zero-day

A Deep Dive into April Patch Tuesday: Addressing the Exploited Windows Zero-Day and Additional Vulnerabilities A critical Windows zero-day has surfaced on April Patch Tuesday, demanding immediate attention from IT administrators. This incident highlights not only the evolving methods of cyber...

A Critical Windows Vulnerability Uncovered: Inside the Windows Common Log File System Zero-Day A new and dangerous zero-day vulnerability has emerged in the Windows Common Log File System (CLFS) driver, tracked as CVE-2025-29824. The nature of the flaw, a use-after-free error in the core logging...

New Windows Zero-Day Vulnerability: NTLM Credential Theft on the Horizon A newly discovered zero-day vulnerability is sending shockwaves through the Windows community, potentially allowing remote attackers to steal NTLM authentication credentials without requiring any user interaction beyond...

A newly discovered Windows zero-day vulnerability is raising alarms across the security community, targeting NTLM credentials and potentially impacting a broad range of Windows systems—from legacy versions like Windows 7 and Server 2008 R2 to the latest iterations such as Windows 11 v24H2 and...

Windows Zero‑Day: Exploited by 11 State Actors A recent investigative report reveals that a particularly dangerous Windows zero‑day vulnerability has been exploited by as many as 11 state‑sponsored hacking groups since 2017. This persistent flaw, which targets the way Windows handles NTLM...

Microsoft's latest Patch Tuesday update for March 2025 has once again put security squarely in the spotlight. In this release, Microsoft has rolled out over 50 security patches that include fixes for six dangerous zero-day vulnerabilities already being exploited in the wild. As always, this...

Microsoft’s latest Patch Tuesday has arrived with a hefty roll-out of 63 updates across Windows, Microsoft Office, and developer platforms. While this cycle might seem lighter than some previous releases, it carries crucial patches—especially for Windows—highlighting two actively exploited...

Microsoft has released its February 2025 Patch Tuesday security updates, addressing a total of 55 vulnerabilities across various Windows products. Among these, 3 are classified as critical, and 4 are zero-day vulnerabilities, with 2 actively exploited in the wild. Critical Vulnerabilities...

Attention, Windows and Microsoft Outlook users! A lurking danger has been unearthed amidst the crowd of Microsoft's January security updates. A vulnerability, identified as CVE-2025-21298, has been rated 9.8 out of 10 on the Common Vulnerabilities and Exposures (CVE) scoring scale, and it’s...

Hold onto your hats, Windows enthusiasts, because a newly disclosed vulnerability might just have you looking twice at your authentication systems. Microsoft has released crucial information detailing a Zero-Day vulnerability in Kerberos authentication protocols dubbed CVE-2025-21299. This isn’t...

As the year comes to a close, Microsoft has pulled no punches, laying out an extensive array of security updates in its December 2024 Patch Tuesday rollout. In total, a staggering 71 vulnerabilities have been addressed, with 16 categorized as critical and one particularly alarming zero-day...

In a critical alert to Windows users everywhere, Microsoft has announced a significant update as part of its December 2024 Patch Tuesday rollout, addressing a nasty zero-day vulnerability that's been causing alarm across the community. With the potential for grave exploits at play, if you’re...

In a troubling announcement that has sent shockwaves through the Windows user community, cybersecurity experts have confirmed a brand new zero-day vulnerability affecting all Windows versions from 7 through 11, as well as Windows Server 2008 R2 onwards. This security flaw is particularly...

In an alarming turn of events for Windows users everywhere, a new zero-day vulnerability has emerged, affecting all versions of Windows 11, Windows 10, and Windows Server. This vulnerability is particularly concerning as it allows attackers to steal NTLM (New Technology LAN Manager) credentials...

2021 and into 2022 have seen continued innovation in the attack landscape as cybercriminals refine tactics and tools to evade defenses. 2021 saw the highest year on record for zero-day exploits, increased firmware attacks and new tampering attacks targeting security agents. Microsoft and our...

In brief: It seems that gaining administrator-level Windows privileges on a PC doesn't require much work; all you need is physical access and a Razer mouse or keyboard. It's the result of a zero-day vulnerability in the company's popular Synapse software that exploits the plug-and-play...

Original release date: April 26, 2021 Summary The Federal Bureau of Investigation (FBI), Department of Homeland Security (DHS), and Cybersecurity and Infrastructure Security Agency (CISA) assess Russian Foreign Intelligence Service (SVR) cyber actors—also known as Advanced Persistent Threat 29...

Original release date: February 24, 2021 Summary This joint advisory is the result of a collaborative effort by the cybersecurity authorities of Australia,[Link Removed] New Zealand,[2] Singapore,[3] the United Kingdom,[4] and the United States.[Link Removed][6] These authorities are aware of...

Today Microsoft announced the MAPP program Top Vulnerability Contributors, Top Threat Indicator Submitters, and Top Zero-Day Reporting for the period of July 1, 2018 – June 30, 2019. The Microsoft Active Protections Program provides security and protection to customers through cooperation and...

for everyone using firefox (or tor) … update your browser immediately … there are some critical updates you don't want to miss. the updates are engineered to circumvent a zero-day exploit. according to the article(s) posted below … evidently, pc 'n mac 'n linux...