SecurityWeek

Exploit for VMware Zero-Day Flaws Likely Built a Year Before Public Disclosure

Analysis of a recent attack targeting VMware ESXi vulnerabilities from March 2025 revealed an exploit developed a year before ...

VMware ESXi zero-days likely exploited a year before disclosure

Chinese-speaking threat actors used a compromised SonicWall VPN appliance to deliver a VMware ESXi exploit toolkit that seems to have been developed more than a year before the targeted ...
The Hacker News

China-Linked Hackers Exploit VMware ESXi Zero-Days to Escape Virtual Machines

Researchers found Chinese-linked attackers abused SonicWall VPN access and VMware ESXi zero-day flaws to escape VMs and gain ...
Dark Reading

Attackers Exploit Zero-Day in End-of-Life D-Link Routers

"The affected endpoint is also associated with unauthenticated DNS modification ("DNSChanger") behavior documented by D-Link, ...
SDxCentral

Google reports jump in zero-day exploits aimed at enterprises, offers 6 tips to stay safe

Google’s Threat Analysis Group (TAG) and Mandiant teams observed 97 zero-day vulnerabilities exploited in the wild last year, a staggering 56% increase over 2022's 62 zero-day exploits, but shy of ...
SecurityWeek

Hackers Exploit Zero-Day in Discontinued D-Link Devices

Threat actors are exploiting CVE-2026-0625, a critical zero-day vulnerability in discontinued D-Link devices for remote code ...
CSOonline

Enterprise-specific zero-day exploits on the rise, Google warns

Vulnerabilities in enterprise network and security appliances accounted for nearly half of the zero-day flaws exploited by attackers last year, according to Google’s Threat Intelligence Group.
HotHardware

CrushFTP Zero-Day Exploit Leaves Thousands Of Servers Vulnerable To Hijacking

CrushFTP, a service that provides users with secure file server software, has recently been targeted by hackers. Unfortunately, it seems as if some customers have been compromised, with thousands of ...
HHS

Russian Hackers Exploit WinRAR Zero-Day

A Russian speaking hacking group is exploiting a zero-day flaw in WinRAR, a sign of the group's growing sophistication and evolution from a cybercrime outfit into a cyberespionage operation.
Infosecurity-magazine.com

BYOVD Attacks Exploit Zero-Day in Paragon Partition Manager

Ransomware actors have been observed exploiting a zero-day Bring Your Own Vulnerable Driver (BYOVD) flaw in Paragon Partition Manager. The CERT Coordination Center (CERT/CC) issued a security update ...
Dark Reading

Ivanti Zero-Day Exploits Skyrocket Worldwide; No Patches Yet

Thousands of Ivanti VPN instances have been compromised across the globe in the last five days thanks to two serious, as yet unpatched zero-day vulnerabilities disclosed last week. Ivanti Connect ...
PC World

Update Chrome now! Your PC is at risk from this zero-day exploit

Another major flaw has been found in Chrome—and it’s already being exploited in the wild. First discovered by Google’s Threat Analysis Group on May 27th, this zero-day vulnerability allows attackers ...