Experimental News Clipping Site

Tag: zero-days

  • Krebs on Security: Patch Tuesday, April 2025 Edition

    by

    Kurt Seifried
    in

    Source URL: https://krebsonsecurity.com/2025/04/patch-tuesday-april-2025-edition/ Source: Krebs on Security Title: Patch Tuesday, April 2025 Edition Feedly Summary: Microsoft today released updates to plug at least 121 security holes in its Windows operating systems and software, including one vulnerability that is already being exploited in the wild. Eleven of those flaws earned Microsoft’s most-dire “critical" rating, meaning malware…

  • Krebs on Security: Microsoft: 6 Zero-Days in March 2025 Patch Tuesday

    by

    Kurt Seifried
    in

    Source URL: https://krebsonsecurity.com/2025/03/microsoft-6-zero-days-in-march-2025-patch-tuesday/ Source: Krebs on Security Title: Microsoft: 6 Zero-Days in March 2025 Patch Tuesday Feedly Summary: Microsoft today issued more than 50 security updates for its various Windows operating systems, including fixes for a whopping six zero-day vulnerabilities that are already seeing active exploitation. AI Summary and Description: Yes Summary: Microsoft recently released…

  • Rekt: Infini – Rekt

    by

    Kurt Seifried
    in

    Source URL: https://www.rekt.news/infini-rekt Source: Rekt Title: Infini – Rekt Feedly Summary: The perfect DeFi hack. No flash loans, no zero-days. Just a rogue dev who built a backdoor, waited 114 days, then drained $49.5M from Infini with admin privileges. Same old story, new-age incompetence. When will protocols learn that admin keys aren’t toys? AI Summary…

  • Hacker News: Hackers get $886,250 for 49 zero-days at Pwn2Own Automotive 2025

    by

    Kurt Seifried
    in

    Source URL: https://www.bleepingcomputer.com/news/security/hackers-get-886-250-for-49-zero-days-at-pwn2own-automotive-2025/ Source: Hacker News Title: Hackers get $886,250 for 49 zero-days at Pwn2Own Automotive 2025 Feedly Summary: Comments AI Summary and Description: Yes Summary: The Pwn2Own Automotive 2025 contest showcased significant advancements in automotive security, where researchers exploited numerous zero-day vulnerabilities in automotive software and electric vehicle systems, highlighting critical security gaps in…

  • Hacker News: Hackers exploit 16 zero-days on first day of Pwn2Own Automotive 2025

    by

    Kurt Seifried
    in

    Source URL: https://www.bleepingcomputer.com/news/security/hackers-exploit-16-zero-days-on-first-day-of-pwn2own-automotive-2025/ Source: Hacker News Title: Hackers exploit 16 zero-days on first day of Pwn2Own Automotive 2025 Feedly Summary: Comments AI Summary and Description: Yes Summary: The text provides a detailed report on the outcomes of the Pwn2Own Automotive 2025 hacking competition, highlighting the successful exploitation of zero-day vulnerabilities relating to electric vehicle chargers…

  • Cisco Talos Blog: Find the helpers

    by

    Kurt Seifried
    in

    Source URL: https://blog.talosintelligence.com/find-the-helpers/ Source: Cisco Talos Blog Title: Find the helpers Feedly Summary: Bill discusses how to find ‘the helpers’ and the importance of knowledge sharing. Plus, there’s a lot to talk about in our latest vulnerability roundup. AI Summary and Description: Yes Summary: This edition of the Threat Source newsletter emphasizes the importance of…

  • The Register: Microsoft fixes under-attack privilege-escalation holes in Hyper-V

    by

    Kurt Seifried
    in

    Source URL: https://www.theregister.com/2025/01/15/patch_tuesday_january_2025/ Source: The Register Title: Microsoft fixes under-attack privilege-escalation holes in Hyper-V Feedly Summary: Plus: Excel hell, angst for Adobe fans, and life’s too Snort for Cisco Patch Tuesday The first Patch Tuesday of 2025 has seen Microsoft address three under-attack privilege-escalation flaws in its Hyper-V hypervisor, plus plenty more problems that deserve…

  • Hacker News: RomCom exploits Firefox and Windows zero days in the wild

    by

    system automation
    in

    Source URL: https://www.welivesecurity.com/en/eset-research/romcom-exploits-firefox-and-windows-zero-days-in-the-wild/ Source: Hacker News Title: RomCom exploits Firefox and Windows zero days in the wild Feedly Summary: Comments AI Summary and Description: Yes Summary: The text provides a detailed analysis of critical zero-day vulnerabilities discovered in Mozilla products, specifically Firefox, Thunderbird, and the Tor Browser, which are being exploited by a Russia-aligned cyber…

  • The Register: Palo Alto Networks tackles firewall-busting zero-days with critical patches

    by

    system automation
    in

    Source URL: https://www.theregister.com/2024/11/19/palo_alto_networks_patches/ Source: The Register Title: Palo Alto Networks tackles firewall-busting zero-days with critical patches Feedly Summary: Amazing that these two bugs got into a production appliance, say researchers Palo Alto Networks (PAN) finally released a CVE identifier and patch for the zero-day exploit that caused such a fuss last week.… AI Summary and…

  • Schneier on Security: Most of 2023’s Top Exploited Vulnerabilities Were Zero-Days

    by

    system automation
    in

    Source URL: https://www.schneier.com/blog/archives/2024/11/most-of-2023s-top-exploited-vulnerabilities-were-zero-days.html Source: Schneier on Security Title: Most of 2023’s Top Exploited Vulnerabilities Were Zero-Days Feedly Summary: Zero-day vulnerabilities are more commonly used, according to the Five Eyes: Key Findings In 2023, malicious cyber actors exploited more zero-day vulnerabilities to compromise enterprise networks compared to 2022, allowing them to conduct cyber operations against higher-priority…