zero-day exploit
Report: Apple "neglects" to patch zero-days for older macOS versions

Report: Apple "neglects" to patch zero-days for older macOS versions
Analysis shows large proportion of Macs in operation remain unprotected to the actively exploited flaws patched last week
6 Apr 2022
Apple releases emergency patch fixing zero-days across iOS and macOS

Apple releases emergency patch fixing zero-days across iOS and macOS
Flaws have been fixed on iPhones, iPads, and Macs, as well as undisclosed vulnerabilities on Apple TV and Apple Watch devices
1 Apr 2022
Patch finally released for Spring4Shell zero-day after vulnerable businesses put on high alert

Patch finally released for Spring4Shell zero-day after vulnerable businesses put on high alert
With proof-of-concept code out in the wild, businesses are encouraged to assess their exposure to what's being dubbed 'Log4Shell 2.0'
31 Mar 2022
Google patches second Chrome browser zero-day of 2022

Google patches second Chrome browser zero-day of 2022
Google acted quickly to secure against the type confusion vulnerability that was under active exploitation
28 Mar 2022
Google exposes 'uniquely personal' access broker behind worst Conti, FIN12 ransomware attacks

Google exposes 'uniquely personal' access broker behind worst Conti, FIN12 ransomware attacks
Investigation unveils the inner workings of one access broker that helped two of the most-hated ransomware gangs in history
18 Mar 2022
Google doubles bug bounty rewards for Linux, Kubernetes exploits

Google doubles bug bounty rewards for Linux, Kubernetes exploits
The increased rewards are said to align better with the community's expectations of a bug bounty programme of this kind
16 Feb 2022
Apple users told to update their devices to fix critical WebKit flaw

Apple users told to update their devices to fix critical WebKit flaw
The security flaw allowed code execution on a range of devices and represents the third major vulnerability to be patched by Apple this year
11 Feb 2022
Microsoft's Patch Tuesday fixes 70 vulnerabilities after a troublesome January update

Microsoft's Patch Tuesday fixes 70 vulnerabilities after a troublesome January update
Microsoft will be hoping for a bug-free round of patches after admins complained of January's updates breaking more components than they fixed
9 Feb 2022
Apple fixes array of iOS, macOS zero-days and code execution security flaws

Apple fixes array of iOS, macOS zero-days and code execution security flaws
The first wave of security updates for Apple products in 2022 follows a year in which a wide variety of security flaws plagued its portfolio of device…
27 Jan 2022
Microsoft takes aim at critical RCE flaws with "massive" Patch Tuesday update

Microsoft takes aim at critical RCE flaws with "massive" Patch Tuesday update
Microsoft has kicked off 2022 with a score of security fixes for critical-rated vulnerabilities in some of the most widely used products used by busin…
12 Jan 2022
What is the Log4Shell vulnerability?

What is the Log4Shell vulnerability?
The critical flaw affecting products built using Java is set to cause headaches in the enterprise for months to come
20 Dec 2021
Log4Shell: New numbers reveal the scale of the critical software exploit

Log4Shell: New numbers reveal the scale of the critical software exploit
Researchers detail how much the Log4J vulnerability is being exploited and who is being targeted the most
15 Dec 2021
Firefox 95 boosts protection against zero-day attacks

Firefox 95 boosts protection against zero-day attacks
Mozilla's browser now takes a more granular approach to walling off code
7 Dec 2021
Microsoft patch fails to fix Installer zero-day affecting every version of Windows

Microsoft patch fails to fix Installer zero-day affecting every version of Windows
The exploit allows hackers to elevate privileges and create admin accounts
25 Nov 2021
Hackers used MSHTML exploit a week before patches were ready

Hackers used MSHTML exploit a week before patches were ready
New report finds cyber criminals automating exploit creation to help less capable hackers
14 Oct 2021
Kaspersky exposes MysterySnail zero-day exploit in Windows 

Kaspersky exposes MysterySnail zero-day exploit in Windows
Elevation-of-privilege flaw could enable Chinese hackers to mount widespread spying campaign
13 Oct 2021
100 million IoT devices affected by zero-day flaw

100 million IoT devices affected by zero-day flaw
Vulnerability could affect car, fire detection, and patient data sensors
24 Sep 2021
What's behind the explosion in zero-day exploits?

What's behind the explosion in zero-day exploits?
Projections show the industry will detect almost three times as many exploits in 2021 as were found last year
3 Aug 2021
Weekly threat roundup: Windows 11, Cloudflare, Google Chrome

Weekly threat roundup: Windows 11, Cloudflare, Google Chrome
Pulling together the most dangerous and pressing flaws that businesses need to patch
22 Jul 2021
Security researchers uncover more Print Spooler vulnerabilities

Security researchers uncover more Print Spooler vulnerabilities
Microsoft advises customers to disable the component entirely to prevent attacks following the PrintNightmare debacle
19 Jul 2021
Recent Microsoft attacks traced to secretive Israeli spyware firm

Recent Microsoft attacks traced to secretive Israeli spyware firm
Candiru, which trades exclusively with governments, distributed zero-day exploits for vulnerabilities patched this week
16 Jul 2021
Weekly threat roundup: Microsoft Teams, iOS, Samsung Galaxy

Weekly threat roundup: Microsoft Teams, iOS, Samsung Galaxy
Pulling together the most dangerous and pressing flaws that businesses need to patch
17 Jun 2021