zero-day vulnerability – Page 2 – Experimental News Clipping Site

Cisco Talos Blog: BRB, pausing for a "Sanctuary Moon" marathon

Jul 24, 2025

—

by

Source URL: https://blog.talosintelligence.com/brb-pausing-for-a-sanctuary-moon-marathon/ Source: Cisco Talos Blog Title: BRB, pausing for a "Sanctuary Moon" marathon Feedly Summary: Get to know the real people behind cybersecurity’s front lines. In this week’s newsletter, sci-fi meets reality, humanity powers technology and a few surprises are waiting to be discovered. AI Summary and Description: Yes Summary: The text offers…

The Register: Another massive security snafu hits Microsoft, but don’t expect it to stick

Jul 21, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://www.theregister.com/2025/07/21/massive_security_snafu_microsoft/ Source: The Register Title: Another massive security snafu hits Microsoft, but don’t expect it to stick Feedly Summary: Move along, nothing to see here comment Here we go again. Another major Microsoft attack, with this one seeing someone — most likely government-backed hackers — exploiting a zero-day bug in SharePoint Server that…

The Register: Microsoft patches failed to fix on-prem SharePoint, which is now under zero-day attack

Jul 21, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://www.theregister.com/2025/07/21/infosec_in_brief/ Source: The Register Title: Microsoft patches failed to fix on-prem SharePoint, which is now under zero-day attack Feedly Summary: PLUS: China upgrades smartphone surveillance tools; Ring eases anti-snooping stance; and more Infosec In Brief Microsoft has warned users of SharePoint Server that three on-prem versions of the product include a zero-day flaw…

Cloud Blog: Ongoing SonicWall Secure Mobile Access (SMA) Exploitation Campaign using the OVERSTEP Backdoor

Jul 18, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://cloud.google.com/blog/topics/threat-intelligence/sonicwall-secure-mobile-access-exploitation-overstep-backdoor/ Source: Cloud Blog Title: Ongoing SonicWall Secure Mobile Access (SMA) Exploitation Campaign using the OVERSTEP Backdoor Feedly Summary: Written by: Josh Goddard, Zander Work, Dimiter Andonov Introduction Google Threat Intelligence Group (GTIG) has identified an ongoing campaign by a suspected financially-motivated threat actor we track as UNC6148, targeting fully patched end-of-life SonicWall…

Slashdot: Google Spots Tailored Backdoor Malware Aimed At SonicWall Appliances

Jul 17, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://it.slashdot.org/story/25/07/17/2049256/google-spots-tailored-backdoor-malware-aimed-at-sonicwall-appliances?utm_source=rss1.0mainlinkanon&utm_medium=feed Source: Slashdot Title: Google Spots Tailored Backdoor Malware Aimed At SonicWall Appliances Feedly Summary: AI Summary and Description: Yes Summary: The text details a security breach involving SonicWall appliances exploited by threat actors to steal sensitive data, utilizing advanced tactics to maintain access and conceal their activities. This incident is crucial for…

Cisco Talos Blog: Everyone’s on the cyber target list

Jun 5, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://blog.talosintelligence.com/everyones-on-the-cyber-target-list/ Source: Cisco Talos Blog Title: Everyone’s on the cyber target list Feedly Summary: In this week’s newsletter, Martin emphasizes that awareness, basic cyber hygiene and preparation are essential for everyone, and highlights Talos’ discovery of the new PathWiper malware. AI Summary and Description: Yes **Summary:** The text summarizes insights on personal cybersecurity…

Cisco Talos Blog: UAT-6382 exploits Cityworks zero-day vulnerability to deliver malware

May 22, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://blog.talosintelligence.com/uat-6382-exploits-cityworks-vulnerability/ Source: Cisco Talos Blog Title: UAT-6382 exploits Cityworks zero-day vulnerability to deliver malware Feedly Summary: Talos has observed exploitation of CVE-2025-0994 in the wild by UAT-6382, a Chinese-speaking threat actor, who then deployed malware payloads via TetraLoader. AI Summary and Description: Yes **Summary:** The text describes the exploitation of a significant remote-code-execution…

Microsoft Security Blog: Marbled Dust leverages zero-day in Output Messenger for regional espionage

May 12, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://www.microsoft.com/en-us/security/blog/2025/05/12/marbled-dust-leverages-zero-day-in-output-messenger-for-regional-espionage/ Source: Microsoft Security Blog Title: Marbled Dust leverages zero-day in Output Messenger for regional espionage Feedly Summary: Since April 2024, the threat actor that Microsoft Threat Intelligence tracks as Marbled Dust has been observed exploiting user accounts that have not applied fixes to a zero-day vulnerability (CVE-2025-27920) in the messaging app Output…

Cloud Blog: Hello 0-Days, My Old Friend: A 2024 Zero-Day Exploitation Analysis

Apr 29, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://cloud.google.com/blog/topics/threat-intelligence/2024-zero-day-trends/ Source: Cloud Blog Title: Hello 0-Days, My Old Friend: A 2024 Zero-Day Exploitation Analysis Feedly Summary: Written by: Casey Charrier, James Sadowski, Clement Lecigne, Vlad Stolyarov Executive Summary Google Threat Intelligence Group (GTIG) tracked 75 zero-day vulnerabilities exploited in the wild in 2024, a decrease from the number we identified in 2023…

The Register: Emergency patch for potential SAP zero-day that could grant full system control

Apr 25, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://www.theregister.com/2025/04/25/sap_netweaver_patch/ Source: The Register Title: Emergency patch for potential SAP zero-day that could grant full system control Feedly Summary: German software giant paywalls details, but experts piece together the clues SAP’s latest out-of-band patch is for a perfect 10/10 bug in NetWeaver that experts suspect could have already been exploited as a zero-day.……

Tag: zero-day vulnerability