zero-day – Vulners Blog

More malware with new vulnerabilities in the wild in the monthly digest

Posted on May 3, 2021 by Dmitry Uchakin

In the last month, almost every week we wrote about new zero-day vulnerabilities, soon Apple and Chrome are updating almost every day + their vulnerabilities are exploited in the wild. We usually don't write so much about malware, but this month there is too much of it and it is closely related to critical vulnerabilities, … Continue reading More malware with new vulnerabilities in the wild in the monthly digest →

New pack of vulnerabilities in TCP/IP stack, malware evolution and consequences of the Pwn2Own

Posted on April 19, 2021April 19, 2021 by Dmitry Uchakin

In addition to the monthly update from Microsoft, a new set of critical vulnerabilities in the TCP/IP stack appeared this week. Also, some researchers are publishing exploits from Pwn2Own competitions. Not much bright news, but we've gathered the most significant and useful ones! Vulnerabilities: Microsoft monthly patch, pack of critical vulnerabilities in TCP/IP stack, regular … Continue reading New pack of vulnerabilities in TCP/IP stack, malware evolution and consequences of the Pwn2Own →

Zero-day: the main topic of this weekly digest

Posted on March 8, 2021March 8, 2021 by Dmitry Uchakin

This week is full of news about zero-day vulnerabilities, attacks using them. There were also hacks, talk about data breaches? When an emergency update comes out, you better apply it, because you might already be attacked. Vulnerabilities: Exploit for Spectre + Meltdown, your exchange has been hacked and install the latest updates for Chrome!;Tools: mostly … Continue reading Zero-day: the main topic of this weekly digest →

Apple weekly digest with mobile apps

Posted on February 22, 2021 by Dmitry Uchakin

This week, the first computer malware was discovered on the Apple M1, whose creators are quick to adapt. Mobile app developers take their time to update them for their products and zero-day often takes too long to fix. We collected all the main most interesting news of the week with Apple and quite a bit … Continue reading Apple weekly digest with mobile apps →

New robot from Vulners, strong vulnerabilities and new malicious activity.

Posted on February 8, 2021March 24, 2021 by Dmitry Uchakin

Google Chrome is updated every week with new vulnerabilities/malicious extensions/zero-day and other stuff, which is why it needs to be updated regularly, just like other important software. Also this week, a sequel to the SonicWall story came out. Google launched a cool new vulnerability service OSV, which the Vulners team immediately automated it - "Stay … Continue reading New robot from Vulners, strong vulnerabilities and new malicious activity. →

Several critical updates, evil malware and security research

Posted on February 1, 2021March 24, 2021 by Dmitry Uchakin

Collected the coolest news about Apple, Cisco, zero-day and some company hacked via vulnerability in their products (lol). There are not so many cool news, but we were able to collect the most interesting ones about Whatsup, another war with the Emotet malware, a new version of NAT slipstreaming. Next month we will tell you … Continue reading Several critical updates, evil malware and security research →

Lots of zero-day vulnerabilities, and how’s your start of the year?

Posted on January 18, 2021 by Dmitry Uchakin

There is one or more zero-day in each vulnerability section. Intel takes care of the threat from ransomware, the attacker gained access to Microsoft accounts, and, as usual, a little bit about the most interesting new malware with the highest impact. Vulnerabilities: Mostly zero-days;Tools: Outlook research + new tool, OSINT, web testing and defense evasion;News: … Continue reading Lots of zero-day vulnerabilities, and how’s your start of the year? →

Available Microsoft 0-day , new SolarWinds vulnerability and others

Posted on December 28, 2020 by Dmitry Uchakin

Microsoft is surprised that they do not fix vulnerability zero with the existing PoC and there has been an exploit for the previous version of the bug for a long time. It is useless to post information about the SolarWinds hack, because there are too many of them and new facts (vulnerabilities) keep appearing. In … Continue reading Available Microsoft 0-day , new SolarWinds vulnerability and others →

Zero-Day Vulnerability Month, new Vulners events and malware

Posted on November 16, 2020November 16, 2020 by Dmitry Uchakin

There are many zero-day vulnerabilities this month that were only recently patched. Most helpful tools and news. We also decided to add a section on what's new for Vulners this month. Vulners events: Our strongest vulnerability database, which is convenient to work with, is regularly updated and gets better;Vulnerabilities: Google is updating its zero-days non-stop, … Continue reading Zero-Day Vulnerability Month, new Vulners events and malware →

Digest with vulnerabilities, emergency updates and attack subjects

Posted on November 9, 2020December 15, 2020 by Dmitry Uchakin

Zero-day vulnerabilities are not diminishing, and those that are already actively used in attacking actions. Quick release update - great! A lot of updates is not great! Vulnerabilities: Apple critical update, zero-day from Google, FireEye reports and etc;Tools: Promising tools that surprise with their growth;News: Twitter bot, some attacks and hacker cup;Research: Useful staff for … Continue reading Digest with vulnerabilities, emergency updates and attack subjects →