Tag: exploit
-
Google says 90 zero-days exploited in 2025 as commercial vendor activity grows
Google Threat Intelligence Group said it tracked 90 zero-day vulnerabilities that were exploited by a variety of actors last year, surpassing the 78 that were used by threat actors in 2024. First seen on therecord.media Jump to article: therecord.media/google-says-90-zero-days-exploited-apt-spyware-vendors
-
Coruna iOS Exploit Kit Compromises Thousands of iPhones
Researchers uncovered Coruna, a sophisticated iOS exploit kit used to compromise thousands of iPhones and steal cryptocurrency data. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/coruna-ios-exploit-kit-compromises-thousands-of-iphones/
-
Spyware suppliers exploit more zero-days than nation states
Exploitation of zero-days by commercial surveillance and spyware developers outpaced exploitation by nation-state actors last year, according to a report First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366639774/Spyware-suppliers-exploit-more-zero-days-than-nation-states
-
Spyware suppliers exploit more zero-days than nation states
Exploitation of zero-days by commercial surveillance and spyware developers outpaced exploitation by nation-state actors last year, according to a report First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366639774/Spyware-suppliers-exploit-more-zero-days-than-nation-states
-
Google says 90 zero-days were exploited in attacks last year
Google Threat Intelligence Group (GTIG) tracked 90 zero-day vulnerabilities actively exploited throughout 2025, almost half of them in enterprise software and appliances. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/google-says-90-zero-days-were-exploited-in-attacks-last-year/
-
Cisco warns of SD-WAN Manager exploitation, fixes 48 firewall vulnerabilities
Cisco has confirmed that two Catalyst SD-WAN Manager vulnerabilities (CVE-2026-20128 and CVE-2026-20122) patched in late February 2025 are being exploited by attackers. The … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/03/05/cisco-cve-2026-20128-cve-2026-20122-exploited/
-
Police dismantles online gambling ring exploiting Ukrainian women
Spanish and Ukrainian law enforcement authorities dismantled a criminal ring that exploited war-displaced Ukrainian women to run an online gambling scheme that laundered nearly Euro4.75 million in illicit proceeds. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/police-dismantles-online-gambling-ring-exploiting-ukrainian-women/
-
Threat Actors Exploit Fake Claude Code Downloads to Deploy Infostealer Malware
Threat actors are abusing interest in Anthropic’s Claude Code tools by setting up fake download pages that ultimately drop a lightweight infostealer via mshta.exe. The campaign shows how a single living”‘off”‘the”‘land binary (LOLBIN) can power an effective data”‘theft chain without any complex malware framework. Attackers register or compromise domains that appear to be legitimate Claude Code…
-
PoC Exploit for Cisco SD-WAN 0-Day Vulnerability Now Released, Actively Exploited in the Wild
A critical zero-day vulnerability in Cisco Catalyst SD-WAN infrastructure, tracked as CVE-2026-20127, is currently under active exploitation by highly sophisticated threat actors. The situation has grown considerably more severe following the public release of a working Proof-of-Concept (PoC) exploit, which significantly lowers the barrier to entry for cybercriminals. Critical infrastructure sectors must act immediately to…
-
Operational Technology (OT) penetration testing: Defining, Process and Tools
Operational penetration testing is a process of simulating real-world attacks on OT systems to identify vulnerabilities before cybercriminals can exploit them, either physically or remotely. OT penetration testing is a proactive approach to identifying vulnerabilities in OT systems before adversaries exploit them. OT penetration testing is performed by penetration testers, ethical hackers, and industrial cybersecurity……
-
DPRK Hackers Target Crypto Firms, Steal Keys and Cloud Assets in Coordinated Attacks
Suspected DPRK-linked threat actors have been observed compromising cryptocurrency firms through a coordinated campaign that blends web-app exploitation, cloud abuse, and secrets theft to position for large”‘scale digital asset theft. The intrusions show a full kill chain from initial access via the React2Shell vulnerability (CVE”‘2025″‘55182) to deep AWS and Kubernetes reconnaissance and exfiltration of proprietary…
-
Coruna Exploit Kit Targets Older iPhones in Multi-Stage Campaigns
Exploit kit Coruna targets iPhones running iOS 13.0 to 17.2.1, focusing on financial data theft First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/coruna-exploit-older-iphones/
