Zero-Day | KITEFALL

Federal agencies told to fix or ditch Gogs as exploited zero-day lands on CISA hit list 2026-01-13 14:43 The Register CISA has ordered federal agencies to stop using Gogs or lock it down immediately after a high-severity vulnerability in the self-hosted Git service was added to its Known Exploited Vulnerabilities (KEV) catalog. The US cybersecurity agency added the path …
WhatsApp Zero-Day: Missed Call Can Hack Your Smartphone During Lohri-Details 2026-01-13 09:05 Zee News WhatsApp Zero-Day Attack: For millions of people, WhatsApp is a crucial part of daily life, used for chatting with friends, making calls, and sharing moments. But a fresh cybersecurity alert has raised serious concerns. Experts have discovered a “zero-day” …
UAE Warns Banking Customers To Be On 'High Alert' For Zero-Day WhatsApp Security Breach 2026-01-12 16:50 Tech Times Banking customers across the UAE are being urged to stay vigilant after reports surfaced of a serious WhatsApp "zero-day" security breach that could allow cybercriminals to take over smartphones through a single voice call. Emirates NBD has …
Hackers Exploiting VMware ESXi Instances in the Wild Using zero-day Exploit Toolkit 2026-01-08 04:43 Cyber Security News Hackers are exploiting VMware ESXi instances in the wild with a zero-day exploit toolkit that chains multiple vulnerabilities for VM escapes. Cybersecurity firm Huntress disrupted one such attack, attributing initial access to a compromised SonicWall VPN. …
Apple Patches Zero-Day iPhone Vulnerabilities Linked to Pegasus Spyware 2026-01-02 20:59 WebProNews In the ever-evolving realm of cybersecurity, Apple Inc. has once again thrust itself into the spotlight with a stark advisory to its vast user base. The company recently alerted approximately 1.8 billion iPhone owners worldwide about a sophisticated …
2025’s Most Disappointing Shows, From ‘All’s Fair’ to ‘Zero Day’ 2025-12-31 21:20 TV Insider For many, 2025 is ending not with a bang or a whimper but just an exasperated sigh. Amid all the anxieties and terrors of the last 365 days, even television, our best and most accessible means of escapism, has been letting us down. We had great …
Apple warns all iPhone users of critical zero day security vulnerabilities 2025-12-30 16:24 Metro People have been warned to update their software ASAP (Picture: Shutterstock/Tada Images) Apple users have been warned to update their devices, after a critical security bug is thought to have been used in targeted attacks. The latest iOS update, 26.2, …
Critical Zero-Day RCE Flaw in Networking Devices Exposes Over 70,000 Hosts 2025-12-29 19:04 GBHackers A severe unauthenticated remote code execution vulnerability has been discovered in XSpeeder networking devices, potentially affecting more than 70,000 publicly accessible hosts worldwide. Tracked as CVE-2025-54322, the flaw allows attackers to gain root- …
Apple patches two zero-day flaws used in targeted attacks 2025-12-27 18:45 Fox News Kurt the CyberGuy joins 'Fox & Friends' to share his tips to stay safe from online scammers and recent warnings on how AI toys can harm children. NEWYou can now listen to Fox News articles! Apple has released emergency security updates to fix …
Zero-day exploits increasingly target AI agents ahead of large-scale 2026 deployments 2025-12-26 18:47 GCN As businesses prepare to roll out agentic AI systems by 2026, cybersecurity professionals are issuing new warnings about potential risks. Their concerns center on a potential increase in zero-day exploits on agentic autonomous AI systems. As decision- …
Clop Ransomware Breaches University of Phoenix via Oracle Zero-Day, Steals 3.5M Records 2025-12-23 17:39 WebProNews The Shadowy Exploitation of Oracle Flaws: Inside the University of Phoenix Cyber Intrusion In the ever-evolving realm of cybersecurity threats, the recent data breach at the University of Phoenix stands as a stark reminder of vulnerabilities lurking in …
Chinese Hackers Exploit Cisco Zero-Day Flaw in Espionage Attacks 2025-12-22 17:01 WebProNews Exposed Gateways: China’s Stealth Assault on Cisco’s Digital Fortresses In the shadowy realm of global cybersecurity, a new front has emerged with Chinese state-linked hackers targeting vulnerabilities in Cisco’s widely used security products. Recent …
