0-day

A zero-day vulnerability is a computer-software vulnerability that is unknown to, or unaddressed by, those who should be interested in mitigating the vulnerability. Until the vulnerability is mitigated, hackers can exploit it to adversely affect computer programs, data, additional computers or a network.

CVE-2018-15982 exploit attacks

In late November 2018, a targeted attack against a medical institution in Russia exploited CVE-2018-15982, a zero-day remote code execution vulnerability in Adobe Flash Player. Adobe…

Read more

Windows 7 zero-day for CVE-2019-0808

Researchers from Google's Threat Analysis Group notified Microsoft that they discovered evidence of a zero-day exploit active in the wild since late February 2019. The…

Read more

BARIUM targets gaming supply chains

Enterprise security personnel often assume that legitimate software products are inherently trustworthy. If an attacker takes over a legitimate app or service, they gain a…

Read more

ShadowHammer supply chain attack

The software supply chain continues to be a popular channel for launching attacks. Publicly available reports indicate that attackers have reached a large number of devices through…

Read more

WinRAR CVE-2018-20250 exploit

On February 20, 2019, researchers from Check Point Software Technologies revealed a flaw in WinRAR, a popular third-party compression app. The flaw (CVE-2018-20250) had existed…

Read more

May 2019 0-day disclosures

Starting Tuesday, May 21, a security researcher publicly disclosed multiple elevation-of-privilege vulnerabilities by posting proof-of-concept code on GitHub. Successful exploitation of these vulnerabilities requires an…

Read more