Volexity 2d ago

RE: https://infosec.exchange/@jackrhysider/116523222332876813

The latest #DarknetDiaries (Ep. 174: Pacific Rim) offers a look at state-sponsored groups targeting perimeter infrastructure & edge devices. Thanks @jackrhysider for mentioning our work!

@volexity’s detection and response efforts combined network visibility, host-based analysis, #threatintelligence & #memoryforensics, enabling us to discover these complex #0days being exploited in the wild.

Read our blog post for the original research mentioned: https://www.volexity.com/blog/2022/06/15/driftingcloud-zero-day-sophos-firewall-exploitation-and-an-insidious-breach/

#cryptohagenMay 13

En security researcher offentliggjorde 2 Windows-zero-days få minutter efter, at Microsoft havde udgivet denne måneds Patch Tuesday

De to #0days omfatter en fejl, kaldet GreenPlasma, https://github.com/Nightmare-Eclipse/GreenPlasma og en fejl, der gør det muligt at omgå BitLocker, kaldet YellowKey https://github.com/Nightmare-Eclipse/YellowKey

Den samme security researcher, der går under nickname Nightmare Eclipse, offentliggjorde også zero-days-sårbarhederne BlueHammer og RedSun i sidste måned

GitHub - Nightmare-Eclipse/GreenPlasma: GreenPlasma Windows CTFMON Arbitrary Section Creation Elevation of Privileges Vulnerability

GreenPlasma Windows CTFMON Arbitrary Section Creation Elevation of Privileges Vulnerability - Nightmare-Eclipse/GreenPlasma

GitHub
BrianKrebsApr 14

ZOMG! It's freakin Patch Tuesday again. And Microsoft has patched a staggering 167 security holes (think more people are using AI to find bugs, maybe?)

tl;dr: There's something for everyone today, like an Adobe Reader 0day that's apparently been exploited since at least November 2025; a SharePoint zero-day; and a fix for BlueHammer -- a Windows Defender bug for which there is working exploit code that no longer works if you install today's Windows updates (as per @wdormann).

#patchtuesday, #microsoft #0days

https://krebsonsecurity.com/2026/04/patch-tuesday-april-2026-edition/

Teddy / Domingo (🇨🇵/🇬🇧)Mar 13
Le logiciel #espion utilisé par le renseignement russe avait bien été développé pour la #NSA. La semaine passée, on apprenait coup sur coup la condamnation de l’auteur d’un vol de #failles de #sécurité #0days  développées pour la NSA et ses partenaires. Puis (...)
https://next.ink/brief_article/le-logiciel-espion-utilise-par-le-renseignement-russe-avait-bien-ete-developpe-pour-la-nsa/
#spyware #zeroday
Le logiciel espion utilisé par le renseignement russe avait bien été développé pour la NSA - Next

raptorAug 4, 2025

Embedded device #hacking 101 💚

#Exploiting #0days in abandoned #hardware by @trailofbits

https://blog.trailofbits.com/2025/07/25/exploiting-zero-days-in-abandoned-hardware/

Exploiting zero days in abandoned hardware

We successfully exploited two discontinued network devices at DistrictCon’s inaugural Junkyard competition in February, winning runner-up for Most Innovative Exploitation Technique. Our exploit chains demonstrate why end-of-life hardware poses persistent security risks.

The Trail of Bits Blog
NeuroWinterJul 28, 2025
Spent the weekend decompiling and messing with a bunch of windows printer drivers. Was lot of fun and learnt a lot ! Found a few #0days and reported them to NCSC NZ formally known as CERT NZ. Hoping I hear back from them, and these get patched!
Rene RobichaudJul 28, 2025

UNC3886 Hackers Exploiting 0-Days in VMware vCenter/ESXi, Fortinet FortiOS, and Junos OS
https://cybersecuritynews.com/unc3886-hackers-exploiting-0-days/

#Infosec #Security #Cybersecurity #CeptBiro #UNC3886 #0Days #VMware #vCenter #ESXi #Fortinet #FortiOS #JunosOS

UNC3886 Hackers Exploiting 0-Days in VMware vCenter/ESXi, Fortinet FortiOS, and Junos OS

Singapore’s critical infrastructure is under siege from UNC3886, a sophisticated China-linked advanced persistent threat (APT) group. As of July 2025, the group has been actively targeting essential services like energy, water, telecommunications, and government systems, prompting urgent warnings from officials. This isn’t just another hack, it’s a calculated assault exploiting zero-day vulnerabilities in widely used […]

Cyber Security News
GOMOOT Jul 21, 2025

💡 Microsoft SharePoint sotto attacco: vulnerabilità zero-day e patch d’emergenza

https://gomoot.com/microsoft-sharepoint-sotto-attacco-vulnerabilita-zero-day-e-patch-demergenza

#0days #blog #bug #hacker #microsoft #news #picks #pwn2own #sharepoint #sicurezza #tech #tecnologia #toolshell

Installazioni SharePoint on-premise: vulnerabilità ToolShell

Patch d'emergenza Microsoft per SharePoint on-premise: vulnerabilità ToolShell consente accessi remoti, colpite agenzie governative, università e aziende.

Gomoot : tecnologia e lifestyle Scopri le ultime novità in fatto di hardware, tecnologia IA e altro
DawiscoJun 26, 2025

TL;DR - Zero days are becoming more difficult. China has a more nimble supply chain and a training system. The US relies on a more rigid acquisition chain.

#cybersecurity #offense #redteam #0days
https://www.atlanticcouncil.org/in-depth-research-reports/report/crash-exploit-and-burn/#analysis

Crash (exploit) and burn: Securing the offensive cyber supply chain to counter China in cyberspace 

If the United States wishes to compete in cyberspace, it must compete against China to secure its offensive cyber supply chain.

Atlantic Council
Bob CarverApr 29, 2025
https://techcrunch.com/2025/04/29/government-hackers-are-leading-the-use-of-attributed-zero-days-google-says/
#cybersecurity #0days #exploits #nationstates #Google
Government hackers are leading the use of attributed zero-days, Google says | TechCrunch

Governments like China and North Korea, along with spyware makers, used the most recorded zero-days in 2024.

TechCrunch