0day
Windows 11 and Red Hat Linux hacked on first day of Pwn2Own
On the first day of Pwn2Own Berlin 2025, security researchers were awarded $260,000 after successfully demonstrating zero-day exploits for Windows 11, Red Hat Linux, and Oracle VirtualBox. Red Hat Enterprise Linux for Workstations was the first to fall in the local privilege escalation category after DEVCORE Research Team’s Pumpkin exploited an integer overflow vulnerability to […]
Ivanti fixes EPMM zero-days chained in code execution attacks
Ivanti warned customers today to patch their Ivanti Endpoint Manager Mobile (EPMM) software against two security vulnerabilities chained in attacks to gain remote code execution. “Ivanti has released updates for Endpoint Manager Mobile (EPMM) which addresses one medium and one high severity vulnerability,” the company said. “When chained together, successful exploitation could lead to unauthenticated remote […]
Hackers exploit VMware ESXi, Microsoft SharePoint zero-days at Pwn2Own
During the second day of Pwn2Own Berlin 2025, competitors earned $435,000 after exploiting zero-day bugs in multiple products, including Microsoft SharePoint, VMware ESXi, Oracle VirtualBox, Red Hat Enterprise Linux, and Mozilla Firefox. The highlight was a successful attempt from Nguyen Hoang Thach of STARLabs SG against the VMware ESXi, which earned him $150,000 for an […]
CISA tags recently patched Chrome bug as actively exploited
On Thursday, CISA warned U.S. federal agencies to secure their systems against ongoing attacks exploiting a high-severity vulnerability in the Chrome web browser. Solidlab security researcher Vsevolod Kokorin discovered the flaw (CVE-2025-4664) and shared technical details online on May 5th. Google released security updates to patch it on Wednesday. As Kokorin explained, the vulnerability is due to insufficient policy enforcement […]
Output Messenger flaw exploited as zero-day in espionage attacks
A Türkiye-backed cyberespionage group exploited a zero-day vulnerability to attack Output Messenger users linked to the Kurdish military in Iraq. Microsoft Threat Intelligence analysts who spotted these attacks also discovered the security flaw (CVE-2025-27920) in the LAN messaging application, a directory traversal vulnerability that can let authenticated attackers access sensitive files outside the intended directory […]
SonicWall urges admins to patch VPN flaw exploited in attacks
SonicWall has urged its customers to patch three security vulnerabilities affecting its Secure Mobile Access (SMA) appliances, one of them tagged as exploited in attacks. Discovered and reported by Rapid7 cybersecurity researcher Ryan Emmons, the three security flaws (CVE-2025-32819, CVE-2025-32820, and CVE-2025-32821) can be chained by attackers to gain remote code execution as root and compromise […]
Commvault says recent breach didn’t impact customer backup data
Commvault, a leading provider of data protection solutions, says a nation-state threat actor who breached its Azure environment didn’t gain access to customer backup data. Listed on NASDAQ since March 2006, Commvault is included in the S&P MidCap 400 Index and provides cyber resilience services to over 100,000 organizations. As the company first revealed on March 7, […]
Google: 97 zero-days exploited in 2024, over 50% in spyware attacks
Google’s Threat Intelligence Group (GTIG) says attackers exploited 75 zero-day vulnerabilities in the wild last year, over 50% of which were linked to spyware attacks. These numbers are down from 97 zero-days in 2023 but up from 63 in 2022, which GTIG analysts attributed to year-to-year swings reflecting expected variation within an upward trajectory for […]
Craft CMS RCE exploit chain used in zero-day attacks to steal data
Two vulnerabilities impacting Craft CMS were chained together in zero-day attacks to breach servers and steal data, with exploitation ongoing, according to CERT Orange Cyberdefense. The vulnerabilities were discovered by Orange Cyberdefense’s CSIRT, which was called in to investigate a compromised server. As part of the investigation, they discovered that two zero-day vulnerabilities impacting Craft CMS […]
SAP fixes suspected Netweaver zero-day exploited in attacks
SAP has released out-of-band emergency NetWeaver updates to fix a suspected remote code execution (RCE) zero-day flaw actively exploited to hijack servers. The vulnerability, tracked under CVE-2025-31324 and rated critical (CVSS v3 score: 10.0), is an unauthenticated file upload vulnerability in SAP NetWeaver Visual Composer, specifically the Metadata Uploader component. It allows attackers to upload malicious executable […]