Cyber Security News
New Windows Zero-Day Vulnerability Let Attackers Steal Credentials From Victim’s Machine
A security researcher discovered a vulnerability in Windows theme files in the previous year, which allowed malicious actors to steal Windows users' credentials.When a theme file specifies a network...
Cyber Security News
New AI Tool To Discover 0-Days At Large Scale With A Click Of A Button
Vulnhuntr, a static code analyzer using large language models (LLMs), discovered over a dozen zero-day vulnerabilities in popular open-source AI projects on Github (over...
cyber security
Mozilla Warns Of Firefox Zero-Day Actively Exploited In Cyber Attacks
A critical use-after-free vulnerability affecting Firefox and Firefox Extended Support Release (ESR) is being actively exploited in cyberattacks.With a CVSS base score of 9.8,...
Android
Hackers Exploiting Zero-day Flaw in Qualcomm Chips to Attack Android Users
Hackers exploit a zero-day vulnerability found in Qualcomm chipsets, potentially affecting millions worldwide.The flaw, identified as CVE-2024-43047, is a use-after-free vulnerability resulting from memory...
cyber security
Critical Automative 0-Day Flaws Let Attackers Gain Full Control Over Cars
Recent discoveries in the automotive cybersecurity landscape have unveiled a series of critical zero-day vulnerabilities that could allow attackers to gain full control over...
cyber security
Multiple 0-Day Flaws in Automated Tank Gauge Systems Threaten Critical Infrastructure
Cybersecurity researchers from BitSight TRACE have uncovered multiple 0-day vulnerabilities in Automated Tank Gauge (ATG) systems, which are integral to managing fuel storage tanks...
CVE/vulnerability
Windows MSHTML Zero-Day Vulnerability Exploited In The Wild
Adobe released eight security updates in September 2024, addressing 28 vulnerabilities in various products, as ColdFusion received a critical patch to mitigate a code...
CVE/vulnerability
PoC Exploit Released For 0-Day Windows Kernel Privilege Escalation Vulnerability
Microsoft released several patches for multiple vulnerabilities during the Patch Tuesday for August 2024. One of the vulnerabilities listed by Microsoft was the CVE-2024-38106....
cyber security
Google Patches Actively Exploited Android 0-day Privilege Escalation Vulnerability
Google has released a patch addressing a critical zero-day vulnerability that has been actively exploited.This vulnerability, CVE-2024-32896, is a privilege escalation flaw within the...
CVE/vulnerability
North Korean Hackers Actively Exploiting Chromium RCE Zero-Day In The Wild
Microsoft has identified a North Korean threat actor, Citrine Sleet, exploiting a zero-day vulnerability in Chromium (CVE-2024-7971) to gain remote code execution on cryptocurrency...
Cyber Attack
Operation DevilTiger, APT Hackers 0-Day Exploitation Tactics Exposed
The APT-Q-12 group, also known as Pseudo Hunter, is a Northeast Asian threat actor linked to Darkhotel, which primarily targets East Asian countries, including...