IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

zero-day exploit

Report: Apple "neglects" to patch zero-days for older macOS versions
The Apple logo displayed next to a promotional poster for macOS Big Sur
Security

Report: Apple "neglects" to patch zero-days for older macOS versions

Analysis shows large proportion of Macs in operation remain unprotected to the actively exploited flaws patched last week
6 Apr 2022
Apple releases emergency patch fixing zero-days across iOS and macOS
Image of iPhone 13 on a white background
zero-day exploit

Apple releases emergency patch fixing zero-days across iOS and macOS

Flaws have been fixed on iPhones, iPads, and Macs, as well as undisclosed vulnerabilities on Apple TV and Apple Watch devices
1 Apr 2022
Patch finally released for Spring4Shell zero-day after vulnerable businesses put on high alert
Cyber security represented by a digital screen with encryption data background
Security

Patch finally released for Spring4Shell zero-day after vulnerable businesses put on high alert

With proof-of-concept code out in the wild, businesses are encouraged to assess their exposure to what's being dubbed 'Log4Shell 2.0'
31 Mar 2022
Google patches second Chrome browser zero-day of 2022
Google Chrome logo on a Chromebook
zero-day exploit

Google patches second Chrome browser zero-day of 2022

Google acted quickly to secure against the type confusion vulnerability that was under active exploitation
28 Mar 2022
Google exposes 'uniquely personal' access broker behind worst Conti, FIN12 ransomware attacks
The outline of a skull displayed in computer code to represent malware
ransomware

Google exposes 'uniquely personal' access broker behind worst Conti, FIN12 ransomware attacks

Investigation unveils the inner workings of one access broker that helped two of the most-hated ransomware gangs in history
18 Mar 2022
Google doubles bug bounty rewards for Linux, Kubernetes exploits
Mockup of a stethoscope treating a keyboard, symbolising a computer bug patch
zero-day exploit

Google doubles bug bounty rewards for Linux, Kubernetes exploits

The increased rewards are said to align better with the community's expectations of a bug bounty programme of this kind
16 Feb 2022
Apple users told to update their devices to fix critical WebKit flaw
iPhone 11 Pro held in someone's hand
vulnerability

Apple users told to update their devices to fix critical WebKit flaw

The security flaw allowed code execution on a range of devices and represents the third major vulnerability to be patched by Apple this year
11 Feb 2022
Microsoft's Patch Tuesday fixes 70 vulnerabilities after a troublesome January update
Image of Microsoft logo on a smartphone in front of a white backdrop with many identical Microsoft logos sprawled across
cyber security

Microsoft's Patch Tuesday fixes 70 vulnerabilities after a troublesome January update

Microsoft will be hoping for a bug-free round of patches after admins complained of January's updates breaking more components than they fixed
9 Feb 2022
Apple fixes array of iOS, macOS zero-days and code execution security flaws
Apple logo on the side of a building
zero-day exploit

Apple fixes array of iOS, macOS zero-days and code execution security flaws

The first wave of security updates for Apple products in 2022 follows a year in which a wide variety of security flaws plagued its portfolio of device…
27 Jan 2022
Microsoft takes aim at critical RCE flaws with "massive" Patch Tuesday update
Win 11 on a smartphone in front of code on a monitor
cyber security

Microsoft takes aim at critical RCE flaws with "massive" Patch Tuesday update

Microsoft has kicked off 2022 with a score of security fixes for critical-rated vulnerabilities in some of the most widely used products used by busin…
12 Jan 2022
The scariest security horror stories of 2021
A hacker against a red background
cyber security

The scariest security horror stories of 2021

A crisis at Microsoft, the ransomware resurgence, and endless zero-days dominated headlines
28 Dec 2021
What is the Log4Shell vulnerability?
Mockup image with padlocks to symbolise a cyber security vulnerability
zero-day exploit

What is the Log4Shell vulnerability?

The critical flaw affecting products built using Java is set to cause headaches in the enterprise for months to come
20 Dec 2021
Log4Shell: New numbers reveal the scale of the critical software exploit
Abstract image of stacked broken egg shells
zero-day exploit

Log4Shell: New numbers reveal the scale of the critical software exploit

Researchers detail how much the Log4J vulnerability is being exploited and who is being targeted the most
15 Dec 2021
Firefox 95 boosts protection against zero-day attacks
The Mozilla Firefox logo on a laptop
web browser

Firefox 95 boosts protection against zero-day attacks

Mozilla's browser now takes a more granular approach to walling off code
7 Dec 2021
Microsoft patch fails to fix Installer zero-day affecting every version of Windows
Red lock unlocked among several blue locked locks
zero-day exploit

Microsoft patch fails to fix Installer zero-day affecting every version of Windows

The exploit allows hackers to elevate privileges and create admin accounts
25 Nov 2021
Hackers used MSHTML exploit a week before patches were ready
"ZERO DAY" in red on a white background
zero-day exploit

Hackers used MSHTML exploit a week before patches were ready

New report finds cyber criminals automating exploit creation to help less capable hackers
14 Oct 2021
Kaspersky exposes MysterySnail zero-day exploit in Windows
A depiction of a bug on a blue binary background
zero-day exploit

Kaspersky exposes MysterySnail zero-day exploit in Windows

Elevation-of-privilege flaw could enable Chinese hackers to mount widespread spying campaign
13 Oct 2021
100 million IoT devices affected by zero-day flaw
IoT network with hackers
Internet of Things (IoT)

100 million IoT devices affected by zero-day flaw

Vulnerability could affect car, fire detection, and patient data sensors
24 Sep 2021
What's behind the explosion in zero-day exploits?
A figure in a hooded jumper against a red and blue background
zero-day exploit

What's behind the explosion in zero-day exploits?

Projections show the industry will detect almost three times as many exploits in 2021 as were found last year
3 Aug 2021
Weekly threat roundup: Windows 11, Cloudflare, Google Chrome
Graphic showing a red unlocked padlock surrounded by blue locked padlocks
vulnerability

Weekly threat roundup: Windows 11, Cloudflare, Google Chrome

Pulling together the most dangerous and pressing flaws that businesses need to patch
22 Jul 2021
Security researchers uncover more Print Spooler vulnerabilities
The Windows (start menu) key on a keyboard
vulnerability

Security researchers uncover more Print Spooler vulnerabilities

Microsoft advises customers to disable the component entirely to prevent attacks following the PrintNightmare debacle
19 Jul 2021
Recent Microsoft attacks traced to secretive Israeli spyware firm
Darkened image of a hacker wearing a hoodie using computing equipment
hacking

Recent Microsoft attacks traced to secretive Israeli spyware firm

Candiru, which trades exclusively with governments, distributed zero-day exploits for vulnerabilities patched this week
16 Jul 2021
Weekly threat roundup: Microsoft Teams, iOS, Samsung Galaxy
Graphic showing a red unlocked padlock surrounded by blue locked padlocks
vulnerability

Weekly threat roundup: Microsoft Teams, iOS, Samsung Galaxy

Pulling together the most dangerous and pressing flaws that businesses need to patch
17 Jun 2021