Zero-Day

The Russian group RomCom, dubbed Storm-0978, distributes underground ransomware by leveraging the Microsoft Office and Windows HTML RCE zero-day vulnerability identified as CVE-2023-36884. This ransomware encrypts files on victims' Windows computers, similar to typical ransomware,...

Google has released a patch for a critical zero-day vulnerability, CVE-2024-32896, which was actively exploited in the wild. This vulnerability, classified as a high-severity elevation of privilege (EoP) flaw, was discovered in the Android...

Chromium is the foundation for many popular web browsers including Google Chrome and Microsoft Edge, and this is the most lucrative thing that attracts the hackers most. Cybersecurity analysts at Microsoft recently discovered that North...

A botnet is exploiting a new zero-day vulnerability, CVE-2024-7029, in AVTECH CCTV cameras to spread a Mirai variant, which is a command injection vulnerability in the brightness function that allows for remote code execution.  It...

Chinese state-sponsored threat actors have been exploiting a zero-day vulnerability in Versa Director servers, identified as CVE-2024-39717. This vulnerability, discovered by Black Lotus Labs at Lumen Technologies, has been actively targeted since June 2024, affecting...

A critical zero-day vulnerability has been identified in the Arcadyan FMIMG51AX000J model and potentially other devices affiliated with the WiFi Alliance. This flaw allows remote attackers to execute arbitrary code. An independent security researcher...

The Android Security Bulletin for August 2024 details vulnerabilities addressed by the 2024-08-05 security patch level.  The most critical issue is a high-severity vulnerability in the Framework component, which could potentially allow local privilege escalation...

ESET researchers recently discovered a critical zero-day vulnerability in the Telegram messaging app for Android, potentially exposing millions of users to malicious attacks. The exploit, dubbed "EvilVideo," allowed attackers to disguise harmful Android payloads as...

Hackers target legitimate Remote Monitoring and Management (RMM) tools as they provide powerful, trusted access to systems and networks. This can facilitate the widespread and efficient deployment of malware across an organization's infrastructure. Cybersecurity researchers at...

The growing tension and global elections in the past year have presented major challenges to internet security, raising the volume of malicious traffic. Cloudflare cybersecurity researchers presented their Q1 2024 Application Security Report, which illustrated...