Geek-Guy.com

Tag: zeroday

AI, Apps, Compliance, Data Breaches, Endpoint, Exploits, Global Security News, Network Security, Risk Management

Google Patches Android Zero-Day Under Active Exploitation 

Google has patched a high-severity Android zero-day vulnerability that attackers have already exploited in the wild.  The issue affects multiple Android releases and serves as a reminder that mobile operating systems remain a valuable target for threat actors seeking access to sensitive enterprise and personal data.  “There are indications that CVE-2025-48595 may be under limited,…

Read more →

Data Breaches, Exploits, Global Security News, Risk Management

Tuskira Quell identifies, mitigates, and validates zero-day risk before breach

Tuskira launched Quell, its exposure-led zero-day defense capability. Quell helps enterprises survive the window between a zero-day’s disclosure and a patch by determining which zero-days are reachable in their environment, whether existing controls would stop them, and which compensating control change would disrupt the exploit immediately. Organizations using Tuskira have cut breachable exposure by up…

Read more →

AI, Cybersecurity, Endpoint, Exploits, Global Security News, malware

Microsoft patches two zero-day flaws in Defender

Microsoft released emergency fixes for two zero-day vulnerabilities in the malware protection components of Microsoft Defender. The flaws allow local attackers to gain system-level privileges or cause the anti-malware service to stop working correctly. Both conditions are valuable in a malware attack, first to prevent detection if the system relies only on Microsoft endpoint protection…

Read more →

AI, Cybersecurity, Exploits, Global Security News, Risk Management

Microsoft is working on a patch for ‘YellowKey’ attack on Bitlocker, offers temporary fix

Microsoft says it is considering a patch for a zero-day vulnerability, dubbed YellowKey, that allows attackers with access to a Windows device to bypass Bitlocker encryption protection and read and write files. The flaw was disclosed last week, and there is already a public proof of concept available. The company issued an advisory Tuesday saying…

Read more →

AI, Cybersecurity, Exploits, Global Security News, Risk Management

Microsoft is working on a patch for ‘YellowKey’ attack on Bitlocker, offers temporary fix

Microsoft says it is considering a patch for a zero-day vulnerability, dubbed YellowKey, that allows attackers with access to a Windows device to bypass Bitlocker encryption protection and read and write files. The flaw was disclosed last week, and there is already a public proof of concept available. The company issued an advisory Tuesday saying…

Read more →

AI, Exploits, Global Security News, Network Security

Alleged Huawei zero-day blamed for the 2025 Luxembourg telecom crash

A Huawei zero-day flaw reportedly caused Luxembourg’s 2025 nationwide outage, disrupting landline, 4G/5G, and emergency services On July 23, 2025, a nationwide telecom outage in Luxembourg was reportedly triggered by a previously undisclosed flaw in Huawei enterprise routers. The attack disrupted landline, 4G, 5G, and emergency communications for more than three hours after specially crafted…

Read more →

AI, Apps, Cybersecurity, Exploits, Global Security News, Risk Management

Exchange Server zero-day vulnerability can be triggered by opening a malicious email

A newly discovered zero-day vulnerability in Microsoft Exchange Server has experts declaring an emergency and urging CSOs to think about the need to abandon on-premises email solutions. “Because it’s already being exploited in the wild, this isn’t a ‘patch next week situation; it’s a ‘mitigate right now’ emergency,” warned Rob Enderle of the Enderle Group.…

Read more →

AI, china, Cybersecurity, Exploits, Global Security News, Network Security, Risk Management

CVE-2026-42897: Microsoft confirms active exploitation of Exchange Server zero-day

Microsoft warned that attackers are exploiting a new Exchange Server zero-day vulnerability, tracked as CVE-2026-42897, in the wild. Microsoft warned that threat actors are actively exploiting a new Exchange Server zero-day vulnerability tracked as CVE-2026-42897 (CVSS score 8.1). The vulnerability is an improper neutralization of input during web page generation (‘cross-site scripting’) in Microsoft Exchange…

Read more →

AI, Apps, Exploits, Global Security News

Google researchers uncover criminal zero-day exploit likely built with AI

Google’s threat intelligence researchers have linked a zero-day exploit to AI-assisted development by a criminal group. The exploit targeted a popular open-source web-based system administration tool. It allowed attackers to bypass two-factor authentication once they had valid user credentials. The flaw stemmed from a semantic logic error, a case where a developer hardcoded a trust…

Read more →

AI, Cybersecurity, Exploits, Global Security News

Google spotted an AI-developed zero-day before attackers could use it

Google researchers found a zero-day exploit developed by artificial intelligence and alerted the susceptible vendor to the imminent threat before a well-known cybercrime group initiated a mass-exploitation campaign, the company said in a report released Monday. The averted disaster probably isn’t the first time attackers used AI to build a zero-day, but it is the…

