Zero-Day

Details about zero-day vulnerabilities and exploits.

Fortinet FortiWeb Zero-Day Actively Exploited

Nov 17, 2025

—

by

Peter Chofield

in Cyber News & Updates

A severe security vulnerability in Fortinet’s FortiWeb web application firewall is actively exploited, allowing attackers to bypass authentication. This zero-day flaw impacts FortiWeb versions 8.0.1 and earlier. Update to 8.0.2 or later to protect against this vulnerability.
Unnamed APT Exploits Zero-Days in Citrix and Cisco, Targeting Critical Infrastructure

Nov 13, 2025

—

by

Elles De Yeager

in Cyber News & Updates

An unnamed advanced persistent threat (APT) group exploited zero-day vulnerabilities in Citrix NetScaler ADC and Gateway, dubbed “CitrixBleed 2,” and a critical flaw in Cisco Identity Service Engine (ISE). The attacks targeted essential identity and network access control infrastructure.
Microsoft Patches Actively Exploited Windows Kernel Zero-Day in November Update

Nov 12, 2025

—

by

Elles De Yeager

in Cyber News & Updates

Microsoft has addressed an actively exploited Windows Kernel zero-day vulnerability (CVE-2025-62215) in its November security updates, urging users to apply patches immediately to mitigate exploitation risks.