zero-day exploit

100 million IoT devices affected by zero-day flaw
Man holding cell phone with IoT images surrounding it
Internet of Things (IoT)

100 million IoT devices affected by zero-day flaw

Vulnerability could affect car, fire detection, and patient data sensors
24 Sep 2021
What's behind the explosion in zero-day exploits?
A figure in a hooded jumper against a red and blue background
zero-day exploit

What's behind the explosion in zero-day exploits?

Projections show the industry will detect almost three times as many exploits in 2021 as were found last year
3 Aug 2021
Weekly threat roundup: Windows 11, Cloudflare, Google Chrome
Graphic showing a red unlocked padlock surrounded by blue locked padlocks
vulnerability

Weekly threat roundup: Windows 11, Cloudflare, Google Chrome

Pulling together the most dangerous and pressing flaws that businesses need to patch
22 Jul 2021
Security researchers uncover more Print Spooler vulnerabilities
The Windows (start menu) key on a keyboard
vulnerability

Security researchers uncover more Print Spooler vulnerabilities

Microsoft advises customers to disable the component entirely to prevent attacks following the PrintNightmare debacle
19 Jul 2021
Recent Microsoft attacks traced to secretive Israeli spyware firm
Darkened image of a hacker wearing a hoodie using computing equipment
hacking

Recent Microsoft attacks traced to secretive Israeli spyware firm

Candiru, which trades exclusively with governments, distributed zero-day exploits for vulnerabilities patched this week
16 Jul 2021
Weekly threat roundup: Microsoft Teams, iOS, Samsung Galaxy
Graphic showing a red unlocked padlock surrounded by blue locked padlocks
vulnerability

Weekly threat roundup: Microsoft Teams, iOS, Samsung Galaxy

Pulling together the most dangerous and pressing flaws that businesses need to patch
17 Jun 2021
Apple patches iOS 12 after hackers exploit WebKit Engine flaws
A blue model of the iPhone 12
zero-day exploit

Apple patches iOS 12 after hackers exploit WebKit Engine flaws

The emergency patch addresses two bugs abused to launch remote code execution attacks
15 Jun 2021
Weekly threat roundup: Windows, Chrome, VMware
Graphic showing a red unlocked padlock surrounded by blue locked padlocks
zero-day exploit

Weekly threat roundup: Windows, Chrome, VMware

Pulling together the most dangerous and pressing flaws that businesses need to patch
10 Jun 2021
Windows devices targeted by PuzzleMaker malware exploiting Chrome zero-day flaw
Skull depicted in code
zero-day exploit

Windows devices targeted by PuzzleMaker malware exploiting Chrome zero-day flaw

Chain of vulnerabilities used to attack multiple companies worldwide
9 Jun 2021
Apple patches exploited iOS and macOS WebKit flaws
An anonymous mobile phone user using their device in a darkened room
zero-day exploit

Apple patches exploited iOS and macOS WebKit flaws

iPhone, iPad, Apple Watch users may have been subject to arbitrary code execution
4 May 2021
Project Zero trials 30-day ‘patching window’
A padlock in chains on a keyboard in front of a red display
vulnerability

Project Zero trials 30-day ‘patching window’

The policy change aims to encourage businesses to apply patches while reducing the risk of opportunistic attacks
16 Apr 2021
Weekly threat roundup: Android, Windows, Purple Fox
Graphic showing a red unlocked padlock surrounded by blue locked padlocks
vulnerability

Weekly threat roundup: Android, Windows, Purple Fox

Pulling together the most dangerous and pressing flaws that businesses need to patch
25 Mar 2021
Microsoft releases one-click patch for Exchange vulnerability
Microsoft sign on a building
cyber attacks

Microsoft releases one-click patch for Exchange vulnerability

The quick fix is aimed at small organisations that do not have dedicated IT teams
16 Mar 2021
Microsoft warns of ransomware attacks as Exchange hack escalates
Large Microsoft sign on a show floor at Ignite 2019
ransomware

Microsoft warns of ransomware attacks as Exchange hack escalates

Defender researchers are attempting to block a ransomware strain known as DearCry
12 Mar 2021
Microsoft Exchange servers targeted by 'at least ten hacker groups'
A hacker in a darkened room with digital maps and computer equipment
cyber attacks

Microsoft Exchange servers targeted by 'at least ten hacker groups'

ESET research found that hackers managed to install backdoors on more than 5,000 servers in over 115 countries
11 Mar 2021
Microsoft patches actively exploited Internet Explorer flaw
The Internet Explorer icon as seen on a smartphone in behind a screen with lines of code
vulnerability

Microsoft patches actively exploited Internet Explorer flaw

The latest Patch Tuesday sees the Windows developer patch a fifth actively exploited bug disclosed within a week
10 Mar 2021
Microsoft was warned about Exchange Server flaws two months ago
Email symbols with padlock against dark background
cyber attacks

Microsoft was warned about Exchange Server flaws two months ago

The European Banking Authority is the latest major public body to be compromised by the mass hack
9 Mar 2021
CISA orders agencies to fix Microsoft vulnerabilities abused by Chinese hackers
A laptop on a table with the Microsoft Exchange logo displayed
Security

CISA orders agencies to fix Microsoft vulnerabilities abused by Chinese hackers

Agencies must patch or disconnect the vulnerable software
4 Mar 2021
Weekly threat roundup: Microsoft Exchange, Chrome, Spectre
Graphic showing a red unlocked padlock surrounded by blue locked padlocks
vulnerability

Weekly threat roundup: Microsoft Exchange, Chrome, Spectre

Pulling together the most dangerous and pressing flaws that businesses need to patch
4 Mar 2021
Microsoft Exchange targeted by China-linked hackers
A laptop on a table with the Microsoft Exchange logo displayed
zero-day exploit

Microsoft Exchange targeted by China-linked hackers

IT admins have been urged to urgently patch on-premise Exchange Server systems
3 Mar 2021
Weekly threat roundup: Zero-days in Windows, Adobe, Google Chrome
Graphic showing a red unlocked padlock surrounded by blue locked padlocks
vulnerability

Weekly threat roundup: Zero-days in Windows, Adobe, Google Chrome

Pulling together the most dangerous and pressing flaws that businesses need to patch
11 Feb 2021
Google fixes actively exploited Chrome zero-day
Chrome logo in browser displayed on desktop screen
web browser

Google fixes actively exploited Chrome zero-day

The flaw may be related to a recent hacking campaign against the cyber security community
5 Feb 2021
Hackers attempt to exploit SonicWall zero-day vulnerability
SonicWall sign and logo at computer and network security company headquarters in Milpitas, California
zero-day exploit

Hackers attempt to exploit SonicWall zero-day vulnerability

The flaw is believed to be the same vulnerability used in a security incident confirmed by the company late last month
1 Feb 2021