WatchGuard Fixes Firewall Zero-Day Being Actively Exploited 2025-12-22 16:08 Bank Information Security - New Jersey Network Firewalls, Network Access Control , Security Operations Scans Count 117,000 Unpatched Firewalls Running Vulnerable Version of Fireware OS Mathew J. Schwartz (euroinfosec) • December 22, 2025 Image: Shutterstock Attackers are actively attempting …
Week in review: Exploited zero-day in Cisco email security appliances, Kali Linux 2025.4 released 2025-12-21 09:00 Help Net Security Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: How researchers are teaching AI agents to ask for permission the right way People are starting to hand more decisions to AI agents, from booking trips to …
100+ Cisco Secure Email Devices Exposed to Zero‑Day Exploited in the Wild 2025-12-21 07:34 Cyber Security News Security researchers have identified at least 120 Cisco Secure Email Gateway and Cisco Secure Email and Web Manager devices vulnerable to a critical zero-day flaw that attackers are actively exploiting in the wild. The vulnerability, tracked as CVE-2025- …
Cisco email security products actively targeted in zero-day campaign 2025-12-19 20:46 TechRadar Share Share this article Follow us Add us as a preferred source on Google Cisco confirms zero‑day (CVE‑2025‑20393) in Secure Email appliances exploited by China‑linked actors Attackers deployed Aquashell backdoor, tunneling tools, and log‑clearing …
Chinese Hackers Exploit Zero-Day Vulnerability in Cisco Products 2025-12-19 20:33 Mezha On Wednesday, Cisco announced that a group of hackers backed by the Chinese government is exploiting the vulnerability aimed at corporate clients who use some of the company’s most popular products. Cisco has not disclosed how many customers have already …
WatchGuard fixes ‘critical’ zero-day allowing firewall takeover 2025-12-19 17:41 CSO The resolved versions are 2025.1.4, 12.11.6, 12.5.15 (T15 & T35 models), and 12.3.1_Update4 (B728352) for the FIPS-certified release. There is no fix for 11.x, which is considered end of life. Importantly, WatchGuard warned, patching may not be enough: …
Cisco bestätigt Zero-Day-Exploit für Secure Email 2025-12-19 11:33 CSO Zudem sei unklar, wie viele Unternehmen die Funktion in Produktionsumgebungen aktiviert haben, „Die Spam-Quarantäne bietet Administratoren die Möglichkeit, ‚False Positives‘, also legitime E-Mail-Nachrichten, die vom Gerät als Spam eingestuft wurden, zu …
WatchGuard Zero-Day Actively Exploited to Seize Control of Firewalls 2025-12-19 10:00 GBHackers WatchGuard has issued an urgent warning regarding a critical zero-day vulnerability in its Firebox firewall appliances that is currently being exploited in the wild. The flaw, tracked as CVE-2025-14733, allows remote attackers to seize control of affected …
Cisco customers hit by fresh wave of zero-day attacks from China-linked APT 2025-12-19 03:13 CyberScoop Cisco customers are confronting a fresh wave of attacks from a Chinese threat group that has actively exploited a critical zero-day vulnerability affecting the vendor’s software for email and web security since at least late November, the company said in …
Chinese attackers exploiting zero-day to target Cisco email security products 2025-12-18 22:31 The Record Chinese hackers have been exploiting a vulnerability in a popular Cisco email management tool since late November, the company said Wednesday. Cisco warned customers about the bug — CVE-2025-20393 — writing in an advisory that the vulnerability carries a …
Another bad week for SonicWall as SMA 1000 zero-day under active exploit 2025-12-18 14:48 The Register SonicWall has warned customers of a zero-day flaw in its SMA 1000 remote-access appliance that's being actively exploited, potentially allowing attackers to escalate privileges and take over boxes. The bug, tracked as CVE-2025-40602, resides in the …
Cisco says Chinese hackers are exploiting an unpatched AsyncOS zero-day flaw – here's what we know so far 2025-12-18 12:00 IT Pro Share Share this article Follow us Add us as a preferred source on Google Cisco has issued a warning to customers after revealing China-linked hackers are exploiting a new high-severity zero day flaw in some security products. Products targeted in the …
