Tag

Zero Day Vulnerabilities

All articles tagged with #zero day vulnerabilities

artificial-intelligence27 days ago•15 min saved

Claude Opus 4.6 Unleashes Enhanced Coding, Zero-Day Detection, and Market Buzz

Anthropic released Claude Opus 4.6, boosting coding capability, task planning, and reliability for large codebases, and it reportedly identified more than 500 undisclosed zero-day vulnerabilities in open-source libraries without prompting. The update also emphasizes tools for creating presentations and navigating Excel under Claude Code and could aid financial analysis. Wall Street reacted with volatility, but analysts note Anthropic still leads in enterprise AI amid OpenAI’s Frontier launch, underscoring how AI developments are reshaping the economy.

via Gizmodo|

#ai-coding #anthropic #artificial-intelligence

technology4 months ago•5 min saved

October 2025 Patch Tuesday: Record-Setting Updates and Security Challenges

Microsoft released updates fixing 172 security flaws in Windows, including active zero-day exploits, and announced the end of support for Windows 10, offering options like extended security updates or switching to Linux for continued use. Notable vulnerabilities include a long-standing modem driver issue and a critical flaw in Windows Server Update Service, with Windows 10 support ending and other Microsoft products being sunsetted.

via Krebs on Security|

#linux-mint #microsoft-office #security-updates

security5 months ago•7 min saved

US Government Urgently Patches Cisco Vulnerabilities Amid Widespread Cyberattacks

A sophisticated state-sponsored threat actor is actively exploiting multiple zero-day vulnerabilities in Cisco ASA and FTD software, primarily targeting government networks worldwide for data exfiltration. Cisco has issued advisories and software updates to address these critical vulnerabilities, which allow remote code execution and data theft. The vulnerabilities are being exploited with advanced evasion techniques, posing significant risks to organizations, especially those with internet-facing edge devices. Authorities like CISA and NCSC have issued mitigation directives and analyzed malware used in these attacks.

via Palo Alto Networks|

#active-exploitation #cisco-asa #cybersecurity

technology5 months ago•2 min saved

Apple Enhances iPhone Security with Advanced Memory Protections and A19 Chips

Apple's iPhone 17 introduces Memory Integrity Enforcement (MIE), a hardware-level security feature that enhances protection for crypto users by detecting and blocking dangerous memory access patterns, thereby reducing the risk of memory-corruption exploits, though it does not eliminate all security threats like phishing or malicious apps.

via Cointelegraph|

#apple #crypto-security #iphone-17

technology7 months ago•2 min saved

Microsoft Releases Emergency Patches Amid Global SharePoint Exploits

Microsoft has issued emergency security updates for SharePoint to fix two zero-day vulnerabilities, CVE-2025-53770 and CVE-2025-53771, exploited in worldwide ToolShell attacks affecting over 54 organizations. Admins are advised to install the patches immediately, rotate machine keys, and investigate potential breaches using provided tools and logs.

via BleepingComputer|

#microsoft #security-patches #sharepoint

technology9 months ago•2 min saved

Qualcomm Addresses Critical Zero-Day Flaws Amid Urgent Android Update Calls

Qualcomm released security patches for dozens of chips to fix three zero-day vulnerabilities, which may be exploited in targeted hacking campaigns; device manufacturers are urged to deploy updates promptly, though some devices may remain vulnerable for weeks.

via TechCrunch|

#android #cybersecurity #patches

technology1 year ago•2 min saved

Russian Hackers Exploit Firefox and Windows Zero-Days in New Cyber Attack

A Russian state-sponsored group, RomCom, has exploited two zero-day vulnerabilities in Mozilla Firefox and Windows to execute a zero-click cyber attack, installing a backdoor on targeted computers. The vulnerabilities, rated 9.8 and 8.8 in severity, were quickly patched by Mozilla and Microsoft. The attack primarily affected users in Europe and North America, highlighting the importance of keeping software updated to prevent such exploits.

