Zero Day
The latest Zero Day coverage — news, analysis, and updates from the WindowsNews.AI desk.
Commvault Cloud Security Breach: Exploitation of CVE-2025-34028 and CVE-2025-3928 in 2025
Overview On May 22, 2025, Commvault, a leading enterprise data backup provider, issued an urgent advisory regarding active cyber threats targeting its Metallic software-as-a-service (SaaS)...
Critical CVE-2025-4338 Vulnerability Discovered in Lantronix Device Installer Threatening Legacy Devices
Lantronix Device Installer, a utility long relied upon by IT administrators for device discovery, configuration, and upgrade management across Lantronix networking hardware, now finds itself at the...
Windows 11 LTSC 2024 gets hotpatch update KB5061258 for zero-reboot security
Introduction In today's rapidly evolving cybersecurity landscape, maintaining system security without disrupting operations is paramount. Microsoft addresses this challenge with the release of...
Pwn2Own Berlin 2025 Uncovers Critical Vulnerabilities in Windows 11, Linux, Virtualization, and AI Systems
Introduction The cybersecurity community was electrified by the revelations at Pwn2Own Berlin 2025, a high-profile hacking competition organized by Trend Micro's Zero Day Initiative (ZDI) and hosted...
NTLM hash leak CVE-2025-24054 exploited within days of March 2025 patch
Overview In March 2025, Microsoft released a security update addressing a critical vulnerability in the Windows NT LAN Manager (NTLM) authentication protocol, identified as CVE-2025-24054. Despite...
Microsoft March 2025 Patch Tuesday: Critical Updates for Zero-Day Vulnerabilities and Windows Security
In the ever-evolving landscape of cybersecurity, Microsoft’s March 2025 Patch Tuesday stands out as a critical update cycle, addressing a slew of vulnerabilities, including zero-day exploits and...
Critical Delta Electronics COMMGR Vulnerability (CVE-2025-3495) Threatens ICS Security
In the ever-evolving landscape of cybersecurity, a newly disclosed vulnerability in Delta Electronics' COMMGR software has sent shockwaves through the industrial control systems (ICS) community. This...
April Patch Tuesday 2025: Critical Zero-Day CVE-2025-29824 & Manual Fixes Explained
Microsoft's April 2025 Patch Tuesday has delivered one of the most complex security updates in recent memory, addressing 121 vulnerabilities with 11 rated critical. At the forefront is an actively...
In-Depth Analysis of CVE-2025-29824: The CLFS Zero-Day Vulnerability and Ongoing Ransomware Threats
Understanding CVE-2025-29824: The CLFS Zero-Day Exploit and Its Implications Microsoft’s recent security advisory revealed a critical zero-day vulnerability in the Windows Common Log File System...
Windows Zero-Day Vulnerability Exploited by Multiple State Actors: Implications and Mitigation Strategies
A recent investigative report has revealed that a critical Windows zero-day vulnerability, tracked as ZDI-CAN-25373, has been exploited by at least 11 state-sponsored hacking groups since 2017. This...
March 2025 Patch Tuesday: Microsoft Addresses 50+ Security Flaws Including 6 Zero-Day Exploits
Microsoft's March 2025 Patch Tuesday has arrived with critical updates addressing over 50 security vulnerabilities, including six actively exploited zero-day flaws affecting Windows 10, Windows 11,...
February Patch Tuesday: 63 Fixes, 2 Zero-Days Exploited in the Wild
February Patch Tuesday: 63 Updates & Urgent Zero-Day Vulnerabilities Microsoft’s February Patch Tuesday rollout has made a significant impact in the realm of cybersecurity, with a comprehensive...