Trend Zero Day Initiative

@thezdi@infosec.exchange
2K Followers
7 Following
1,021 Posts
Trend Zero Day Initiative™ (ZDI) is a program designed to reward security researchers for responsibly disclosing vulnerabilities.
Websitehttps://www.zerodayinitiative.com/
Researchhttps://www.zerodayinitiative.com/blog
Pwn2Ownhttps://www.youtube.com/c/ZeroDayInitiative
Trend Zero Day Initiative1d ago
#Adobe has (finally!) released their updates for July. 13 bulletins addressing 60 CVEs in various products. Nothing is listed as under active attack. The patch blog has bee updated with all the details. https://www.zerodayinitiative.com/blog/2025/7/8/the-july-2025-security-update-review
Zero Day Initiative — The July 2025 Security Update Review

It’s the second Tuesday of the month, and as expected, Adobe and Microsoft have released their latest security patches. Take a break from your scheduled activities and join us as we review the details of their latest security alerts. If you’d rather watch the full video recap covering the entire rel

Zero Day Initiative
Trend Zero Day Initiative1d ago
It may be a little late (looking at you @adobesecurity) but the Patch Report for July is now available. Join @TheDustinChilds as he breaks down the Microsoft release and contemplates where Adobe patches may have gone. https://youtu.be/BhkZ9llB5d0
The Patch Report for July 2025

YouTube
Trend Zero Day Initiative1d ago
The #Adobe patches may be late, but 130 new CVEs from #Microsoft, there's still plenty to talk about. Join @TheDustinChilds as he covers the release and point out why it's a bad month to be a SQL Server admin. https://www.zerodayinitiative.com/blog/2025/7/8/the-july-2025-security-update-review
Zero Day Initiative — The July 2025 Security Update Review

It’s the second Tuesday of the month, and as expected, Adobe and Microsoft have released their latest security patches. Take a break from your scheduled activities and join us as we review the details of their latest security alerts. If you’d rather watch the full video recap covering the entire rel

Zero Day Initiative
Trend Zero Day InitiativeJun 20
Extracting Embedded MultiMediaCard (eMMC) contents in-system. ZDI researcher @infosecdj details how to interact with an eMMC chip and notes some pitfalls you may encounter on the way. https://www.zerodayinitiative.com/blog/2025/6/18/extracting-embedded-multimediacard-emmc-contents-in-system
Zero Day Initiative — Extracting Embedded MultiMediaCard (eMMC) contents in-system

Every complex modern device needs non-volatile storage to keep program and configuration data while unpowered. There are several competing options on the market available to today’s systems designers: serial Flash, raw NAND chips, (micro)SD, and Embedded MultiMediaCard (eMMC). eMMC is the topic of t

Zero Day Initiative
Trend Zero Day InitiativeJun 10
No time to read the blog? Just want the highlights of what to prioritize (and what to look out for)? Check out the Patch Report for the June Patch Tuesday release. @TheDustinChilds provides all the details, including a silent patch from last month. https://youtu.be/5RJqjm6VpQg
The Patch Report for June 2025

YouTube
Trend Zero Day InitiativeJun 10
It's a mild release from #Microsoft and a record-breaking release from #Adobe. There's a single 0-day to deal with in WEBDAV and, as always, a few deployment challenges. @TheDustinChilds provides all the details at
https://www.zerodayinitiative.com/blog/2025/6/10/the-june-2025-security-update-review
Zero Day Initiative — The June 2025 Security Update Review

It’s the second Tuesday of the month, and while many places in the Northern Hemisphere are scorching, Microsoft and Adobe have released their latest security offering in hopes of cooling things down. Grab an iced beverage and take a break from your scheduled activities and join us as we review the d

Zero Day Initiative
Trend Zero Day InitiativeMay 28
Demonstrating CVE-2025-4919: Now that it's patched, we can show you how Manfred Paul used this code execution bug in the renderer of #Mozilla Firefox to win $50,000. https://youtu.be/TG029NAGKs0 #Pwn2Own #P2OBerlin
From Pwn2Own Berlin: A Code Execution Bug in Firefox

YouTube
Trend Zero Day InitiativeMay 22
In another video highlight from day three of #Pwn2Own Berlin, Dung and Nguyen of STARLabs take on Oracle VirtualBox - and they add on a Windows kernel LPE to completely take over the system. https://youtube.com/shorts/vLZLAVjCaIY
Before you continue to YouTube

Trend Zero Day InitiativeMay 22
In another video highlight from day three of #Pwn2Own Berlin, Nir Ohfeld & Shir Tamari of Wiz Research target NVIDIA Container Toolkit. They also talk about how long they researched the bug they used. https://youtube.com/shorts/iapJlDWMP18
Before you continue to YouTube

Trend Zero Day InitiativeMay 22
In a video highlight from day three of #Pwn2Own Berlin, Manfred Paul takes on Mozilla Firefox (and his own nerves). https://youtube.com/shorts/Xe9ROvpsqwU
Before you continue to YouTube