🪲 New blog from me, Clem, and Kristen on the Zimbra in-the-wild 0-day, CVE-2023-37580, discovered by TAG in the summer. We discovered 4 different campaigns using the bug against organizations in Greece, Moldova, Tunisia, Vietnam, and Pakistan.

https://blog.google/threat-analysis-group/zimbra-0-day-used-to-target-international-government-organizations/

🔮NEW RCA!! A few hours after it was patched, TAG found an ITW exploit sample for CVE-2023-36802. @benoitsevens analyzed it in detail ✨

https://googleprojectzero.github.io/0days-in-the-wild//0day-RCAs/2023/CVE-2023-36802.html

North Korean actors 🇰🇵​ are targeting security researchers again including the use of at least one 0-day. IOCs in blog ⬇️​ If you've been in contact, please reach out

https://blog.google/threat-analysis-group/active-north-korean-campaign-targeting-security-researchers/

Google's 2022 Year in Review of in-the-wild 0-days is out! 4 key takeaways:
🤖 N-days function like 0-days on Android
⚡️ 0-clicks and new browser mitigations drive down browser 0-days
👯 Over 40% of itw 0-days are variants
💥 Bug collisions are high

#itw0days

https://security.googleblog.com/2023/07/the-ups-and-downs-of-0-days-year-in.html

🎯 New RCA up for CVE-2022-4135, a Chrome itw 0-day that was patched in November!! The bug was discovered by Clement and the RCA authored by Sergei. #itw0days

https://googleprojectzero.github.io/0days-in-the-wild//0day-RCAs/2022/CVE-2022-4135.html

👀 New RCA up for CVE-2022-41033, a type confusion in Windows COM+ Event System Service by @tiraniddo !
#itw0days

https://googleprojectzero.github.io/0days-in-the-wild//0day-RCAs/2022/CVE-2022-41033.html

First in-the-wild 0-day of 2023 🔥

CVE-2023-21674: Windows ALPC elevation of privilege discovered by Avast

https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2023-21674

All 2023 itw 0-days will be tracked here: https://docs.google.com/spreadsheets/d/1lkNJ0uQwbeC1ZTRrxdtuPLCIl7mlUreoKfSIgajnSyY/edit#gid=1746868651

#itw0days