Read more →

AI, Exploits, Global Security News, Network Security

Palo Alto Networks firewall flaw has been exploited for several weeks

Palo Alto Networks warns that a critical zero-day vulnerability has been discovered in the PAN-OS firewall system. The vulnerability has already been exploited by suspected state-sponsored hackers for nearly a month, reports Bleeping Computer. The vulnerability, CVE-2026-0300, is located in the User-ID Authentication Portal (also known as the Captive Portal) and allows attackers to execute…

Read more →

AI, china, Cybersecurity, Exploits, Global Security News, malware, Network Security, Risk Management

Nation-state actors exploit Palo Alto PAN-OS zero-day for weeks

Palo Alto says hackers exploited PAN-OS zero-day CVE-2026-0300 for weeks, gaining root access to exposed firewalls and hiding traces. Palo Alto Networks warned that suspected state-sponsored hackers have been exploiting the critical PAN-OS zero-day CVE-2026-0300 for nearly a month. After exploiting the flaw, attackers deployed tunneling tools such as EarthWorm and ReverseSocks5, used stolen credentials…

Read more →

Exploits, Global Security News, Network Security

State-sponsored hackers likely behind zero-day attacks on Palo Alto firewalls

Palo Alto Networks believes the in-the-wild exploitation of a zero-day vulnerability (CVE-2026-0300) in its firewalls is likely the work of state-sponsored threat actors. A flaw with no patch (yet) CVE-2026-0300 is a buffer overflow vulnerability in the User-ID Authentication Portal service of Palo Alto Networks PAN-OS software, and can be exploited by unauthenticated attackers sending…

Read more →

AI, Cybersecurity, Exploits, Global Security News, Network Security, Risk Management

A critical Palo Alto PAN-OS zero-day is being exploited in the wild

Attackers are actively exploiting a zero-day vulnerability affecting some Palo Alto Networks’ customers’ firewalls, the security vendor said in an advisory Tuesday. The critical memory corruption vulnerability — CVE-2026-0300 — affects the authentication portal of PAN-OS, and allows unauthenticated attackers to run  code with root privileges on the vendor’s PA-Series and VM-Series firewalls, the company…

Read more →

Exploits, Global Security News

Researcher drops two more Microsoft Defender zero-days, all three now exploited in the wild

The security researcher who earlier this month published a proof-of-concept (PoC) exploit for a zero-day privilege escalation vulnerability in Microsoft Defender is back with two more. The first, dubbed “RedSun,” is another privilege escalation flaw in the same platform. The second, “UnDefend,” allows a standard user to block Microsoft Defender from receiving signature updates or…

Read more →

Apps, Exploits, Global Security News

Adobe issues emergency fix for Acrobat Reader flaw exploited in the wild (CVE-2026-34621)

Adobe has pushed out an emergency security update for Adobe Acrobat Reader, patching a zero-day vulnerability (CVE-2026-34621) exploited in the wild since November 2025. About CVE-2026-34621 CVE-2026-34621 is a critical prototype pollution vulnerability – a type of vulnerability that occurs in JavaScript and allows attackers to add or modify an application’s JavaScript objects and properties.…

Read more →

AI, Apps, Cloud Security, Cybersecurity, Data Breaches, Exploits, Global Security News, malware, Network Security, privacy, Risk Management

Zero-Days, Data Breaches, and AI Risks Define This Week’s Cybersecurity Landscape in 2026

Major Threats & Vulnerabilities Zero-Day and Critical Exploits A new zero-day vulnerability in Adobe Acrobat Reader is being actively exploited through malicious PDFs. Attackers can steal data and compromise systems, with no patch currently available. Security teams are urged to block untrusted PDFs, disable JavaScript, and use sandboxing with outbound traffic monitoring. The Fortinet EMS…

Read more →

AI, Apps, Data Breaches, Endpoint, Exploits, Global Security News, Network Security, Risk Management, Russia

Adobe Acrobat Reader Zero Day Exploited in Active PDF Attacks

Attackers have been exploiting a zero-day vulnerability in Adobe Acrobat Reader for months, using malicious PDF files to silently steal data and potentially take over victim systems. Active since at least Dec. 2025, the campaign highlights how a seemingly routine document can serve as an effective entry point for system compromise. This exploit “allows the…

Read more →

AI, Cybersecurity, Exploits, Global Security News

Acrobat Reader zero-day exploited in the wild for many months

Unknown attackers have exploited a zero-day Adobe Acrobat Reader vulnerability since November 2025 and possibly even earlier, security researcher Haifei Li has discovered. PDF files carry the exploit Haifei Li is one of the creators of EXPMON, a sandbox-based cybersecurity system for detecting advanced file-based exploits. It does so by analyzing suspicious files submitted through…