-
Cisco flags more SD-WAN flaws as actively exploited in attacks
Cisco has flagged two more Catalyst SD-WAN Manager security flaws as actively exploited in the wild, urging administrators to upgrade vulnerable devices. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/cisco-flags-more-sd-wan-flaws-as-actively-exploited-in-attacks/
-
Google Rolls Out Emergency Chrome Update to Patch 10 Critical Security Vulnerabilities
Google released an urgent security update for its Chrome browser to address 10 vulnerabilities. Deployed on March 3, 2026, this stable channel update fixes three critical flaws and seven high-severity issues. The emergency patch protects users from potential exploits that could allow attackers to execute arbitrary code or compromise affected systems. The Chrome update is…
-
Google Rolls Out Emergency Chrome Update to Patch 10 Critical Security Vulnerabilities
Google released an urgent security update for its Chrome browser to address 10 vulnerabilities. Deployed on March 3, 2026, this stable channel update fixes three critical flaws and seven high-severity issues. The emergency patch protects users from potential exploits that could allow attackers to execute arbitrary code or compromise affected systems. The Chrome update is…
-
Reclaim Security Raises $26M to Eliminate the 27-Day Remediation Gap
New York, USA, March 4th, 2026, CyberNewswire The industry must pivot to Preemptive Defense: As agentic tools like Claude Code enable attackers to scan and exploit vulnerabilities at machine speed, a >>prioritized list<< is no longer a defense; it's a liability. Reclaim Security, a preemptive exposure-remediation platform, today announced $26 million in total funding, including…
-
RedAlert Mobile Espionage Campaign Exploits Trojanized Rocket Alert App to Spy on Civilians
A newly discovered mobile espionage operation dubbed “RedAlert” has surfaced amid the ongoing IsraelIran conflict, exploiting wartime fear and dependency on early-warning systems. The campaign targets civilians by distributing a trojanized version of the Israeli Home Front Command’s official Rocket Alert application, aiming to harvest sensitive personal and geolocation data under the guise of legitimate security notifications. Researchers…
-
State-affiliated hackers set up for critical OT attacks that operators may not detect
Tags: access, antivirus, attack, conference, control, credentials, cyberattack, cybersecurity, data, data-breach, defense, detection, exploit, firmware, fortinet, group, hacker, incident response, infrastructure, Internet, Intruder, lessons-learned, malware, mfa, monitoring, network, password, penetration-testing, phishing, regulation, russia, service, spear-phishing, supply-chain, threat, tool, ukraine, update, vulnerabilityRussia’s OT attack teams expand beyond Ukraine: The Russia-linked pair Kamacite and Electrum, which Dragos has tracked since the mid-2010s and is responsible for the 2015 and 2016 cyberattacks that took down parts of Ukraine’s power grid, expanded operations into NATO territory in 2025 after years focused almost exclusively on Ukrainian targets.Kamacite, which serves as…
-
State-affiliated hackers set up for critical OT attacks that operators may not detect
Tags: access, antivirus, attack, conference, control, credentials, cyberattack, cybersecurity, data, data-breach, defense, detection, exploit, firmware, fortinet, group, hacker, incident response, infrastructure, Internet, Intruder, lessons-learned, malware, mfa, monitoring, network, password, penetration-testing, phishing, regulation, russia, service, spear-phishing, supply-chain, threat, tool, ukraine, update, vulnerabilityRussia’s OT attack teams expand beyond Ukraine: The Russia-linked pair Kamacite and Electrum, which Dragos has tracked since the mid-2010s and is responsible for the 2015 and 2016 cyberattacks that took down parts of Ukraine’s power grid, expanded operations into NATO territory in 2025 after years focused almost exclusively on Ukrainian targets.Kamacite, which serves as…
-
14 old software bugs that took way too long to squash
Tags: access, api, attack, authentication, automation, bug-bounty, communications, computer, control, credentials, cve, cvss, cyber, data, data-breach, dns, dos, encryption, exploit, flaw, hacker, Hardware, infosec, infrastructure, Internet, kaspersky, linux, malicious, malware, microsoft, mitigation, network, nist, open-source, password, programming, remote-code-execution, risk, service, software, stuxnet, supply-chain, technology, theft, threat, tool, update, usa, vulnerability, windows, zero-dayAge: 30 yearsDate introduced: 1995Date fixed: February 2026Researchers unearthed a legacy flaw in the widely used libpng open-source library that had existed since the technology was first released more than 30 years ago.The heap buffer overflow vulnerability (CVE-2026-25646) meant that applications using the flawed software would crash when presented with a maliciously constructed PNG raster…
