0-day

Upgrading is the best thing users can do to protect their systems. Two of the largest companies developing GPUs and other semiconductor components, Arm and Nvidia, urged their customers to install security patches as soon as possible to fix a series of dangerous vulnerabilities in GPU drivers...

Two exploits discovered in the public domain, which involve a previously unknown vulnerability in the n_gsm driver, which is part of the Linux kernel. The vulnerability allows an unprivileged local user to execute code at the kernel level and raise their privileges in the system. No CVE ID...

A bug in VMware vCenter Server (CVE-2023-34048) is being actively exploited in the wild and not by mother hackers, but by the Chinese UNC3886, which has been exploiting the vulnerability since the end of 2021, while it was discovered and fixed only in October 2023. Mandiant researchers showed...

The patch is still missing. Malicious requests and arbitrary commands will continue to haunt corporate users for a long time to come. Ivanti revealed the presence of two zero-day vulnerabilities in its Connect Secure and Policy Secure products, which were successfully exploited by attackers...

Please update as soon as possible before your data gets into the hands of hackers. Yesterday, Google released a security update for its Chrome web browser to address a high-level zero-day vulnerability that is reportedly already being exploited by attackers. The vulnerability, designated...

Finally, you can secure your site only by installing the update immediately. WordPress, the most popular content management system used on more than 800 million websites, has released an update to version 6.4.2. This update addresses a zero-day vulnerability that allows arbitrary PHP code to be...

The problem was discovered back in October. What did you learn during this time? Qualcomm, a world-renowned chip manufacturer, has released additional information about three highly critical vulnerabilities in its products. The bugs, which became known back in October 2023, affect the Adreno...

All the potential victim needs to do is open the email, and the criminals will find the right path. Cybercriminals under the pseudonym Winter Vivern were seen exploiting a zero-day vulnerability in the Roundcube Webmail exchange software. The attacks were first recorded on October 11 of this...

Predator spyware and new details of the recent incident. Security researchers from Citizen Lab and Google TAG reported that three vulnerabilities that were recently fixed by Apple were actively used to install Cytrox's Predator spyware. The attackers targeted former Egyptian MP Ahmed...