Unpatched Zyxel CPE Zero-Day Pummeled by Cyberattackers

Posted on January 29, 2025

VulnCheck initially disclosed the critical command-injection vulnerability (CVE-2024-40891) six months ago, but Zyxel has yet to mention its existence or offer users a patch to mitigate threats.

Posted in News

Previous: Yep, That’s 66-Million-Year-Old Vomit

Next: Aquabot variant v3 targets Mitel SIP phones

Beyond the kill chain: What cybercriminals do with their money (Part 5)

News

In the last of our five-part series, Sophos X-Ops explores…

rooter
May 15, 2025
1 min read
0

Kubo Studio Laika Will Bring Susanna Clarke’s Piranesi to Stop-Motion Life

News

In 2020, English author Susanna Clarke published her second-ever novel,…

rooter
June 22, 2024
1 min read
0

Open Source Poisoned Patches Infect Local Software

News

Malicious packages lurking on open source repositories like npm have…

rooter
April 10, 2025
1 min read
0

The Greatest App of All Time: March Madness Bracket Day 2

News

It’s day 2 of Gizmodo’s March Madness bracket challenge to…

rooter
March 4, 2024
1 min read
0

Related Posts

Beyond the kill chain: What cybercriminals do with their money (Part 5)

Kubo Studio Laika Will Bring Susanna Clarke’s Piranesi to Stop-Motion Life

Open Source Poisoned Patches Infect Local Software

The Greatest App of All Time: March Madness Bracket Day 2