Security news aggregator

Latest coverage for 0-Day

A 0-Day is a software vulnerability without an available fix, creating risk because defenders have limited time to mitigate exploitation.

12 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

0-Day describes a software vulnerability unknown to the software maker or unpatched when first exploited. Attackers can use these flaws immediately, as no official fix or signature exists to block the exploit. Such vulnerabilities often affect widely deployed software or hardware, making them valuable for targeted attacks or widespread campaigns.

Because defenders lack patches or reliable detection signatures initially, they must rely on anomaly detection, network monitoring, and threat intelligence to identify suspicious activity linked to 0-day exploits. Rapid patching once a fix is released is critical to reduce exposure. Tracking emerging 0-day threats helps prioritize defensive measures and informs risk management decisions in environments where unpatched vulnerabilities pose significant security risks.

Volume over time

Weekly headline count for the current query.

Showing 12 most recent headlines Filtered view

Not every cloud breach starts with malware or a zero-day. In this incident, attackers discovered an exposed Spring Boot Actuator endpoint, harvested credentials from leaked configuration data, then used the OAuth2 Resource Owner Password Credentials (ROPC) flow to authenticate without MFA.

Trend Micro Research, News and Perspectives 1 year, 3 months ago

A Deep Dive into Water Gamayun’s Arsenal and Infrastructure

Trend Research discusses the delivery methods, custom payloads, and techniques used by Water Gamayun, the suspected Russian threat actor abusing a zero-day vulnerability in the Microsoft Management Console framework (CVE-2025-26633) to execute malicious code on infected machines.

Trend Micro Research, News and Perspectives 1 year, 3 months ago

CVE-2025-26633: How Water Gamayun Weaponizes MUIPath using MSC EvilTwin

Trend Research identified Russian threat actor Water Gamayun exploiting CVE-2025-26633, a zero-day vulnerability in the Microsoft Management Console that attackers exploit to execute malicious code and exfiltrate data.

Trend Micro Research, News and Perspectives 1 year, 4 months ago

ZDI-CAN-25373: Windows Shortcut Exploit Abused as Zero-Day in Widespread APT Campaigns

Trend Zero Day Initiative™ (ZDI) uncovered both state-sponsored and cybercriminal groups extensively exploiting ZDI-CAN-25373, a Windows .lnk file vulnerability that enables hidden command execution.

Our threat hunters discovered CVE-2024-38112, which was used as a zero-day by APT group Void Banshee, to access and execute files through the disabled Internet Explorer using MSHTML. We promptly identified and reported this zero-day vulnerability to Microsoft, and it has been patched.

In addition to our Water Hydra APT zero day analysis, the Zero Day Initiative (ZDI) observed a DarkGate campaign which we discovered in mid-January 2024 where DarkGate operators exploited CVE-2024-21412.

Trend Micro Research, News and Perspectives 2 years, 5 months ago

CVE-2024-21412: Water Hydra Targets Traders with Microsoft Defender SmartScreen Zero-Day

The APT group Water Hydra has been exploiting the zero-day Microsoft Defender SmartScreen vulnerability (CVE-2024-21412) in its campaigns targeting financial market traders. This vulnerability, which has now been patched by Microsoft, was discovered and disclosed by the Trend Micro Zero Day Initiative.

Trend Micro Research, News and Perspectives 3 years, 7 months ago

Protect Your Network with Zero-Day Threat Protection

Explore the world of zero-day threats and gain valuable insight into the importance of proactive detection and remediation. Learn how Trend Micro™ Research mitigates risk by providing global cybersecurity intelligence to continuously discover the ever-changing attack surface, understand and prioritize vulnerabilities, detect and rapidly respond to threats, and apply the right security at the right time.