Last year, Google Project Zero tracked a record 58 exploited-in-the-wild zero-day security holes.
Threatpost
Posts tagged "bugs"
Microsoft Zero-Days, Wormable Bugs Spark Concern
For April Patch Tuesday, the computing giant addressed a zero-day under active attack and several critical security vulnerabilities, including three that allow self-propagating exploits.
Threatpost
Google Chrome Zero-Day Bugs Exploited Weeks Ahead of Patch
Two separate campaigns from different threat actors targeted users with the same exploit kit for more than a month before the company fixed an RCE flaw found in February.
Threatpost
Most Orgs Would Take Security Bugs Over Ethical Hacking Help
A new survey suggests that security is becoming more important for enterprises, but they’re still falling back on old “security by obscurity” ways.
Threatpost
Microsoft Addresses 3 Zero-Days & 3 Critical Bugs for March Patch Tuesday
The computing giant patched 71 security vulnerabilities in an uncharacteristically light scheduled update, including its first Xbox bug.
Threatpost
Critical Firefox Zero-Day Bugs Allow RCE, Sandbox Escape
Both vulnerabilities are use-after-free issues in Mozilla’s popular web browser.
Threatpost
RCE Bugs in Hugely Popular VoIP Apps: Patch Now!
The flaws are in the ubiquitous open-source PJSIP multimedia communication library, used by the Asterisk PBX toolkit that’s found in a massive number of VoIP implementations.
Threatpost
RCE Bugs in WhatsApp, Other Hugely Popular VoIP Apps: Patch Now!
The flaws are in the ubiquitous open-source PJSIP multimedia communication library, used by the Asterisk PBX toolkit that’s found in a massive number of VoIP implementations.
Threatpost
Microsoft Exchange Bugs Exploited by ‘Cuba’ Ransomware Gang
The ransomware gang known as Cuba is increasingly shifting to exploiting Exchange bugs – including crooks’ favorites, ProxyShell and ProxyLogon – as initial infection vectors.
Threatpost
Zenly Social-Media App Bugs Allow Account Takeover
A pair of bugs in the Snap-owned tracking app reveal phone numbers and allow account hijacking.
Threatpost