Hackers Actively Exploit SonicWall SMA1000 Zero-Day to Escalate Privileges 2025-12-18 11:44 GBHackers SonicWall has issued an urgent security advisory warning of active exploitation of a local privilege escalation vulnerability affecting its SMA1000 appliances. The flaw, tracked as CVE-2025-40602, enables attackers with management console access to gain …
Cisco confirms zero-day exploitation of Secure Email products 2025-12-18 11:07 CSO “From a security standpoint, it is indeed the right call,” Tyagi said. “When there’s a risk that attackers have embedded themselves deep in a system, patching alone won’t solve the issue. Rebuilding is the only way to be confident the threat is fully …
Unpatchable Cisco Zero-Day Under Active Exploit by Chinese Hackers 2025-12-18 09:58 Zoom Bangla News A critical flaw in Cisco’s security software is being actively weaponized. Hackers linked to China are exploiting the vulnerability to gain total control of email gateway devices. This campaign was confirmed by Cisco on Wednesday, December 17, 2025. The …
ForumTrol Operation Uses Chrome Zero-Day in Fresh Phishing Attacks 2025-12-18 01:18 GBHackers The ForumTroll APT group has resurfaced with a sophisticated phishing campaign targeting Russian academics, marking a significant escalation in their ongoing operations against entities in Russia and Belarus. While the group initially gained notoriety for …
Cisco email security appliances rooted and backdoored via still unpatched zero-day 2025-12-17 22:33 Help Net Security A suspected Chinese-nexus threat group has been compromising Cisco email security devices and planting backdoors and log-purging tools on them since at least late November 2025, Cisco Talos researchers have shared. “Our analysis indicates that appliances …
Cisco says Chinese hackers are exploiting its customers with a new zero-day 2025-12-17 19:31 TechCrunch On Wednesday, Cisco announced hackers are exploiting a critical vulnerability in some of its most popular products that allows the full takeover of affected devices. Worse, there are no patches available at this time. In a security advisory, Cisco said it …
Exploited SonicWall zero-day patched (CVE-2025-40602) 2025-12-17 18:55 Help Net Security SonicWall has patched a local privilege escalation vulnerability (CVE-2025-40602) affecting its Secure Mobile Access (SMA) 1000 appliances and is urging customers to apply the provided hotfix, as the flaw has been exploited by attackers. “This …
Everything you need to know about Google and Apple’s emergency zero-day patches 2025-12-17 12:33 IT Pro Share Share this article Follow us Add us as a preferred source on Google Apple, Google, and other browser makers have rolled out patches for zero-day bugs that are already being used by threat actors in "sophisticated" attacks. Google noted that …
CISA Alerts on Apple WebKit Zero-Day Actively Used in Cyberattacks 2025-12-17 00:14 GBHackers The Cybersecurity and Infrastructure Security Agency (CISA) has added a critical zero-day vulnerability affecting multiple Apple products to its Known Exploited Vulnerabilities (KEV) catalog, signaling active exploitation in the wild. CVE-2025-43529 …
Apple, Google release emergency zero-day security patch 2025-12-16 09:03 Gulf News Apple’s emergency update effort spans multiple platforms — including iPhones, iPads, macOS, watchOS, and Safari — closing at least two zero-day flaws that security agencies say have been exploited in real-world attacks. The vulnerabilities, discovered in …
Apple rushes out emergency patch for zero-day WebKit flaws 2025-12-16 04:52 Bangkok Post Apple has rushed out an emergency security patch to fix two zero-day vulnerabilities that have been exploited in sophisticated attacks. The critical flaws target WebKit, the core web engine used across all of Apple's operating systems. The company …
Apple says it fixed zero-day flaws used for 'sophisticated' attacks 2025-12-15 17:56 TechRadar Pro Apple patches two WebKit zero‑days (CVE‑2025‑43529 and CVE‑2025‑14174) used in a highly targeted attack Flaws were jointly uncovered by Google TAG and Apple, with Chrome receiving a parallel fix Updates span iOS, iPadOS, macOS, watchOS, tvOS, visionOS, and …
Zero-day vulnerabilities found: Apple iPhone, iPad users urged to update devices 2025-12-15 12:24 Asiaone Apple users should update the mobile operating system software of their devices, said the Singapore Cyber Emergency Response Team (SingCert) on Sunday (Dec 14). The advisory follows the finding of two zero-day vulnerabilities in Apples' WebKit, which …
