Zero-Day
Microsoft “mitigates” Windows LNK flaw exploited as zero-day
Microsoft has silently “mitigated” a high-severity Windows LNK vulnerability exploited by multiple state-backed and cybercrime hacking groups in zero-day attacks. Tracked as CVE-2025-9491, this security flaw allows attackers to hide malicious commands within Windows LNK files, which can be used to deploy malware and gain persistence on compromised devices. However, the attacks require user interaction to […]
Google fixes two Android zero days exploited in attacks, 107 flaws
Google has released the December 2025 Android security bulletin, addressing 107 vulnerabilities, including two flaws actively exploited in targeted attacks. The two high-severity vulnerabilities are tracked as CVE-2025-48633 and CVE-2025-48572. They are information disclosure and elevation-of-privilege issues, respectively, affecting Android versions 13 through 16. “There are indications that the following may be under limited, targeted […]
CISA gives govt agencies 7 days to patch new Fortinet flaw
CISA has ordered U.S. government agencies to secure their systems within a week against another vulnerability in Fortinet’s FortiWeb web application firewall, which was exploited in zero-day attacks. Tracked as CVE-2025-58034, this OS command injection flaw can allow authenticated threat actors to execute code as root in low-complexity attacks that don’t require user interaction. “An Improper […]
Fortinet warns of new FortiWeb zero-day exploited in attacks
Today, Fortinet released security updates to patch a new FortiWeb zero-day vulnerability that threat actors are actively exploiting in attacks. Tracked as CVE-2025-58034, this web application firewall security flaw was reported by Jason McFadyen of Trend Micro’s Trend Research team. Authenticated threat actors can gain code execution by successfully exploiting this OS command injection vulnerability in […]
Google fixes new Chrome zero-day flaw exploited in attacks
Google has released an emergency security update to fix the seventh Chrome zero-day vulnerability exploited in attacks this year. “Google is aware that an exploit for CVE-2025-13223 exists in the wild,” the search giant warned in a security advisory published on Monday. This high-severity vulnerability is caused by a type confusion weakness in Chrome’s V8 JavaScript engine, reported last […]
Hackers exploited Citrix, Cisco ISE flaws in zero-day attacks
An advanced threat actor exploited the critical vulnerabilities “Citrix Bleed 2″ (CVE-2025-5777) in NetScaler ADC and Gateway, and CVE-2025-20337 affecting Cisco Identity Service Engine (ISE) as zero-days to deploy custom malware. Amazon’s threat intelligence team, analyzing “MadPot” honeypot data, found that hackers leveraged the two security issues before the security issues were disclosed publicly and patches became […]
Synology fixes BeeStation zero-days demoed at Pwn2Own Ireland
Synology has addressed a critical-severity remote code execution (RCE) vulnerability in BeeStation products that was demonstrated at the recent Pwn2Own hacking competition. The security issue (CVE-2025-12686) is described as a ‘buffer copy without checking the size of input’ problem, and can be exploited to allow arbitrary code execution. It impacts multiple versions of BeeStation OS, the […]
Microsoft November 2025 Patch Tuesday fixes 1 zero-day, 63 flaws
Today is Microsoft’s November 2025 Patch Tuesday, which includes security updates for 63 flaws, including one actively exploited zero-day vulnerability. This Patch Tuesday also addresses four “Critical” vulnerabilities, two of which are remote code execution vulnerabilities, one is an elevation of privileges, and the fourth is an information disclosure flaw. The number of bugs in […]
CISA orders feds to patch Samsung zero-day used in spyware attacks
CISA ordered U.S. federal agencies today to patch a critical Samsung vulnerability that has been exploited in zero-day attacks to deploy LandFall spyware on devices running WhatsApp. Tracked as CVE-2025-21042, this out-of-bounds write security flaw was discovered in Samsung’s libimagecodec.quram.so library, allowing remote attackers to gain code execution on devices running Android 13 and later. While Samsung patched it in […]
QNAP fixes seven NAS zero-day flaws exploited at Pwn2Own
QNAP has fixed seven zero-day vulnerabilities that security researchers exploited to hack QNAP network-attached storage (NAS) devices during the Pwn2Own Ireland 2025 competition. The flaws impact QNAP’s QTS and QuTS hero operating systems (CVE-2025-62847, CVE-2025-62848, CVE-2025-62849) and the company’s Hyper Data Protector (CVE-2025-59389), Malware Remover (CVE-2025-11837), and HBS 3 Hybrid Backup Sync (CVE-2025-62840, CVE-2025-62842) software. QNAP said […]