Bleeping Computer

Apple patches older iPhones and iPads against Coruna exploits

Apple has released security updates to patch older iPhones and iPads against a set of vulnerabilities targeted in cyberespionage and crypto-theft attacks using the Coruna exploit kit. Some of these ...
TechSpot

Hackers are selling a critical Windows zero-day exploit for $220,000 on the dark web

The big picture: A cybercriminal is reportedly selling a Windows zero-day exploit on the dark web for $220,000. The vulnerability, which targets Windows Remote Desktop Services, could allow an ...
Ars Technica

Feds take notice of iOS vulnerabilities exploited under mysterious circumstances

The Cybersecurity and Infrastructure Security Agency has ordered federal agencies to patch three critical iOS vulnerabilities that were exploited over a 10-month span in hacking campaigns conducted by ...
Forbes

New ‘Powerful’ iOS Attack Warning Issued To Millions Of iPhone Users

An iOS warning has been issued by researchers after they discovered “a new and powerful” exploit kit targeting Apple iPhone models running iOS version 13 to 17.2.1. An iOS warning has been issued by ...
AppleInsider

Latest iOS 15 & iOS 16 updates target Coruna exploit affecting older devices

Apple has virtually eliminated the remaining addressable iPhones being targeted by the Coruna exploit being traded around the black market — that is, if you update your iPhone. An exploit potentially ...
9to5Mac

Apple confirms today’s iOS and iPadOS updates for older devices address the Coruna exploit

Apple has detailed the security content for iOS 16.7.15, iOS 15.8.7, iPadOS 16.7.15, and iPadOS 15.8.7, confirming that the updates address the Coruna vulnerability disclosed last week by Google and ...
Computer Weekly

Spyware suppliers exploit more zero-days than nation states

Suppliers of commercial spyware have edged ahead of nation-state threat actors when it comes to the exploitation of zero-day vulnerabilities at scale, according to data released by the Google Threat ...
CSOonline

Zero-day exploits hit enterprises faster and harder

Chinese state hackers and spyware vendors are fueling a rise in zero-day attacks, which increasingly target enterprise software and devices — security and networking products in particular. Google ...
Android

Google Reports 2025 Zero-Days Exploits Targeted the Very Tools Meant to Stop Them

Google’s Threat Intelligence Group tracked 90 zero-day vulnerabilities in 2025, and for the first time, nearly half of them targeted enterprise technology rather than consumer software. The findings ...
Forbes

Microsoft Confirms SQL Zero-Day Security Vulnerability—Here’s The Fix

This voice experience is generated by AI. Learn more. This voice experience is generated by AI. Learn more. The Microsoft Security Response Center has confirmed that a SQL Server elevation of ...
Infosecurity-magazine.com

Cloud Attackers Now Prefer Vulnerability Exploits Over Credentials, Google Cloud Finds

Google Cloud has warned that threat actors targeting cloud environments now favor campaigns which gain initial access by exploiting software vulnerabilities over credential-based attacks. Published on ...
Infosecurity-magazine.com

Threat Actor Exploits Flaws and Uses Elastic Cloud SIEM to Manage Stolen Data

A campaign exploiting multiple software vulnerabilities to steal system data and store it in a cloud-based security platform has been uncovered by cybersecurity researchers. Investigators found that a ...