Analysis of a recent attack targeting VMware ESXi vulnerabilities from March 2025 revealed an exploit developed a year before ...

Oracle has silently fixed an Oracle E-Business Suite vulnerability (CVE-2025-61884) that was actively exploited to breach servers, with a proof-of-concept exploit publicly leaked by the ShinyHunters ...

WhatsApp last week disclosed that it had patched a serious security vulnerability that targeted its messaging apps on Apple iOS and macOS. The company also disclosed that the vulnerability may have ...

During the second day of Pwn2Own Berlin 2025, competitors earned $435,000 after exploiting zero-day bugs in multiple products, including Microsoft SharePoint, VMware ESXi, Oracle VirtualBox, Red Hat ...

Thousands of Ivanti VPN instances have been compromised across the globe in the last five days thanks to two serious, as yet unpatched zero-day vulnerabilities disclosed last week. Ivanti Connect ...

Zero-day exploits are the ghosts in the machine, silent, invisible, and devastating when they finally make themselves known. Last week, Microsoft confirmed one of the most serious intrusions in recent ...

Operation Zero, a company that acquires and sells zero-days exclusively to the Russian government and local Russian companies, announced on Thursday that it’s looking for exploits for the popular ...

“Cyberattacks aren’t just technical events — they have real-world consequences that put human lives at risk. From hospitals to medical devices to critical infrastructure, it is all being targeted ...

Vulnerabilities in enterprise network and security appliances accounted for nearly half of the zero-day flaws exploited by attackers last year, according to Google’s Threat Intelligence Group.

According to the report, Cellebrite, an Israeli-based digital forensics company, exploited the flaw as part of an Android zero-day attack. The exploit targets Android USB drivers, making billions of ...