Geek-Guy.com

Tag: vulnerabilities

AI, authentication bypass, Blog, CVE, CVE-2026-24858, CVEs, Cybersecurity, Data Breaches, Exploits, Global Security News, Risk Management

CVE-2026-24858: FortiOS SSO Zero-Day Exploited in the Wild

The year 2026 has started with an avalanche of zero-day vulnerabilities, causing a menace for cyber defenders. Right after Microsoft Office zero-day (CVE-2026-21509) and a critical flaw in Cisco products (CVE-2026-20045) that were repeatedly exploited for in-the-wild attacks, Fortinet has disclosed another serious issue, immediately drawing the attention of threat actors. Identified as CVE‑2026‑24858, the…

Read more →

AI, Apps, Blog, CVE, CVE-2026-21509, CVEs, Cybersecurity, Exploits, Global Security News

CVE-2026-21509: Actively Exploited Microsoft Office Zero-Day Forces Emergency Patch

Shortly after its January Patch Tuesday release, addressing 114 vulnerabilities, including a zero-day in Windows Desktop Manager (CVE-2026-20805), Microsoft rushed out an emergency out-of-band update to fix another bug under active exploitation. This time, attackers are targeting CVE-2026-21509, a Microsoft Office zero-day that allows threat actors to bypass built-in security features.  In view of the…

Read more →

AI, Apps, Blog, CVE, CVE-2026-21509, CVEs, Cybersecurity, Exploits, Global Security News

CVE-2026-21509: Actively Exploited Microsoft Office Zero-Day Forces Emergency Patch

Shortly after its January Patch Tuesday release, addressing 114 vulnerabilities, including a zero-day in Windows Desktop Manager (CVE-2026-20805), Microsoft rushed out an emergency out-of-band update to fix another bug under active exploitation. This time, attackers are targeting CVE-2026-21509, a Microsoft Office zero-day that allows threat actors to bypass built-in security features.  In view of the…

Read more →

AI, Apps, Blog, CVE, CVE-2026-21509, CVEs, Cybersecurity, Exploits, Global Security News

CVE-2026-21509: Actively Exploited Microsoft Office Zero-Day Forces Emergency Patch

Shortly after its January Patch Tuesday release, addressing 114 vulnerabilities, including a zero-day in Windows Desktop Manager (CVE-2026-20805), Microsoft rushed out an emergency out-of-band update to fix another bug under active exploitation. This time, attackers are targeting CVE-2026-21509, a Microsoft Office zero-day that allows threat actors to bypass built-in security features.  In view of the…

Read more →

AI, Apps, Blog, CVE, CVE-2026-21509, CVEs, Cybersecurity, Exploits, Global Security News

CVE-2026-21509: Actively Exploited Microsoft Office Zero-Day Forces Emergency Patch

Shortly after its January Patch Tuesday release, addressing 114 vulnerabilities, including a zero-day in Windows Desktop Manager (CVE-2026-20805), Microsoft rushed out an emergency out-of-band update to fix another bug under active exploitation. This time, attackers are targeting CVE-2026-21509, a Microsoft Office zero-day that allows threat actors to bypass built-in security features.  In view of the…

Read more →

AI, Apps, Blog, CVE, CVE-2026-21509, CVEs, Cybersecurity, Exploits, Global Security News

CVE-2026-21509: Actively Exploited Microsoft Office Zero-Day Forces Emergency Patch

Shortly after its January Patch Tuesday release, addressing 114 vulnerabilities, including a zero-day in Windows Desktop Manager (CVE-2026-20805), Microsoft rushed out an emergency out-of-band update to fix another bug under active exploitation. This time, attackers are targeting CVE-2026-21509, a Microsoft Office zero-day that allows threat actors to bypass built-in security features.  In view of the…

Read more →

AI, Apps, Blog, CVE, CVE-2026-21509, CVEs, Cybersecurity, Exploits, Global Security News

CVE-2026-21509: Actively Exploited Microsoft Office Zero-Day Forces Emergency Patch

Shortly after its January Patch Tuesday release, addressing 114 vulnerabilities, including a zero-day in Windows Desktop Manager (CVE-2026-20805), Microsoft rushed out an emergency out-of-band update to fix another bug under active exploitation. This time, attackers are targeting CVE-2026-21509, a Microsoft Office zero-day that allows threat actors to bypass built-in security features.  In view of the…

Read more →

AI, Apps, Blog, CVE, CVE-2026-21509, CVEs, Cybersecurity, Exploits, Global Security News

CVE-2026-21509: Actively Exploited Microsoft Office Zero-Day Forces Emergency Patch

Shortly after its January Patch Tuesday release, addressing 114 vulnerabilities, including a zero-day in Windows Desktop Manager (CVE-2026-20805), Microsoft rushed out an emergency out-of-band update to fix another bug under active exploitation. This time, attackers are targeting CVE-2026-21509, a Microsoft Office zero-day that allows threat actors to bypass built-in security features.  In view of the…

Read more →

AI, Blog, CVE, CVEs, Endpoint, Exploits, Global Security News, Risk Management

CVE-2026-21858 aka Ni8mare: Critical Unauthenticated Remote Code Execution Vulnerability in n8n Platform

The surge of critical vulnerabilities shows no signs of slowing as 2026 begins. In the aftermath of the MongoBleed (CVE-2025-14847) disclosure, another critical flaw has surfaced, impacting the n8n AI workflow automation platform. Tracked as CVE-2026-21858 and dubbed Ni8mare, the flaw obtains a maximum-severity score (CVSS 10.0) and might result in granting full control over…

Read more →

AI, Apps, Exploits, Global Security News, privacy, Risk Management

Supporting Rowhammer research to protect the DRAM ecosystem

Posted by Daniel Moghimi Rowhammer is a complex class of vulnerabilities across the industry. It is a hardware vulnerability in DRAM where repeatedly accessing a row of memory can cause bit flips in adjacent rows, leading to data corruption. This can be exploited by attackers to gain unauthorized access to data, escalate privileges, or cause…

Read more →