via Forbes|

#cybersecurity #mozilla-firefox #romcom-group

cybersecurity1 year ago•2 min saved

Russian Hackers Exploit Zero-Day Flaws in Firefox and Windows

A Russian hacking group, identified as "RomCom," has exploited two zero-day vulnerabilities to target Firefox and Tor browser users on Windows PCs, primarily in Europe and North America. The attacks, which began in October, involve a malicious web page that installs a backdoor on victims' PCs without user interaction. The vulnerabilities, CVE-2024-9680 and CVE-2024-49039, have been patched by Mozilla, Tor, and Microsoft. However, users who haven't updated remain at risk. ESET links these attacks to RomCom's previous exploits.

via PCMag|

#cyber-espionage #cybersecurity #firefox

technology1 year ago•1 min saved

Apple Issues Critical Updates to Patch Zero-Day Exploits

Apple has urged Mac users to update their systems following the discovery of two zero-day vulnerabilities that hackers have exploited. The company released fixes for issues in WebKit and JavaScriptCore, which affect Safari and other web content. These vulnerabilities allowed unauthorized code execution and cross-site scripting attacks. The bugs were reported by Google's Threat Analysis Group, and Apple has also issued updates for iPad and iPhone. The vulnerabilities were actively exploited before patches were available.

via CNET|

#apple #hackers #mac

technology1 year ago•4 min saved

"Urgent: Update Google Chrome Within 72 Hours or Risk Deletion"

Google Chrome users must urgently update their browsers within the next 72 hours to address critical zero-day vulnerabilities, as mandated by the U.S. government's Cybersecurity and Infrastructure Security Agency (CISA). Failure to update could lead to severe security risks, including potential exploitation by attackers. Additionally, Google is transitioning to Manifest V3, affecting many extensions, particularly ad blockers. Users are advised to prioritize security updates despite potential disruptions.

via Forbes|

#cisa #google-chrome #manifest-v3

technology1 year ago•4 min saved

"Urgent: Update or Delete Google Chrome Within 72 Hours"

via Forbes|

#cisa #google-chrome #manifest-v3

technology1 year ago•2 min saved

"Urgent Chrome Update Fixes Critical Security Flaws"

Google Chrome's latest update addresses nine security vulnerabilities, including three zero-day exploits discovered within the past month. These vulnerabilities, which affect over 2 billion users, allow attackers to execute malicious code via HTML pages. Users are urged to update their browsers immediately to protect against these threats.

via Mashable|

#browser-update #cybersecurity #google-chrome

technology1 year ago•2 min saved

"Microsoft's Urgent Windows Security Update Addresses 90 New Vulnerabilities and Actively Exploited Zero-Days"

Microsoft has released its April 2024 patch for Windows, addressing 149 vulnerabilities, including two zero-day flaws with known exploits in the wild. One flaw involves a proxy driver spoofing vulnerability, while the other is a SmartScreen prompt security feature bypass vulnerability. It's crucial to install this update immediately to protect your PC from potential exploitation.

via Lifehacker|

#cybersecurity #microsoft #patch-update

technology1 year ago•2 min saved

"Microsoft's Record-Breaking April 2024 Patch Tuesday Addresses Zero-Day Exploits"

Microsoft has fixed two actively exploited zero-day vulnerabilities, CVE-2024-26234 and CVE-2024-29988, during the April 2024 Patch Tuesday. The first vulnerability involves a proxy driver spoofing issue, while the second is a SmartScreen prompt security feature bypass. These vulnerabilities were being actively exploited in malware attacks, with one being used by the financially motivated Water Hydra hacking group to deploy the DarkMe remote access trojan. Microsoft also released security updates for 150 vulnerabilities, including 67 remote code execution bugs, as part of the Patch Tuesday.

via BleepingComputer|

#cybersecurity #malware-attacks #microsoft

technology1 year ago•1 min saved

"Apple's iOS 17.4.1 Update: Security Fixes and Latest Features Explained"

Apple released the iOS 17.4.1 update, which addresses two zero-day vulnerabilities that could lead to arbitrary code execution on iPhones, potentially allowing third parties to steal data or hack devices. The update is recommended for all users and can be downloaded through the Settings > General > Software Update menu. These vulnerabilities were discovered by Google's Project Zero, and the update aims to provide important bug fixes and security improvements.

via CNET|

#apple #ios-1741 #iphone