Technology ❯Cybersecurity ❯Vulnerabilities

Zero-Day Vulnerabilities

Palo Alto Networks Browser Security CVE-2025-53779 CVE-2024-39717 CVE-2024-38217 CVE-2024-43572 Microsoft Products Apple WebKit NTLM Credentials Theft CVE-2024-49138 CVE-2025-0282 VPN Software CVE-2025-21333 CVE-2025-24085 Apple Security Updates VMware Vulnerabilities CVE-2025-24201 CVE-2025-24983 Exploitation of Zero-Day Vulnerabilities WinRAR CVE-2025-8088 CVE-2025-53770 Exploited Vulnerabilities Exploitation Trends Microsoft SharePoint Microsoft Windows CVE-2025-5419 CVE-2024-38475 WinRAR Vulnerability CVE-2025-8088 Microsoft SQL Server Sitecore Vulnerability SonicWall Products SonicWall SSL VPNs SonicWall Gen 7 Firewalls Exploitation SonicWall SSL VPN Trend Micro Apex One SonicWall CVE-2024-40766 Remote Code Execution CVE-2025-43300 Citrix NetScaler CVE-2025-53690 Check Point VPN Vulnerability Sitecore

CISA Orders Immediate Fix for Actively Exploited Sitecore ViewState Flaw (CVE-2025-53690)

Mandiant traced the intrusions to reused sample ASP.NET machine keys from older Sitecore deployment guides.

Citrix NetScaler Zero‑Day Triggers Emergency Patching as Thousands of Devices Remain Exposed

WinRAR Issues Patch for Zero-Day Exploited by Two Russia-Aligned Groups

SonicWall Blames Patched CVE-2024-40766 for Akira Ransomware Attacks

Trend Micro Releases Mitigation Tool for Critical Apex One Zero-Days

SonicWall Investigates SSL VPN Zero-Day After Surge in Akira Ransomware Attacks

Researchers Expose OVERSTEP Rootkit on End-of-Life SonicWall VPNs

Emergency Chrome Update Fixes Actively Exploited Zero-Day Bug

Zero-Day Exploits in 2024 Shift Toward Enterprise Targets, Google Reports

Apple Urges Users to Update to iOS 18.3.2 to Fix Critical Security Flaw

Microsoft, Apple, and Google Address Critical Security Flaws in March Updates

Apple Fixes Actively Exploited Zero-Day Vulnerability Across Devices

Microsoft's January 2025 Patch Tuesday Fixes 8 Zero-Days and 159 Vulnerabilities

UK Domain Registry Nominet Confirms Network Breach via Ivanti VPN Zero-Day Exploit

Ivanti VPN Zero-Day Exploits Target Corporate Networks with Sophisticated Malware

Microsoft Patches Actively Exploited Zero-Day and 71 Security Flaws in December Update

Windows NTLM Zero-Day Exposes Credentials Without User Interaction

Microsoft Patches 91 Flaws, Including Four Zero-Days in November Update

Microsoft's October Patch Tuesday Addresses 117 Vulnerabilities, Including 5 Zero-Days

Microsoft's September 2024 Patch Tuesday Addresses Four Zero-Days and 79 Flaws