The WordPress security team revealed yesterday they've secretly fixed a zero-day vulnerability in the WordPress CMS, which wasn't initially included in the official announcement.
Zimperium, the mobile security company that discovered the Stagefright bug in the summer of 2015, announced yesterday its intention to buy fully-working exploits for former Android and iOS zero-days.
Two security researchers published details this week about several security flaws that allow attackers to execute code on affected machines and take over devices. These security flaws affect Linux distros such as Fedora and Ubuntu, and two of these exploits are zero-days, meaning
Hundreds of thousands of IP cameras from several vendors are affected by two zero-day vulnerabilities that allow an attacker to hijack the device, use it as a pivot point for other attacks, or spy on the camera's owner.
Mozilla engineers are working on a patch to fix a zero-day exploit that's currently being used to deanonymize Tor Browser users.
Financial and government institutions in Asia and Africa have been the victims of targeted cyber-attacks that have leveraged a zero-day in the InPage Word processor in attempts to install keyloggers and backdoor trojans on targeted computers.
A combination of poor design choices and insecure software exposes Chrome users on Fedora desktop to drive-by downloads, security researcher Chris Evans has revealed.
Today is the November 2016 Patch Tuesday and we have 14 security updates being released by Microsoft. Of these 14 updates, 6 of them are rated as Critical as they allow remote code execution on the affected computer. Of particular note is the MS16-135 update, which fixes the zero-day Windows vulnerability reported by Google last week
A new zero-day vulnerability was discovered for the Grub bootloader that allows attackers to bypass Grub password authentication. A security notice released by researchers Hector Marco & Ismael Ripoll states that Grub versions 1.98 (December, 2009) through 2.02 (December, 2015) are affected by this bug.