Apple released new updates earlier this week that patch zero-day vulnerabilities in iOS and iPadOS devices. The flaws fixed in the latest updates have reportedly been exploited in the wild by threat actors. One of the flaws is an out-of-bounds write issue in the kernel and could be exploited by

Microsoft has fast-tracked two patches for vulnerabilities impacting Microsoft Exchange Servers. The vulnerabilities have been reported as zero-days. While Microsoft works on developing a patch, businesses should be on alert for attacks targeting these vulnerabilities. Last Friday, Microsoft confirmed that it has identified targeted attacks, albeit limited. The bugs can

Apple has released more updates to patch a remote-code execution flaw that is being actively exploited. The vulnerability was patched earlier this month in newer devices. However, the Wednesday update, iOS 12.5.6 now makes it possible to patch iPhone 5s, iPhone 6, iPhone 6 Plus, iPad Air, iPad mini 2,

Google reported that 2021 was a record year for zero-day exploits, the highest number since Google began tracking them. However, the company states that this could be a result of improved detection efforts and disclosure procedures rather than increased criminal activity. Project Zero, Google’s exploit team, tracked 58 zero-day exploits

Google has released an emergency patch for a security flaw found in the open-source V8 JavaScript engine that is being actively exploited in the wild. The vulnerability applies to Google’s Stable channel for the desktop version of Chrome. The bug is being tracked as CVE-2022-1096 and is a type-confusion issue.

A new ransomware strain is allegedly targeting the QNAP customer base, effectively locking users out of the Network Attached Storage (NAS) devices and prohibiting them from accessing stored data. The attacks are stemming from a zero-day flaw in the products, according to security researchers. QNAP NAS have been a target

The FBI released an alert stating that the advanced persistent threat groups (APTs) have been exploiting a zero-day flaw in FatPipe’s virtual private network as a way to breach companies and gain access to internal networks. The FBI stated that the threat groups have been exploiting the zero-day vulnerability since

Apache HTTP Server Project developers are urging users to immediately implement a patch that resolves a zero-day vulnerability. According to a security advisory that was published yesterday, the bug is known to be actively exploited in the wild. Apache HTTP Server is an open-source project that focuses on the development

On Monday, the UK government came forth to publicly accuse the Chinese government of perpetrating a damaging Microsoft Exchange Server hack that targeted organizations across Europe and North America. The UK joined several other entities, including the US and Microsoft itself, in claiming that China, specifically a state-sponsored hacking group

According to researchers from Google’s Threat Analysis Group and Project Zero, attackers exploited a Safari vulnerability to target government officials in Western Europe. The vulnerability was leveraged to send malicious links to government officials via LinkedIn. Google’s research team detected and reported the vulnerability, publishing a blog post on Wednesday