DarkSword exploit targets iOS 18.4–18.7 using 6 flaws and 3 zero-days, enabling rapid data theft from iPhones across multiple ...

Google has rushed out a Chrome 146 security update that patches two zero-day vulnerabilities exploited in the wild.

CrushFTP, a service that provides users with secure file server software, has recently been targeted by hackers. Unfortunately, it seems as if some customers have been compromised, with thousands of ...

Google Threat Analysis has uncovered a zero-day vulnerability that impacts Chrome, and Google is aware that it has been exploited in the wild. Google has now patched this vulnerability, and Chrome ...

Interlock ransomware is actively exploiting CVE-2026-20131 (CVSS 10.0) in Cisco FMC, enabling unauthenticated remote code ...

Russia-linked attackers found and exploited a high-severity WinRAR vulnerability before the maintainers of the Windows file archiver issued a fix.… The bug, tracked as CVE-2025-8088, is a ...

Oracle has silently fixed an Oracle E-Business Suite vulnerability (CVE-2025-61884) that was actively exploited to breach servers, with a proof-of-concept exploit publicly leaked by the ShinyHunters ...

This new Windows zero-day has no official fix. Oh boy, it’s raining zero days for Windows users right now. Just two weeks on from Microsoft confirming no less than six zero-day attacks impacting users ...

Attackers are actively exploiting a zero-day vulnerability in multiple discontinued D-Link DSL gateway devices to execute arbitrary shell commands on affected products. Most of the gateways under ...

The Wiretap is your weekly digest of cybersecurity, internet privacy and surveillance news. To get it in your inbox, subscribe here. Carmakal didn’t offer much details on which Chinese hackers were ...

Amnesty International on Friday said it determined that a zero-day exploit sold by controversial exploit vendor Cellebrite was used to compromise the phone of a Serbian student who had been critical ...