In computer science, a vulnerability is considered to be a zero-day vulnerability if it’s unknown to all parties interested in patching it, such as:

• The team maintaining the project
• The users of the project
• Vulnerability researchers

Vulnerability researchers are the good guys – people who won’t take advantage of the vulnerability for their own gain and who will exercise responsible disclosure.

Let’s illustrate this concept with a small example.

Continue reading Understanding Zero-Day Vulnerabilities & Attacks at Sucuri Blog.

Via Sucuri.net