Zero - day bug

Search documents
Google fixes Chrome zero-day security flaw used in hacking campaign targeting journalists
TechCrunch· 2025-03-26 13:15
Google said it has fixed a vulnerability in its Chrome browser for Windows that malicious hackers have used to break into victims’ computers.In a brief note on Tuesday, Google said that it fixed the vulnerability, tracked as CVE-2025-2783, that was discovered by researchers at security firm Kaspersky earlier this month. Google said it was aware of reports that an exploit for the bug “exists in the wild.” The bug is referred to as a zero-day because the vendor — in this case, Google — was given no time to ...
Apple fixes new security flaw used in ‘extremely sophisticated attack'
TechCrunch· 2025-03-11 19:16
Core Insights - Apple has released patches for a zero-day vulnerability in WebKit, which could have been exploited in a sophisticated attack targeting specific individuals [1][4] - The vulnerability allowed hackers to escape WebKit's protective sandbox, potentially compromising user data [1] - The patch was made available for various Apple devices, including Macs, iPhones, iPads, Safari, and the Vision Pro headset [2] Vulnerability Details - The zero-day bug was identified in WebKit, the browser engine used by Safari and other applications [1] - Apple indicated that the attack was effective against devices running software prior to iOS 17.2 [3] Historical Context - In February, Apple described a similar attack as "an extremely sophisticated attack against specific targeted individuals," although there is no evidence linking the two incidents [4] - This specific language had not been used by Apple prior to the February incident [4]