Sign in Subscribe

Vulnerabilities & Exploits

Microsoft CLFS Zero-Day Under Active Exploitation — CVE-2025-29824

Microsoft CLFS Zero-Day Under Active Exploitation — CVE-2025-29824

A Windows kernel zero-day in the Common Log File System (CLFS) driver (CVE-2025-29824) has been exploited in the wild to escalate privileges and enable ransomware post-compromise activity. Microsoft patched the issue in April 2025 — apply updates and hunt for signs of post-exploit activity now.

WinRAR Zero-Day Exploited in Phishing Attacks (CVE-2025-8088)

WinRAR Zero-Day Exploited in Phishing Attacks (CVE-2025-8088)

A critical directory traversal zero-day in WinRAR (CVE-2025-8088) is now being weaponized via phishing emails to deploy RomCom malware silently. Immediate action is required to patch and monitor systems—usually the easiest way into an endpoint is a downloaded file, not a web exploit.

Microsoft Exchange Hybrid Privilege Escalation: CVE-2025-53786

Microsoft Exchange Hybrid Privilege Escalation: CVE-2025-53786

A critical elevation-of-privilege flaw in Exchange hybrid configurations (CVE-2025-53786) allows on-prem administrators to escalate into the cloud. With CISA mandating immediate action, organizations must apply Microsoft's guidance now to avoid domain-wide compromise.

Critical CVEs in Focus: What You Need to Patch Now

Critical CVEs in Focus: What You Need to Patch Now

This post highlights four high-severity CVEs—Trend Micro Apex One, Android GPU drivers, Apple WebKit, and Gigabyte firmware—and explains how to safeguard your systems now.

Gigabyte UEFI Firmware Flaws Open Door to Stealthy Bootkits (CVE-2025-7026 / 7027 / 7028 / 7029)

Gigabyte UEFI Firmware Flaws Open Door to Stealthy Bootkits (CVE-2025-7026 / 7027 / 7028 / 7029)

Four critical firmware vulnerabilities in Gigabyte motherboards can bypass Secure Boot and enable stealthy bootkits. Admin privileges alone—not OS-level access—could grant adversaries persistent control. Users must update BIOS immediately or consider hardware replacement for unsupported models.

Apple WebKit Zero-Day Under Active Exploitation (CVE-2025-6558)

Apple WebKit Zero-Day Under Active Exploitation (CVE-2025-6558)

A critical zero-day, CVE-2025-6558, is being exploited across both Chromium and WebKit engines. It allows sandbox escape through malformed HTML targeting GPU rendering components. Browser and OS updates are urgent and vital to maintain security posture.

Google Fixes Qualcomm GPU Exploits in August Android Update (CVE-2025-21479 & CVE-2025-27038)

Google Fixes Qualcomm GPU Exploits in August Android Update (CVE-2025-21479 & CVE-2025-27038)

Two Qualcomm GPU vulnerabilities have been patched in Android’s August 2025 update—bugs actively used in targeted attacks. Google users should update immediately to Patch Level 2025-08-05 or later. Discover what’s affected and how to stay safe.