Fortinet discloses second firewall auth bypass patched in January
Fortinet has disclosed a second authentication bypass vulnerability that was fixed as part of a January 2025 update for FortiOS and FortiProxy devices.
Apple fixes this year’s first actively exploited zero-day bug
Apple has released security updates to fix this year's first zero-day vulnerability, tagged as actively exploited in attacks targeting iPhone users.
Black Basta ransomware gang linked to Windows zero-day attacks
The Cardinal cybercrime group (Storm-1811, UNC4394), who are the main operators of the Black Basta ransomware, is suspected of exploiting a Windows privilege escalation vulnerability, CVE-2024-26169, before a fix was made available.
Qualcomm says hackers exploit 3 zero-days in its GPU, DSP drivers
Qualcomm is warning of three zero-day vulnerabilities in its GPU and Compute DSP drivers that hackers are actively exploiting in attacks.
Ivanti warns of new actively exploited MobileIron zero-day bug
US-based IT software company Ivanti warned customers today that a critical Sentry API authentication bypass vulnerability is being exploited in the wild.