-
14 old software bugs that took way too long to squash
Tags: access, api, attack, authentication, automation, bug-bounty, communications, computer, control, credentials, cve, cvss, cyber, data, data-breach, dns, dos, encryption, exploit, flaw, hacker, Hardware, infosec, infrastructure, Internet, kaspersky, linux, malicious, malware, microsoft, mitigation, network, nist, open-source, password, programming, remote-code-execution, risk, service, software, stuxnet, supply-chain, technology, theft, threat, tool, update, usa, vulnerability, windows, zero-dayAge: 30 yearsDate introduced: 1995Date fixed: February 2026Researchers unearthed a legacy flaw in the widely used libpng open-source library that had existed since the technology was first released more than 30 years ago.The heap buffer overflow vulnerability (CVE-2026-25646) meant that applications using the flawed software would crash when presented with a maliciously constructed PNG raster…
-
Google uncovers Coruna iOS Exploit Kit targeting iOS 1317.2.1
Google warns of the Coruna iOS exploit kit, using 23 exploits across five chains to target iPhones running iOS 1317.2.1, but not the latest iOS. Google’s Threat Intelligence Group has identified a powerful new iOS exploit kit called Coruna (also known as CryptoWaters) that targets Apple iPhones running iOS versions 13.0 through 17.2.1. The kit…
-
Cisco Catalyst SD-WAN Flaws Expose Devices to Root Access, Threatening Network Security
Cisco has issued critical software updates to address multiple vulnerabilities in the Catalyst SD-WAN Manager (formerly SD-WAN vManage) that could allow attackers to bypass authentication, elevate privileges to root, and execute arbitrary commands. The advisory (cisco-sa-sdwan-authbp-qwCX8D4v), originally published on February 25, 2026, was urgently updated on March 5, 2026, after Cisco confirmed active in-the-wild exploitation…
-
Cisco Catalyst SD-WAN Flaws Expose Devices to Root Access, Threatening Network Security
Cisco has issued critical software updates to address multiple vulnerabilities in the Catalyst SD-WAN Manager (formerly SD-WAN vManage) that could allow attackers to bypass authentication, elevate privileges to root, and execute arbitrary commands. The advisory (cisco-sa-sdwan-authbp-qwCX8D4v), originally published on February 25, 2026, was urgently updated on March 5, 2026, after Cisco confirmed active in-the-wild exploitation…
-
What to Expect from Iran’s Digital Counterstrike
Tags: attack, breach, cloud, communications, cyber, cyberattack, cybersecurity, data, defense, espionage, exploit, extortion, finance, government, group, hacking, infrastructure, intelligence, international, iran, leak, middle-east, military, network, ransomware, risk, risk-assessment, service, tool, update, vulnerability, wormAfter the United States and Israel began a bombing campaign on Iran, leading to the decapitation of its political and military leaders, the Middle East has erupted into waves of kinetic warfare. But what should we expect about cyber? Iran has a formidable offensive cybersecurity capability and is considered one of the four most aggressive…
-
Intelligence Compromised: Data Abyss Report Details China’s Exploitation of U.S. IARPA Research
The post Intelligence Compromised: Data Abyss Report Details China’s Exploitation of U.S. IARPA Research appeared first on Daily CyberSecurity. First seen on securityonline.info Jump to article: securityonline.info/intelligence-compromised-data-abyss-report-details-chinas-exploitation-of-u-s-iarpa-research/
-
How a Single Overprivileged Service Turned the LexisNexis Breach Into a Keysthe-Kingdom Moment
3 min readLegal AI solutions provider LexisNexis has confirmed a massive breach of its AWS environment According to reports, initial access was gained by exploiting the “React2Shell” vulnerability in an unpatched React frontend application a flaw the company had reportedly left unaddressed for months. Among the details reportedly posted by the attacker is the claim…
-
VMware Aria Operations Bug Exploited, Cloud Resources at Risk
Exploitation of the command injection flaw in VMware Aria Operations could grant an attacker broad acess to victims’ cloud environments. First seen on darkreading.com Jump to article: www.darkreading.com/cloud-security/vmware-aria-operations-bug-exploited-cloud-risk