Follow Cyber Kendra on Google News! | WhatsApp | Telegram

Add as a preferred source on Google
ZeroDay Bug
Hackers Are Actively Exploiting Critical Microsoft Office Flaw—Patch Now or Risk Takeover

Hackers Are Actively Exploiting Critical Microsoft Office Flaw—Patch Now or Risk Takeover

Microsoft has scrambled to release an out-of-band security patch for a high-severity zero-day vulnerability in Office that attackers are actively wea…
Cloudflare's Certificate Path Let Attackers Sidestep Web Application Firewalls for Months

Cloudflare's Certificate Path Let Attackers Sidestep Web Application Firewalls for Months

A seemingly innocuous certificate validation path became a hidden gateway past Cloudflare's Web Application Firewall (WAF), security researchers …
New VMware Zero-Day Exploited Chinese Hackers

New VMware Zero-Day Exploited Chinese Hackers

A critical privilege escalation vulnerability in VMware products was exploited in the wild for nearly a year before being patched, security researche…
Hackers Exploit Cisco Firewall Zero-Days, CISA Issues Emergency Directive

Hackers Exploit Cisco Firewall Zero-Days, CISA Issues Emergency Directive

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued Emergency Directive, ordering federal agencies to immediately identify an…
Cisco Patches Critical IOS Zero-Day Under Active Attack—Millions of Network Devices at Risk

Cisco Patches Critical IOS Zero-Day Under Active Attack—Millions of Network Devices at Risk

Cisco has released emergency security patches for a critical zero-day vulnerability in its IOS and IOS XE software that attackers are actively exploi…
8-Year-Old Sample Key Exposes Thousands of Sitecore Websites to Hackers

8-Year-Old Sample Key Exposes Thousands of Sitecore Websites to Hackers

Cybersecurity researchers at Google's Mandiant have uncovered an active exploitation campaign targeting Sitecore deployments using a sample encry…
WhatsApp Patches Actively Exploited 0day Flaw

WhatsApp Patches Actively Exploited 0day Flaw

WhatsApp has rushed to patch a critical zero-day vulnerability that was actively exploited in targeted cyberattacks against journalists, activists, a…
Stealth Falcon Exploits Zero-Day CVE-2025-33053 Against Middle East Defense Targets

Stealth Falcon Exploits Zero-Day CVE-2025-33053 Against Middle East Defense Targets

Check Point Research has uncovered a sophisticated cyber espionage campaign orchestrated by the Stealth Falcon APT group, which exploited a previousl…
Critical SAP Zero-Day Vulnerability Under Active Exploitation

Critical SAP Zero-Day Vulnerability Under Active Exploitation

A critical zero-day vulnerability in SAP NetWeaver systems (CVE-2025-31324) is currently being actively exploited by threat actors, according to secu…
BLASTPASS Explained: How NSO’s WebP Zero-Day Exploit Hacked iPhones Silently

BLASTPASS Explained: How NSO’s WebP Zero-Day Exploit Hacked iPhones Silently

In September 2023, Apple rushed to patch a critical vulnerability after researchers uncovered an alarming zero-click exploit chain attributed to…
Kaspersky Uncovers New Chrome 0-Day Actively Exploited

Kaspersky Uncovers New Chrome 0-Day Actively Exploited

In the latest discovery, Kaspersky Lab exposed a highly sophisticated cyber attack, dubbed “ Operation ForumTroll ,” that leverages a critical zero-d…
Zero-Day Flaw in Parallels Desktop Allows Root Privilege Escalation

Zero-Day Flaw in Parallels Desktop Allows Root Privilege Escalation

Security researchers have dropped a significant zero-day vulnerability in Parallels Desktop that could allow attackers to gain root privileges on mac…
Apple Fix Actively Exploited Zero-Day in iPhone and iPad

Apple Fix Actively Exploited Zero-Day in iPhone and iPad

Apple has released iOS 18.3 and iPadOS 18.3, introducing significant security improvements with patches for more than 20 vulnerabilities across vari…
Ivanti Discloses Three New Zero-Day Vulnerabilities in Cloud Service Appliance

Ivanti Discloses Three New Zero-Day Vulnerabilities in Cloud Service Appliance

In a recent security advisory, Ivanti has revealed that three new zero-day vulnerabilities in its Cloud Service Appliance (CSA) have been actively ex…
Google Warns of Surging Zero-Day Attacks on Enterprise Tech

Google Warns of Surging Zero-Day Attacks on Enterprise Tech

In its annual look at in-the-wild zero-day exploitation, Google has highlighted a concerning trend - hackers are increasingly setting their sights on…
Google Exposes Dangerous Commercial Spyware Industry Enabling Government Surveillance

Google Exposes Dangerous Commercial Spyware Industry Enabling Government Surveillance

A new bombshell report from Google provides an unprecedented look into the shadowy industry of commercial surveillance vendors - companies that devel…
Two New Zero-Day Flaws Disclosed in Ivanti Products, One Under Active Exploitation

Two New Zero-Day Flaws Disclosed in Ivanti Products, One Under Active Exploitation

Ivanti, a leading provider of cybersecurity software, has disclosed two new high-severity vulnerabilities affecting its Connect Secure and Policy Sec…
Critical Ivanti Zero-Day Vulnerabilities Under Active Exploitation

Critical Ivanti Zero-Day Vulnerabilities Under Active Exploitation

In a recent disclosure by Ivanti, a leading IT service management solutions provider, two zero-day vulnerabilities in their products have been active…
Operation Triangulation: New Details on iOS Zero-Click Exploits

Operation Triangulation: New Details on iOS Zero-Click Exploits

Researchers from Kaspersky have published new technical details on Operation Triangulation , an extremely sophisticated iOS spyware attack uncovered …
Zimbra 0-day Exploited by Multiple Threat Groups to Target Government Organizations

Zimbra 0-day Exploited by Multiple Threat Groups to Target Government Organizations

Email servers are a prime target for hackers, as compromising them provides access to sensitive corporate communications and customer data. A recentl…