Pentesting With Proof. Zero-Day, Zero-Pay and the #1 AI Hacker Behind It 2025-12-15 09:43 The Hacker News
CISA Alerts on Actively Exploited Google Chromium Zero-Day Flaw 2025-12-15 07:35 GBHackers The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent alert regarding a critical zero-day vulnerability in Google Chrome that is being actively exploited in the wild. The flaw, tracked as CVE-2025-14174, poses a significant risk …
Google and Apple Patch Exploited Zero-Day Vulnerabilities in Urgent Update 2025-12-15 00:19 WebProNews In a swift response to escalating cyber threats, tech giants Google and Apple have deployed emergency security patches to counter zero-day vulnerabilities actively exploited by hackers. The updates, rolled out in mid-December 2025, address flaws that …
Apple Patches Two Actively Exploited Zero-Day WebKit Vulnerabilities 2025-12-14 14:02 WebProNews In the fast-paced world of cybersecurity, where threats evolve as quickly as the technologies they target, Apple Inc. has once again found itself at the center of a high-stakes battle against sophisticated digital adversaries. Just days ago, the Cupertino- …
Apple Confirms Zero-Day Exploitation in Targeted Attacks on iPhone Users 2025-12-13 21:23 GBHackers Apple has issued critical security patches addressing two actively exploited zero-day vulnerabilities affecting iPhone and iPad devices. The tech giant confirmed that both flaws were leveraged in extremely sophisticated attacks targeting specific …
Apple iOS 26.2 Security Update Patches Actively Exploited Zero-Day Vulnerabilities 2025-12-13 03:06 Zoom Bangla News Apple has released critical security updates for its devices. The iOS 26.2, iPadOS 26.2, and macOS 26.2 updates were issued to the public. They address over twenty security vulnerabilities. Two of these flaws were actively exploited in targeted attacks. …
Google and Apple roll out emergency security updates after zero-day attacks 2025-12-12 21:06 TechCrunch Apple and Google have released several software updates to protect against a hacking campaign targeting an unknown number of their users. On Wednesday, Google released patches for a handful of security bugs in its Chrome browser, noting that one of the …
Google issues critical Chrome update to patch zero-day vulnerability 2025-12-12 19:34 Tom's Guide Hey, Chrome users, remember eight days ago when you had to update your browser because of a high-severity security risk? Well, it’s time to do it again! Google has issued another update after a new vulnerability was found exploited in the wild. Chrome …
Google fixed a new actively exploited Chrome zero-day 2025-12-12 01:13 Security Affairs Google fixed a new actively exploited Chrome zero-day Google addressed three vulnerabilities in the Chrome browser, including a high-severity bug already exploited in the wild. Google released security updates to fix three vulnerabilities in the Chrome …
Critical Gogs zero-day under attack, 700 servers hacked 2025-12-12 01:13 Security Affairs Critical Gogs zero-day under attack, 700 servers hacked Hackers exploited an unpatched Gogs zero-day, allowing remote code execution and compromising around 700 Internet-facing servers. Gogs is a self-hosted Git service, similar to GitHub, GitLab, or …
Google releases emergency fix for yet another zero-day 2025-12-11 21:41 TechRadar Google patched a high‑severity Chrome zero‑day alongside two medium‑severity flaws Vulnerability likely tied to a LibANGLE buffer overflow enabling memory corruption and remote code execution This marks Chrome’s eighth zero‑day fix this year, underscoring …
Microsoft Patch Tuesday security updates for December 2025 fixed an actively exploited zero-day 2025-12-10 20:47 Security Affairs Microsoft Patch Tuesday security updates for December 2025 fixed an actively exploited zero-day Microsoft Patch Tuesday security updates for December 2025 address 57 vulnerabilities, including three critical flaws. Microsoft Patch Tuesday security updates …
Microsoft fixes critical Office zero-day security flaw. Update ASAP! 2025-12-10 17:17 PC World News Microsoft fixed over 50 security vulnerabilities with December's big Patch Tuesday. One of them is already being actively exploited in the wild. Summary created by Smart Answers AI In summary: PCWorld reports that Microsoft released critical …