Researcher Behind 'Exploitarium' Explains Release of Undisclosed Zero-Day Exploits
Infosecurity spoke with the researcher who dumped over 30 proof-of-concept exploits without disclosing the vulnerabilities first
A 0-Day is a software vulnerability without an available fix, creating risk because defenders have limited time to mitigate exploitation.
Search across headline titles and summaries.
Background for this topic.
0-Day describes a software vulnerability unknown to the software maker or unpatched when first exploited. Attackers can use these flaws immediately, as no official fix or signature exists to block the exploit. Such vulnerabilities often affect widely deployed software or hardware, making them valuable for targeted attacks or widespread campaigns.
Because defenders lack patches or reliable detection signatures initially, they must rely on anomaly detection, network monitoring, and threat intelligence to identify suspicious activity linked to 0-day exploits. Rapid patching once a fix is released is critical to reduce exposure. Tracking emerging 0-day threats helps prioritize defensive measures and informs risk management decisions in environments where unpatched vulnerabilities pose significant security risks.
Weekly headline count for the current query.
Infosecurity spoke with the researcher who dumped over 30 proof-of-concept exploits without disclosing the vulnerabilities first
Nissan says employees' data was stolen via the Oracle PeopleSoft zero-day campaign
The zero-day vulnerability affects on-premises installations for all versions of Exchange Server 2016, 2019 and Subscription Edition
Google Threat Intelligence Group details how cybercriminals attempted to launch a campaign based around an AI-developed Zero-Day targeting open-source software
A researcher from offensive security firm Theori has found a nine-year-old flaw in the Linux kernel with the help of AI
Microsoft has patched two zero-day flaws and over 160 others
Fortinet has updated its FortiClient EMS product after zero-day attacks surfaced
Notorious ransomware group Interlock has been exploiting a Cisco zero-day bug since January, AWS says
Mandiant reveals campaign featuring exploit of a CVSS 10.0 CVE in Dell RecoverPoint for Virtual Machines
Six actively exploited zero-day bug have been patched by Microsoft
The European Commission and government agencies in Finland and the Netherlands have suffered potentially related breaches
VulnCheck analysts found that vulnerabilities exploited before being publicly disclosed rose from 23.6% in 2024 to 28.96% in 2025
Microsoft has patched three zero-day vulnerabilities in the first patch Tuesday of 2026, including one under active exploitation
Explore Infosecurity Magazine’s most-read cybersecurity stories of 2025, from major vendor shake-ups and zero-day exploits to AI-driven threats and supply chain attacks
Google has released a Chrome security update to fix three zero-day vulnerabilities, including a high-severity flaw with an active exploit
3 critical zero-day flaws in PickleScan, affecting Python and PyTorch, allowed undetected attacks
Google said it found indications that two newly identified vulnerabilities affecting Android “may be under limited, targeted exploitation”
Microsoft has patched a zero-day vulnerability in the Windows Kernel under active exploitation by threat actors
CISA has demanded federal agencies patch a zero-day vulnerability affecting Samsung devices used in LandFall spyware attacks
The former general manager of defense contractor Trenchant has admitted selling zero-days to Russian broker