A particularly dangerous Google Chrome zero-day is already being used in real-world attacks. Despite Google’s auto update feature, users will need to close and restart their browser in order to be protected.
An APT group is using a new Flash Player zero-day that was used a lure targeting a Russian-based clinic
A new Adobe Reader zero-day exploit has been discovered, including a full sandbox escape.
Internet Explorer is yet again leveraged for a zero-day exploit delivered via Office document—the first zero-day observed for IE in over two years.
OWASP recently published a draft list of the top 10 security vulnerabilities of 2017. While intended for developers seeking to code more secure applications, the top 10 list is based on actual survey data of threats seen in the wild and serves as a great starting point for organizations struggling with security priorities. Let’s take a look and see how long they’ve been around prior to publication.