Zero-Day
Details about zero-day vulnerabilities and exploits.
-
Fortinet FortiWeb Zero-Day Actively Exploited
A severe security vulnerability in Fortinet’s FortiWeb web application firewall is actively exploited, allowing attackers to bypass authentication. This zero-day flaw impacts FortiWeb versions 8.0.1 and earlier. Update to 8.0.2 or later to protect against this vulnerability.
-
Unnamed APT Exploits Zero-Days in Citrix and Cisco, Targeting Critical Infrastructure
An unnamed advanced persistent threat (APT) group exploited zero-day vulnerabilities in Citrix NetScaler ADC and Gateway, dubbed “CitrixBleed 2,” and a critical flaw in Cisco Identity Service Engine (ISE). The attacks targeted essential identity and network access control infrastructure.
-
Microsoft Patches Actively Exploited Windows Kernel Zero-Day in November Update
Microsoft has addressed an actively exploited Windows Kernel zero-day vulnerability (CVE-2025-62215) in its November security updates, urging users to apply patches immediately to mitigate exploitation risks.