Tag: zero-day
Cybersecurity Threat Advisory: Cisco AsyncOS zero-day vulnerability
Cisco has disclosed a zero‑day vulnerability in AsyncOS that is actively being exploited, with a CVSS of 10.0. The Cybersecurity and Infrastructure Security Agency (CISA) added the CVE to its KEV catalog. Review this Cybersecurity Threat Advisory to reduce exposure...
Cybersecurity Threat Advisory: Gogs zero-day vulnerability
A high-severity, unpatched vulnerability in the Gogs self-hosted Git service is being tracked as CVE-2025-8110. With a CVSS score of 8.7, it is under active exploitation, with more than 700 compromised instances exposed on the internet. Review this Cybersecurity Threat...
Cybersecurity Threat Advisory: Citrix patches NetScaler flaws
Citrix has issued patches for three zero-day vulnerabilities affecting NetScaler ADC and Gateway, including one that attackers have already begun exploiting. Review the details in this Cybersecurity Threat Advisory to reduce your risk from these threats. What is the threat?...
Cybersecurity Threat Advisory: WinRAR zero-day exploited
A critical path traversal zero-day vulnerability — tracked as CVE‑2025‑8088 — has been identified in WinRAR and related components (Windows RAR, UnRAR.dll, and the portable UnRAR source code), and is currently being actively exploited. Review the details in this Cybersecurity...
Cybersecurity Threat Advisory: Microsoft SharePoint zero-day vulnerability
Attackers are actively exploiting CVE-2025-53770, a critical zero-day vulnerability in Microsoft SharePoint, to execute remote code without authentication. This flaw allows attackers to deploy persistent malware and potentially exfiltrate sensitive data from unpatched on-premises environments. Review the full details in...
Cybersecurity Threat Advisory: Zero-day Chrome vulnerability
Google has patched a high-severity zero-day vulnerability, tracked as CVE-2025-6554 with a CVSS score of 8.1, in Chrome’s V8 engine that allows attackers to execute arbitrary code via a crafted HTML page. Review the details of this Cybersecurity Threat Advisory...
Cybersecurity Threat Advisory: Severe WebDAV vulnerability
Microsoft has disclosed a serious zero-day vulnerability in the Web Distributed Authoring and Versioning (WebDAV) protocol, identified as CVE-2025-33053, with a CVSS score of 8.8. Actively exploited by the Stealth Falcon APT group, this vulnerability enables remote code execution (RCE)...
Cybersecurity Threat Advisory: Google Chrome zero-day vulnerability
Google has issued a security update for Chrome desktop to address CVE-2025-5419, which has a CVSS score of 8.8. It is a critical zero-day flaw in the V8 JavaScript engine that is actively exploited by attackers. Continue to read this...
Cybersecurity Threat Advisory: Critical zero-day vulnerability in Fortinet
A critical zero-day vulnerability affecting several Fortinet products, most notably FortiVoice enterprise phone systems, has recently been patched. Attackers are actively exploiting CVE-2025-32756 in the wild. Read the details of this Cybersecurity Threat Advisory to learn how to keep your...
Cybersecurity Threat Advisory: Craft CMS exploited
Threat actors have been actively exploiting two Craft CMS vulnerabilities, CVE-2025-32432 and CVE-2024-58136, to breach web servers and gain unauthorized access. Review the details in this Cybersecurity Threat Advisory to safeguard your devices. What is the threat? Threat actors are...
