ARTIKEL SUCHE
Threat Feed QueryDurchsuche alle aggregierten Security-Artikel nach Schlagworten, CVE-IDs und Quellen.
CISA Warns of Apple iOS, iPadOS, and macOS 0-day Vulnerability Exploited in Attacks
CISA has issued an urgent warning regarding a critical zero-day vulnerability affecting Apple’s iOS, iPadOS, and macOS operating systems that threat actors are actively exploiting. The vulnerability, tracked as CVE-2025
After SharePoint attacks, Microsoft stops sharing PoC exploit code with China
Microsoft halts PoC exploit sharing with Chinese firms after SharePoint zero-day leaks, giving only written bug details to curb future abuse. Microsoft has reportedly stopped giving Chinese firms proof-of-concept exploit
Apple addressed the seventh actively exploited zero-day
Apple addressed a vulnerability impacting iOS, iPadOS, and macOS that it is under active exploitation in the wild. Apple addressed an actively exploited zero-day, tracked as CVE-2025-43300, in iOS, iPadOS, and macOS. The
Apple iOS update fixes new iPhone zero-day flaw
<p>Apple has pushed <a href="https://support.apple.com/en-us/124925" target="_blank" rel="noopener">another update to its mobile operating systems</a>, iOS and iPadOS, to address a newly-discovered zero-day that is alrea
All Apple users should update after company patches zero-day vulnerability in all platforms
Apple has released security updates to patch a zero-day vulnerability tracked as CVE-2025-43300 for all platforms
Apple Patches CVE-2025-43300 Zero-Day in iOS, iPadOS, and macOS Exploited in Targeted Attacks
Apple has released security updates to address a security flaw impacting iOS, iPadOS, and macOS that it said has come under active exploitation in the wild. The zero-day out-of-bounds write vulnerability, tracked as CVE-
Critical Apple 0-Day Vulnerability Actively Exploited in the Wild – Update Now
Apple yesterday released emergency security updates for iOS and iPadOS to patch a critical zero-day vulnerability in its core Image I/O framework. The flaw, tracked as CVE-2025-43300, is confirmed to be under active expl
Apple fixes new zero-day flaw exploited in targeted attacks
Apple has released emergency updates to patch another zero-day vulnerability that was exploited in an "extremely sophisticated attack." [...]
Threat Actors Allegedly Listed Windows Zero-Day RCE Exploit For Sale on Dark Web
An alleged threat actor has listed a Windows Zero-Day Remote Code Execution (RCE) exploit for sale, claiming it targets fully updated Windows 10, Windows 11, and Windows Server 2022 systems. The posting reported by Thre
0-Day Clickjacking Vulnerabilities Found in Major Password Managers like 1Password, LastPass and Others
A cybersecurity researcher has disclosed zero-day clickjacking vulnerabilities affecting eleven major password managers, potentially exposing tens of millions of users to credential theft through a single malicious click
Zero-Day Exploit in WinRAR File
A zero-day vulnerability in WinRAR is being exploited by at least two Russian criminal groups: The vulnerability seemed to have super Windows powers. It abused alternate data streams, a Windows feature that allows differ
Elastic rejects claims of a zero-day RCE flaw in Defend EDR
Enterprise search and security company Elastic is rejecting reports of a zero-day vulnerability impacting its Defend endpoint detection and response (EDR) product. [...]
PipeMagic Malware Mimic as ChatGPT App Exploits Windows Vulnerability to Deploy Ransomware
A sophisticated malware campaign has been identified, utilizing PipeMagic, a highly modular backdoor deployed by the financially motivated threat actor Storm-2460. This advanced malware masquerades as a legitimate open-
Technical Details of SAP 0-Day Exploitation Script Used to Achieve RCE Disclosed
A sophisticated zero-day exploitation script targeting SAP systems has emerged in the cybersecurity landscape, demonstrating advanced remote code execution capabilities that pose significant risks to enterprise environme
1000+ Exposed N-able N-central RMM Servers Unpatched for 0-Day Vulnerabilities
Over 1,000 exposed and unpatched N-able N-central Remote Monitoring and Management (RMM) servers are vulnerable to two newly disclosed zero-day vulnerabilities – CVE-2025-8875 and CVE-2025-8876. As of August 15, 2025, e
New Elastic EDR 0-Day Vulnerability Allows Attackers to Bypass Detection, Execute Malware, and Cause BSOD
A newly discovered zero-day vulnerability in Elastic’s Endpoint Detection and Response (EDR) solution allows attackers to bypass security measures, execute malicious code, and trigger a BSOD system crash, according to th
CVE-2025-8088 – WinRAR 0-Day Path Traversal Vulnerability Exploited to Execute Malware
A zero-day vulnerability in WinRAR allows malware to be deployed on unsuspecting users’ systems, highlighting the ongoing threats to popular software. Tracked as CVE-2025-8088, this path traversal flaw affects the Window
CISA warns of N-able N-central flaws exploited in zero-day attacks
CISA warned on Wednesday that attackers are actively exploiting two security vulnerabilities in N‑able's N-central remote monitoring and management (RMM) platform. [...]
CISA Added WinRaR Zero-Day (CVE-2025-8088) Vulnerability That is Actively Exploited In the Wild
The U.S. Cybersecurity and Infrastructure Security Agency has added this vulnerability to its Known Exploited Vulnerabilities catalog, with a due date of September 2, 2025, for federal agencies to apply mitigations. WinR
Spike in Fortinet VPN brute-force attacks raises zero-day concerns
A massive spike in brute-force attacks targeted Fortinet SSL VPNs earlier this month, followed by a switch to FortiManager, marked a deliberate shift in targeting that has historically preceded new vulnerability disclosu