1573 search results for "zero, trust"

Cybersecurity firm Arctic Wolf has identified a significant increase in ransomware attacks targeting SonicWall firewall devices in late July 2025, with evidence pointing to the exploitation of a previously unknown zero-day vulnerability. The company’s investigation revealed multiple coordinated attacks using…

Read more →

Cybersecurity researchers have a massive incentive to target WhatsApp this fall, as the Zero Day Initiative (ZDI) announced a record-breaking $1 million bounty for a zero-click remote code execution exploit against the popular messaging platform at Pwn2Own Ireland 2025. The…

Read more →

A significant cybersecurity crisis has emerged with the discovery of over 17,000 Microsoft SharePoint servers exposed to internet-based attacks, including 840 systems vulnerable to a critical zero-day vulnerability that Chinese threat actors are actively exploiting. The vulnerability, designated CVE-2025-53770 and…

Read more →

Cybersecurity researchers successfully exploited critical zero-day vulnerabilities in two discontinued network security devices during DistrictCon’s inaugural Junkyard competition in February, earning runner-up recognition for Most Innovative Exploitation Technique. The findings highlight the persistent security risks posed by end-of-life hardware that…

Read more →

Security researchers have disclosed a critical zero-day vulnerability in CrushFTP, a popular file transfer server solution, that allows attackers to execute arbitrary commands on affected systems without authentication. The vulnerability, tracked as CVE-2025-54309, has been assigned a maximum CVSS score of…

Read more →

Apple has released a comprehensive set of security updates across its entire product ecosystem on July 29, 2025, addressing multiple vulnerabilities including a critical Safari flaw that was reportedly exploited in Chrome zero-day attacks. The updates span iOS, iPadOS, macOS,…

Read more →

A sophisticated zero-day exploit campaign targeting unpatched vulnerabilities in Microsoft SharePoint Server has compromised approximately 400 organizations worldwide, with potential for a far higher victim count due to underreporting and delayed detections. The attacks, first identified last week by Dutch…

Read more →

Security researchers have published a detailed proof-of-concept exploit for a critical vulnerability in Cisco Identity Services Engine (ISE) that allows attackers to achieve remote code execution without authentication. The flaw, tracked as CVE-2025-20281, affects the widely-deployed network access control platform…

Read more →

The advanced persistent threat group UNC3886 has escalated its sophisticated cyber espionage campaign by exploiting multiple zero-day vulnerabilities across critical infrastructure platforms, including VMware vCenter, ESXi hypervisors, and Fortinet FortiOS systems. This revelation comes as Singapore’s Coordinating Minister for National…

Read more →

Singapore’s critical infrastructure sectors, including energy, water, telecommunications, finance, and government services, are facing an active cyberattack from UNC3886, a sophisticated China-linked advanced persistent threat (APT) group renowned for leveraging zero-day exploits and custom malware. First identified by Mandiant in…

Read more →

FortiGuard Labs has identified a critical new exploit chain dubbed “ToolShell” that is actively being used by multiple threat actors to target on-premises Microsoft SharePoint servers. This sophisticated attack combines two previously patched vulnerabilities with two fresh zero-day variants to…

Read more →