Google: 97 #zeroday #exploits in #2024, over 50% in #spyware attacks
They noted that cyber-espionage threat actors—including government-backed groups and commercial #surveillance vendors' customers—were responsible for more than half of attributable #0day attacks in 2024.
End-user platforms and products (e.g., web browsers, mobile devices, and desktop operating systems) made up 56% of the tracked #zerodays.
https://www.bleepingcomputer.com/news/security/google-97-zero-days-exploited-in-2024-over-50-percent-in-spyware-attacks/

https://techcrunch.com/2025/04/29/government-hackers-are-leading-the-use-of-attributed-zero-days-google-says/
#cybersecurity #0days #exploits #nationstates #Google

In Q1 2025, VulnCheck identified evidence of 159 CVEs publicly disclosed for the first time as exploited in the wild, 28.3% within 24 hours of disclosure #Exploits #CyberSecurity https://vulncheck.com/blog/exploitation-trends-q1-2025

El lado del mal - Hacking Home Devices II: PoCs & Hack Just for Fun! Aprende cómo buscar bugs en los dispositivos de tu casa https://www.elladodelmal.com/2025/04/hacking-home-devices-ii-pocs-hack-just.html de Gerard Fuguet #Hacking #Exploiting #SmartHome #Pentesting #Pentest #exploits

The Register: Today’s LLMs craft exploits from patches at lightning speed . “Matthew Keely, of Platform Security and penetration testing firm ProDefense, managed to cobble together a working exploit for a critical vulnerability in Erlang’s SSH library (CVE-2025-32433) in an afternoon, although the AI he used had some help – the model was able to use code from an already published patch in the […]

https://rbfirehose.com/2025/04/23/the-register-todays-llms-craft-exploits-from-patches-at-lightning-speed/

Updates: Microsoft spielt die Gefahr herunter

Für Fachleute außerhalb der Firma ist nicht nachvollziehbar, nach welchen Kriterien Microsoft (MS) die Risiko-Einstufung von Sicherheitslücken vornimmt. An fast jedem der monatlichen Flickentage finden wir Sicherheitslücken vor, die MS nur als 'wichtig' statt 'kritisch'

https://www.pc-fluesterer.info/wordpress/2025/04/22/updates-microsoft-spielt-die-gefahr-herunter/

Wahnsinn. #opensource #linux #log4j #itsec #exploits
"I am no hero" Unfassbar gut, lieber @br_data ! #br #bayerischerrundfunk

Linkempfehlung ARD Audiothek

https://www.ardaudiothek.de/episode/wild-wild-web-geschichten-aus-dem-internet/das-wichtigste-hobby-der-welt/br/14442077/