zeroday

  • Blog
    digitpatrox1 day ago
    10

    SAP patches second zero-day flaw exploited in recent attacks

    SAP has released patches to address a second vulnerability exploited in recent attacks targeting SAP NetWeaver servers as a zero-day. The company issued security updates for this security flaw (CVE-2025-42999) on Monday, May 12, saying it was discovered while investigating zero-day attacks involving another unauthenticated file upload flaw (tracked as CVE-2025-31324) in SAP NetWeaver Visual Composer that was fixed in…

    Read More »
  • Blog
    digitpatrox2 days ago
    19

    Output Messenger flaw exploited as zero-day in espionage attacks

    A Türkiye-backed cyberespionage group exploited a zero-day vulnerability to attack Output Messenger users linked to the Kurdish military in Iraq. Microsoft Threat Intelligence analysts who spotted these attacks also discovered the security flaw (CVE-2025-27920) in the LAN messaging application, a directory traversal vulnerability that can let authenticated attackers access sensitive files outside the intended directory or deploy malicious payloads on…

    Read More »
  • Blog
    digitpatrox1 week ago
    39

    Play ransomware exploited Windows logging flaw in zero-day attacks

    The Play ransomware gang has exploited a high-severity Windows Common Log File System flaw in zero-day attacks to gain SYSTEM privileges and deploy malware on compromised systems. The vulnerability, tracked as CVE-2025-29824, was tagged by Microsoft as exploited in a limited number of attacks and patched during last month’s Patch Tuesday. “The targets include organizations in the information technology (IT) and…

    Read More »
  • Blog
    digitpatrox3 weeks ago
    42

    SAP fixes suspected Netweaver zero-day exploited in attacks

    SAP has released out-of-band emergency NetWeaver updates to fix a suspected remote code execution (RCE) zero-day flaw actively exploited to hijack servers. The vulnerability, tracked under CVE-2025-31324 and rated critical (CVSS v3 score: 10.0), is an unauthenticated file upload vulnerability in SAP NetWeaver Visual Composer, specifically the Metadata Uploader component. It allows attackers to upload malicious executable files without needing…

    Read More »
  • Blog
    digitpatrox3 weeks ago
    40

    Craft CMS RCE exploit chain used in zero-day attacks to steal data

    Two vulnerabilities impacting Craft CMS were chained together in zero-day attacks to breach servers and steal data, with exploitation ongoing, according to CERT Orange Cyberdefense. The vulnerabilities were discovered by Orange Cyberdefense’s CSIRT, which was called in to investigate a compromised server. As part of the investigation, they discovered that two zero-day vulnerabilities impacting Craft CMS were exploited to breach the…

    Read More »
  • Blog
    digitpatroxApril 10, 2025
    53

    Microsoft Fixes 134 Vulnerabilities, Including 1 Zero-Day

    Microsoft CEO Satya Nadella. Image: Microsoft News Microsoft’s Patch Tuesday security update for April included 134 flaws, one of which is an actively exploited zero-day flaw. The security patches for Windows 10 were unavailable when the Windows 11 patches were released. The Windows 10 patches have since arrived, but the delay was unusual. Tyler Reguly, associate director of security R&D…

    Read More »
  • Blog
    digitpatroxApril 9, 2025
    49

    Windows CLFS zero-day exploited by ransomware gang

    Microsoft says the RansomEXX ransomware gang has been exploiting a high-severity zero-day flaw in the Windows Common Log File System to gain SYSTEM privileges on victims’ systems. The vulnerability, tracked as CVE-2025-29824, was patched during this month’s Patch Tuesday and was only exploited in a limited number of attacks. CVE-2025-29824 is due to a use-after-free weakness that lets local attackers…

    Read More »
  • Blog
    digitpatroxApril 6, 2025
    155

    Ivanti patches Connect Secure zero-day exploited since mid-March

    Ivanti has released security updates to patch a critical Connect Secure remote code execution vulnerability exploited by a China-linked espionage actor to deploy malware since at least mid-March 2025. Tracked as CVE-2025-22457, this critical security flaw is due to a stack-based buffer overflow weakness. It impacts Pulse Connect Secure 9.1x (which reached end-of-support in December), Ivanti Connect Secure 22.7R2.5 and…

    Read More »
  • Blog
    digitpatroxMarch 25, 2025
    65

    EncryptHub linked to MMC zero-day attacks on Windows systems

    A threat actor known as EncryptHub has been linked to Windows zero-day attacks exploiting a Microsoft Management Console vulnerability patched this month. Uncovered by Trend Micro staff researcher Aliakbar Zahravi, this security feature bypass (dubbed ‘MSC EvilTwin’ and now tracked as CVE-2025-26633) resides in how MSC files are handled on vulnerable devices. Attackers can leverage the vulnerability to evade Windows…

    Read More »
  • Blog
    digitpatroxMarch 12, 2025
    60

    Apple fixes WebKit zero-day exploited in ‘extremely sophisticated’ attacks

    Apple has released emergency security updates to patch a zero-day bug the company describes as exploited in “extremely sophisticated” attacks. The vulnerability is tracked as CVE-2025-24201 and was found in the WebKit cross-platform web browser engine used by Apple’s Safari web browser and many other apps and web browsers on macOS, iOS, Linux, and Windows. “This is a supplementary fix…

    Read More »
Load More
Back to top button
close