to be actively exploited in the wild. In all, 11 are listed as Critical, 43 are listed as Important, and two are listed as Moderate in severity — six of which are previously disclosed vulnerabilities. The updates cover .NET Framework, Azure IoT, Microsoft Dynamics, Microsoft Edge for … [Read more...] about Microsoft Issues Patches for In-the-Wild 0-day and 55 Others Windows Bugs
0Day
SonicWall Hacked Using 0-Day Bugs In Its Own VPN Product
SonicWall, a popular internet security provider of firewall and VPN products, on late Friday disclosed that it fell victim to a coordinated attack on its internal systems. The San Jose-based company said the attacks leveraged zero-day vulnerabilities in SonicWall secure remote access products such as NetExtender VPN client version 10.x and Secure Mobile Access (SMA) that are … [Read more...] about SonicWall Hacked Using 0-Day Bugs In Its Own VPN Product
Google Discloses Poorly-Patched, Now Unpatched, Windows 0-Day Bug
Google's Project Zero team has made public details of an improperly patched zero-day security vulnerability in Windows print spooler API that could be leveraged by a bad actor to execute arbitrary code. Details of the unpatched flaw were revealed publicly after Microsoft failed to patch it within 90 days of responsible disclosure on September 24. Originally tracked as … [Read more...] about Google Discloses Poorly-Patched, Now Unpatched, Windows 0-Day Bug
New Chrome 0-day Under Active Attacks – Update Your Browser Now
Attention readers, if you are using Google Chrome browser on your Windows, Mac, or Linux computers, you need to update your web browsing software immediately to the latest version Google released earlier today. Google released Chrome version 86.0.4240.111 today to patch several security high-severity issues, including a zero-day vulnerability that has been exploited in the wild … [Read more...] about New Chrome 0-day Under Active Attacks – Update Your Browser Now
New Chrome 0-day Bug Under Active Attacks – Update Your Browser Now!
Attention readers, if you are using Chrome on your Windows, Mac, and Linux computers, you need to update your web browsing software immediately to the latest version Google released earlier today.With the release of Chrome 78.0.3904.87, Google is warning billions of users to install an urgent software update immediately to patch two high severity vulnerabilities, one of which … [Read more...] about New Chrome 0-day Bug Under Active Attacks – Update Your Browser Now!
Apple iTunes and iCloud for Windows 0-Day Exploited in Ransomware Attacks
Watch out Windows users!The cybercriminal group behind BitPaymer and iEncrypt ransomware attacks has been found exploiting a zero-day vulnerability affecting a little-known component that comes bundled with Apple's iTunes and iCloud software for Windows to evade antivirus detection.The vulnerable component in question is the Bonjour updater, a zero-configuration implementation … [Read more...] about Apple iTunes and iCloud for Windows 0-Day Exploited in Ransomware Attacks
New 0-Day Flaw Affecting Most Android Phones Being Exploited in the Wild
Another day, another revelation of a critical unpatched zero-day vulnerability, this time in the world's most widely used mobile operating system, Android.What's more? The Android zero-day vulnerability has also been found to be exploited in the wild by the Israeli surveillance vendor NSO Group—infamous for selling zero-day exploits to governments—or one of its customers, to … [Read more...] about New 0-Day Flaw Affecting Most Android Phones Being Exploited in the Wild
[Unpatched] Critical 0-Day RCE Exploit for vBulletin Forum Disclosed Publicly
An anonymous hacker today publicly revealed details and proof-of-concept exploit code for an unpatched, critical zero-day remote code execution vulnerability in vBulletin—one of the widely used internet forum software, The Hacker News has learned.One of the reasons why the vulnerability should be viewed as a severe issue is not just because it is remotely exploitable, but also … [Read more...] about [Unpatched] Critical 0-Day RCE Exploit for vBulletin Forum Disclosed Publicly
Hackers Used WhatsApp 0-Day Flaw to Secretly Install Spyware On Phones
Whatsapp has recently patched a severe vulnerability that was being exploited by attackers to remotely install surveillance malware on a few "selected" smartphones by simply calling the targeted phone numbers over Whatsapp audio call.Discovered, weaponized and then sold by the Israeli company NSO Group that produces the most advanced mobile spyware on the planet, the WhatsApp … [Read more...] about Hackers Used WhatsApp 0-Day Flaw to Secretly Install Spyware On Phones