Despite a global scramble to patch the critical Log4j zero-day vulnerability discovered over two years ago, it remains a persistent threat. Complex software dependencies hinder comprehensive patching, allowing nation-state actors and cybercriminal groups to exploit unpatched systems. In a recent campaign, attackers deployed cryptocurrency miners and installed malicious backdoor scripts to control compromised systems. This highlights the challenge of eradicating longstanding unpatched vulnerabilities.
VMware ESXi, Firefox, Red Hat Linux & SharePoint 0-Day Vulnerabilities Exploited
During Pwn2Own Berlin 2025, researchers exposed critical zero-day vulnerabilities in major platforms like VMware ESXi and Microsoft SharePoint, earning $435,000 in bounties. Notably, Nguyen Hoang
