tldrdailynews.com logo
Tag

Zeroday

All articles tagged with #zeroday

New Windows Zero-Days Target WinRE BitLocker Bypass and SYSTEM Privilege Escalation
security13 days ago

New Windows Zero-Days Target WinRE BitLocker Bypass and SYSTEM Privilege Escalation

Researchers Chaotic Eclipse and Nightmare-Eclipse disclosed two Windows zero-days: YellowKey, a BitLocker bypass in Windows Recovery Environment via specially crafted FsTx files on USB or the EFI partition, and GreenPlasma, a privilege-escalation flaw tied to Windows CTFMON that could let an unprivileged user create arbitrary memory sections and potentially control privileged services. A separate BitLocker downgrade chain described by Intrinsec (CVE-2025-48804) could defeat encryption on fully patched systems with physical access by boot-image tampering. Mitigations include enabling BitLocker startup PIN, migrating the boot manager to CA 2023 certificates, and revoking PCA 2011 certificates as older certificates are retired; Microsoft notes coordinated vulnerability disclosure and upcoming Patch Tuesday updates in June 2026.

via The Hacker News|
#bitlocker#privilege-escalation#security
AI-Designed Zero-Day Bypasses 2FA in Mass Exploitation Campaign
cybersecurity15 days ago

AI-Designed Zero-Day Bypasses 2FA in Mass Exploitation Campaign

Google Threat Intelligence Group revealed a zero-day exploit—likely AI-assisted—that enables bypassing 2FA on a popular open-source admin tool and was used in a mass exploitation campaign; the Python-based exploit shows patterns typical of LLM-generated code, and Google coordinated with the vendor to patch the flaw and disrupt the operation, while the report also highlights broader AI-enabled threats including autonomous malware and AI-assisted misuse of Gemini.

via The Hacker News|
#ai#cybersecurity#malware
Microsoft Rolls Out Record Patch Tuesday: 169 Fixes Including SharePoint Zero-Day Exploited in the Wild
cybersecurity1 month ago

Microsoft Rolls Out Record Patch Tuesday: 169 Fixes Including SharePoint Zero-Day Exploited in the Wild

Microsoft released a record Patch Tuesday with 169 fixes across its products, highlighted by a SharePoint Server zero-day (CVE-2026-32201) that is actively exploited in the wild. The bundle also patches a Defender privilege-escalation flaw (CVE-2026-33825) tied to BlueHammer and a high-risk IKEv2 remote-code-execution issue (CVE-2026-33824) rated 9.8, along with extensive Edge updates and other critical/important vulnerabilities. Some of the flaws are listed in the CISA KEV catalog, triggering remediation deadlines for government agencies (by April 28, 2026).

via The Hacker News|
#cybersecurity#defender#ikev2
"New Malware Bypasses Password Changes by Exploiting Google OAuth to Hijack Accounts"
cybersecurity2 years ago

"New Malware Bypasses Password Changes by Exploiting Google OAuth to Hijack Accounts"

CloudSEK researchers have reverse-engineered a zero-day exploit that leverages an undocumented Google OAuth endpoint, 'MultiLogin,' to regenerate persistent Google cookies even after password resets. Initially discovered by a developer named PRISMA, the exploit has been used by various malware, including Lumma Infostealer and White Snake, to maintain access to Google services. The exploit manipulates token:GAIA ID pairs extracted from Chrome's token_service table, allowing attackers to persistently exploit user accounts. Google has not yet confirmed the exploitation of this vulnerability.

via Security Affairs|
##cloudsek#cybersecurity
"Revealed: Advanced Zero-Day Exploits and Hidden Hardware Features in Global iPhone Hacking Campaign"
technology-cybersecurity2 years ago

"Revealed: Advanced Zero-Day Exploits and Hidden Hardware Features in Global iPhone Hacking Campaign"

Russian cybersecurity experts have uncovered one of the most sophisticated hacking campaigns, believed to be orchestrated by U.S. intelligence agencies. This campaign utilized a series of 12 steps and four zero-day vulnerabilities to execute a zero-click hack on iPhones, enabling espionage activities against targets in several countries, including Russia, China, Syria, Israel, and NATO members. The revelation was made at a hacker conference and has raised significant concerns about the extent of U.S. cyber surveillance capabilities.

via Haaretz|
##cyberespionage#internationalspying
"Operation Triangulation: The Most Advanced iPhone Hack Exploiting Hidden Hardware Vulnerabilities"
national-security-and-cybersecurity2 years ago

"Operation Triangulation: The Most Advanced iPhone Hack Exploiting Hidden Hardware Vulnerabilities"

At a hacker conference, Russian cybersecurity experts disclosed an intricate iPhone hack, believed to be orchestrated by U.S. intelligence agencies, to conduct espionage on high-profile targets across Russia, China, Syria, Israel, and NATO countries. This sophisticated cyber operation involved 12 steps and utilized four zero-day vulnerabilities, allowing for a zero-click intrusion into devices. The revelation comes amid heightened scrutiny over cybersecurity practices and international espionage, with India's Prime Minister Narendra Modi criticizing Apple for exposing new targets of the infamous Pegasus spyware.

via Haaretz|
##cyberespionage#iphonehack