Elevation of privilege flaws in Android Runtime (CVE-2025-48543) and Linux kernel (CVE-2025-38352) have been exploited in targeted attacks.
The post Two Exploited Vulnerabilities Patched in Android appeared first on SecurityWeek.
WhatsApp Zero-Day Exploited in Attacks Targeting Apple Users
The vulnerability (CVE-2025-55177) was exploited along an iOS/macOS zero-day in suspected spyware attacks.
The post WhatsApp Zero-Day Exploited in Attacks Targeting Apple Users appeared first on SecurityWeek.
Chinese Silk Typhoon Hackers Exploited Commvault Zero-Day
Silk Typhoon was seen exploiting Citrix NetScaler and Commvault vulnerabilities for initial access to victim systems.
The post Chinese Silk Typhoon Hackers Exploited Commvault Zero-Day appeared first on SecurityWeek.
Apple Patches Zero-Day Exploited in Targeted Attacks
Apple has rolled out iOS and macOS updates that resolve a zero-day vulnerability exploited in highly targeted attacks.
The post Apple Patches Zero-Day Exploited in Targeted Attacks appeared first on SecurityWeek.
Elastic Refutes Claims of Zero-Day in EDR Product
Elastic has found no evidence of a vulnerability leading to RCE after details and PoC of a Defend EDR bypass were published online.
The post Elastic Refutes Claims of Zero-Day in EDR Product appeared first on SecurityWeek.
Hundreds of N-able N-central Instances Affected by Exploited Vulnerabilities
More than 870 N-able N-central instances have not been patched against CVE-2025-8875 and CVE-2025-8876, two exploited vulnerabilities.
The post Hundreds of N-able N-central Instances Affected by Exploited Vulnerabilities appeared first on SecurityWeek.
Russian Hackers Exploited WinRAR Zero-Day in Attacks on Europe, Canada
WinRAR has patched CVE-2025-8088, a zero-day exploited by Russia’s RomCom in attacks on financial, defense, manufacturing and logistics companies.
The post Russian Hackers Exploited WinRAR Zero-Day in Attacks on Europe, Canada appeared first on SecurityWeek.
Trend Micro Patches Apex One Vulnerabilities Exploited in Wild
Trend Micro has rushed to fix two Apex One zero-days that may have been exploited by Chinese threat actors.
The post Trend Micro Patches Apex One Vulnerabilities Exploited in Wild appeared first on SecurityWeek.
SonicWall Hunts for Zero-Day Amid Surge in Firewall Exploitation
Threat actors might be exploiting a zero-day vulnerability in SonicWall firewalls in a fresh wave of ransomware attacks.
The post SonicWall Hunts for Zero-Day Amid Surge in Firewall Exploitation appeared first on SecurityWeek.
Microsoft Says Chinese APTs Exploited ToolShell Zero-Days Weeks Before Patch
Microsoft says the Chinese threat actors Linen Typhoon, Violet Typhoon, and Storm-2603 have been exploiting the ToolShell zero-days.
The post Microsoft Says Chinese APTs Exploited ToolShell Zero-Days Weeks Before Patch appeared first on SecurityWeek.