zero-day
Safeguard articles tagged "zero-day" — guides, analysis, and best practices for software supply chain and application security.
80 articles
Palo Alto PAN-OS Zero-Day CVE-2024-3400: Command Injection in GlobalProtect
A critical command injection vulnerability in Palo Alto Networks PAN-OS GlobalProtect feature was exploited as a zero-day, giving attackers root access to firewalls protecting enterprise networks.
Ivanti Connect Secure Zero-Day: CVE-2024-21887 and CVE-2023-46805 Exploited in the Wild
Two chained zero-days in Ivanti Connect Secure VPN appliances gave attackers unauthenticated remote code execution. Here's what happened and why perimeter devices remain a favorite target.
A History of Browser Sandbox Escapes and What They Teach Us
Browser sandboxes are the last line of defense against web-based attacks. When they fail, everything is exposed. Here is what the major escapes reveal.
Cisco IOS XE CVE-2023-20198: Tens of Thousands of Devices Implanted
A critical zero-day in Cisco IOS XE's web UI allowed unauthenticated attackers to create admin accounts and deploy implants on over 40,000 devices worldwide.
Cisco IOS XE CVE-2023-20198: The Zero-Day That Compromised Tens of Thousands of Network Devices
CVE-2023-20198 in Cisco IOS XE allowed unauthenticated attackers to create admin accounts on network devices. Over 40,000 devices were compromised before Cisco shipped a fix.
WinRAR Zero-Day CVE-2023-38831: Weaponized Archives in the Wild
A WinRAR vulnerability exploited since April 2023 allowed attackers to execute arbitrary code when users opened seemingly harmless files inside ZIP archives.
Ivanti EPMM Zero-Day CVE-2023-35078: Norwegian Government Breach
A critical authentication bypass in Ivanti's Endpoint Manager Mobile was exploited to breach Norwegian government agencies, earning a perfect CVSS 10.0 score.
Citrix NetScaler Zero-Day CVE-2023-3519: Mass Exploitation in the Wild
CVE-2023-3519 allowed unauthenticated remote code execution on Citrix NetScaler ADC and Gateway devices, leading to widespread exploitation and CISA emergency directives.
Zimbra Collaboration CVE-2023-37580: XSS Zero-Day Exploited by Four Nation-State Groups
A reflected XSS vulnerability in Zimbra Collaboration was exploited by four distinct threat groups targeting government organizations worldwide. The campaign showed how even 'low severity' bugs enable espionage.
Clop Ransomware and the MOVEit Campaign: Mass Exploitation at Scale
Clop's exploitation of MOVEit Transfer compromised over 2,500 organizations in one campaign, demonstrating a shift from traditional ransomware to mass vulnerability exploitation.
MOVEit Vulnerability Mass Exploitation: A Field Analysis
Inside the Cl0p ransomware gang's zero-day attack on Progress MOVEit Transfer, the CVE-2023-34362 timeline, and the supply chain lessons it exposed.
Barracuda ESG Zero-Day CVE-2023-2868: When Patching Isn't Enough
Barracuda told customers to physically replace compromised Email Security Gateway appliances. The vulnerability had been exploited since October 2022.