Two vulnerabilities patched this month by Microsoft were disclosed publicly before fixes were released.
The post Microsoft Patches Exploited Windows Zero-Day, 111 Other Vulnerabilities appeared first on SecurityWeek.
Exploit for VMware Zero-Day Flaws Likely Built a Year Before Public Disclosure
Fresh attacks targeted three VMware ESXi vulnerabilities that were disclosed in March 2025 as zero-days.
The post Exploit for VMware Zero-Day Flaws Likely Built a Year Before Public Disclosure appeared first on SecurityWeek.
Hackers Exploit Zero-Day in Discontinued D-Link Devices
The critical-severity vulnerability allows unauthenticated, remote attackers to execute arbitrary shell commands.
The post Hackers Exploit Zero-Day in Discontinued D-Link Devices appeared first on SecurityWeek.
WatchGuard Patches Firebox Zero-Day Exploited in the Wild
The critical-severity bug in the Fireware OS’s iked process leads to unauthenticated remote code execution.
The post WatchGuard Patches Firebox Zero-Day Exploited in the Wild appeared first on SecurityWeek.
SonicWall Patches Exploited SMA 1000 Zero-Day
The medium-severity flaw has been exploited in combination with a critical bug for remote code execution.
The post SonicWall Patches Exploited SMA 1000 Zero-Day appeared first on SecurityWeek.
China-Linked Hackers Exploiting Zero-Day in Cisco Security Gear
The critical zero-day is tracked as CVE-2025-20393 and it impacts Secure Email Gateway and Secure Email and Web Manager appliances.
The post China-Linked Hackers Exploiting Zero-Day in Cisco Security Gear appeared first on SecurityWeek.
Apple Patches Two Zero-Days Tied to Mysterious Exploited Chrome Flaw
Apple has released macOS and iOS updates to patch two WebKit zero-days exploited in an “extremely sophisticated” attack.
The post Apple Patches Two Zero-Days Tied to Mysterious Exploited Chrome Flaw appeared first on SecurityWeek.
Unpatched Gogs Zero-Day Exploited for Months
The exploited flaw allows attackers to overwrite files outside the repository, leading to remote code execution.
The post Unpatched Gogs Zero-Day Exploited for Months appeared first on SecurityWeek.
Google Patches Mysterious Chrome Zero-Day Exploited in the Wild
The Chrome zero-day does not have a CVE and it’s unclear who reported it and which browser component it affects.
The post Google Patches Mysterious Chrome Zero-Day Exploited in the Wild appeared first on SecurityWeek.
Microsoft Patches 57 Vulnerabilities, Three Zero-Days
Microsoft has addressed a Windows vulnerability exploited as zero-day that allows attackers to obtain System privileges.
The post Microsoft Patches 57 Vulnerabilities, Three Zero-Days appeared first on SecurityWeek.
