Zero-day Attack - Geek Feed

FreePBX servers hacked via zero-day, emergency fix released

August 30, 2025August 30, 2025 geekfeed0Tagged Actively Exploited, FreePBX, Sangoma, vulnerability, Zero-Day, Zero-day Attack

The Sangoma FreePBX Security Team is warning about an actively exploited FreePBX zero-day vulnerability that impacts systems with the Administrator Control Panel (ACP) is exposed to the internet. FreePBX is an open-source PBX (Private Branch Exchange) platform built on top of Asterisk, widely used by businesses, call centers, and service providers to manage voice communications, […]

4 mins read

WinRAR zero-day exploited to plant malware on archive extraction

August 12, 2025August 12, 2025 geekfeed0Tagged Actively Exploited, Archive, CVE-2025-8088, phishing, RomCom, WinRAR, Zero-Day, Zero-day Attack

A recently fixed WinRAR vulnerability tracked as CVE-2025-8088 was exploited as a zero-day in phishing attacks to install the RomCom malware. The flaw is a directory traversal vulnerability that was fixed in WinRAR 7.13, which allows specially crafted archives to extract files into a file path selected by the attacker. “When extracting a file, previous versions of WinRAR, […]

2 mins read

Microsoft releases emergency patches for SharePoint RCE flaws exploited in attacks

July 22, 2025July 22, 2025 geekfeed0Tagged 0day, CVE-2025-53770, CVE-2025-53771, microsoft, Microsoft SharePoint, Security Update, ToolShell, Zero-Day, Zero-day Attack

Microsoft has released emergency SharePoint security updates for two zero-day vulnerabilities tracked as CVE-2025-53770 and CVE-2025-53771 that have compromised services worldwide in “ToolShell” attacks. In May, during the Berlin Pwn2Own hacking contest, researchers exploited a zero-day vulnerability chain called “ToolShell,” which enabled them to achieve remote code execution in Microsoft SharePoint. These flaws were fixed as part […]

3 mins read

Fortinet fixes critical zero-day exploited in FortiVoice attacks

May 16, 2025May 16, 2025 geekfeed0Tagged Actively Exploited, CVE-2025-32756, FortiCamera, FortiMail, FortiNDR, Fortinet, FortiRecorder, FortiVoice, rce, Remote Code Execution, vulnerability, Zero-Day, Zero-day Attack

Fortinet released security updates to patch a critical remote code execution vulnerability exploited as a zero-day in attacks targeting FortiVoice enterprise phone systems. The security flaw is a stack-based overflow vulnerability tracked as CVE-2025-32756 that also impacts FortiMail, FortiNDR, FortiRecorder, and FortiCamera. As the company explains in a security advisory issued on Tuesday, successful exploitation can allow […]

1 min read

Ivanti warns of new Connect Secure flaw used in zero-day attacks

January 10, 2025January 10, 2025 geekfeed0Tagged Connect Secure, CVE-2025-0282, CVE-2025-0283, Ivanti, malware, rce, Remote Code Execution, vulnerability, Zero-Day, Zero-day Attack

Ivanti is warning that hackers exploited a Connect Secure remote code execution vulnerability tracked as CVE-2025-0282 in zero-day attacks to install malware on appliances. The company says it became aware of the vulnerabilities after the Ivanti Integrity Checker Tool (ICT) detected malicious activity on customers’ appliances. Ivanti launched an investigation and confirmed that threat actors were actively […]

3 mins read

Oracle warns of Agile PLM file disclosure flaw exploited in attacks

November 20, 2024November 20, 2024 geekfeed0Tagged Actively Exploited, CVE-2024-21287, Oracle, Oracle Agile PLM, vulnerability, zero day, Zero-day Attack

Oracle has fixed an unauthenticated file disclosure flaw in Oracle Agile Product Lifecycle Management (PLM) tracked as CVE-2024-21287, which was actively exploited as a zero-day to download files. Oracle Agile PLM is a software platform that enables businesses to manage product data, processes, and collaboration across global teams. Yesterday, Oracle urged Agile PLM customers to install the […]

1 min read