Exploitation of zero-days by commercial surveillance and spyware developers outpaced exploitation by nation-state actors last year, according to a report.

Google and iVerify researchers say the case points to a thriving secondary market for high-end zero-day exploits.

WhatsApp last week disclosed that it had patched a serious security vulnerability that targeted its messaging apps on Apple iOS and macOS. The company also disclosed that the vulnerability may have ...

The former head of Trenchant, a specialized U.S. defense contractor unit, was sentenced Tuesday to more than seven years in federal prison for stealing and selling zero-day exploits to a Russian ...

The US has sanctioned Operation Zero, a Russian exploit broker that bought zero-days from a now jailed US defense contractor executive.

Oracle has silently fixed an Oracle E-Business Suite vulnerability (CVE-2025-61884) that was actively exploited to breach servers, with a proof-of-concept exploit publicly leaked by the ShinyHunters ...

With the popularity of the Netflix series Zero Day among cybersecurity experts and others, the show has evolved into an interesting reference for comprehending the far-reaching effects of zero-day ...

The U.S. Treasury announced it was imposing sanctions against a Russian broker of zero-day exploits, its founder and two affiliates, citing a threat to U.S. national security. Another affiliated ...

Thousands of Ivanti VPN instances have been compromised across the globe in the last five days thanks to two serious, as yet unpatched zero-day vulnerabilities disclosed last week. Ivanti Connect ...

Threat actors now have the ability to exploit a new zero-day vulnerability in the Chrome browser, Google has advised IT administrators. The warning comes after Google released a patch for Chrome to ...

Another major flaw has been found in Chrome—and it’s already being exploited in the wild. First discovered by Google’s Threat Analysis Group on May 27th, this zero-day vulnerability allows attackers ...