Read more →

AI, Exploits, Global Security News

Adobe Reader Zero-Day Exploited via Malicious PDFs Since December 2025

Threat actors have been exploiting a previously unknown zero-day vulnerability in Adobe Reader using maliciously crafted PDF documents since at least December 2025. The finding, detailed by EXPMON’s Haifei Li, has been described as a highly-sophisticated PDF exploit. The artifact (“Invoice540.pdf”) first appeared on the VirusTotal platform on November 28, 2025. A second 

Read more →

AI, Apps, Cybersecurity, Data Breaches, Endpoint, Exploits, Global Security News, Government & Policy, Network Security, Risk Management

The zero-day timeline just collapsed. Here’s what security leaders do next

A zero-day is not frightening because it is sophisticated. It is frightening because it is unknown. There is no patch in the moment it matters most. That single condition undermines the comfort most security programs rely on: time. In the past, attackers didn’t need zero-days because they relied on predictable failures in patching and credential…

Read more →

AI, Apps, Cybersecurity, Data Breaches, Endpoint, Exploits, Global Security News, Government & Policy, Network Security, Risk Management

The zero-day timeline just collapsed. Here’s what security leaders do next

A zero-day is not frightening because it is sophisticated. It is frightening because it is unknown. There is no patch in the moment it matters most. That single condition undermines the comfort most security programs rely on: time. In the past, attackers didn’t need zero-days because they relied on predictable failures in patching and credential…

Read more →

AI, Cybersecurity, Exploits, Global Security News, Risk Management

Experts published unpatched Windows zero-day BlueHammer

A researcher leaked the unpatched Windows zero-day “BlueHammer,” letting attackers gain SYSTEM rights; no patch exists yet. A disgruntled researcher released the BlueHammer Windows zero-day, a privilege escalation flaw that allows attackers to gain SYSTEM or admin rights, Bleeping Computer reports. The researcher privately reported the vulnerability to Microsoft but criticized the way the Microsoft’s Security…

Read more →

AI, Endpoint, Exploits, Global Security News

FortiClient EMS zero-day exploited, emergency hotfixes available (CVE-2026-35616)

Defused Cyber has spotted a critical Fortinet FortiClient Endpoint Management Server (EMS) zero-day vulnerability (CVE-2026-35616) being exploited in the wild. This time around, the confirmation of active exploitation came almost immediately from Fortinet, as well. “Fortinet has observed [CVE-2026-35616] to be exploited in the wild and urges vulnerable customers to install the hotfix for FortiClient…

Read more →

AI, Apps, china, Exploits, Global Security News, Government & Policy, malware, Network Security

TrueConf zero-day vulnerability exploited to target government networks

Suspected China-nexus attackers have leveraged a zero-day vulnerability (CVE-2026-3502) in the TrueConf client application to distribute malware within government networks in Southeast Asia, Check Point researchers discovered. Malicious client update attack chain (Source: Check Point) Trusted update mechanism turned into attack vector TrueConf is a videoconferencing platform designed to run on private local networks (LANs)…

Read more →

AI, Apps, Exploits, Global Security News, Risk Management

Google fixes fourth actively exploited Chrome zero-day of 2026

Google fixed a new Chrome zero-day, tracked as CVE-2026-5281, in the WebGPU Dawn component that is already exploited in the wild. Google released Chrome updates fixing 21 vulnerabilities, including a new actively exploited zero-day tracked as CVE-2026-5281. The flaw is a use-after-free bug in Dawn, the WebGPU component used for graphics processing. Due to ongoing…

Read more →

AI, Exploits, Global Security News

Google fixes Chrome zero-day with in-the-wild exploit (CVE-2026-5281)

Google has fixed 21 vulnerabilities affecting its popular Chrome browser, among them a zero-day (CVE-2026-5281) with an in-the-wild exploit. About CVE-2026-5281 As per usual, information about the fixed zero-day is limited, and there’s no details about the exploit (or how/if it’s being used by attackers). CVE-2026-5281’s official description says it’s a use-after-free (UAF) vulnerability in…

Read more →

AI, Data Breaches, Exploits, Global Security News, Government & Policy, malware, Network Security

Interlock group exploiting the CISCO FMC flaw CVE-2026-20131 36 days before disclosure

The Interlock ransomware group has exploited a Cisco FMC zero-day RCE vulnerability in attacks since late January. The Interlock ransomware group has been exploiting a critical zero-day RCE vulnerability, tracked as CVE-2026-20131 (CVSS score of 10.0), in Cisco Secure Firewall Management Center (FMC) since late January. The vulnerability is a remote code execution flaw that…

Read more →

AI, Data Breaches, Exploits, Global Security News, privacy, Risk Management

CVE-2026-20643: Vulnerability in WebKit Navigation API May Bypass Same Origin Policy

Just a little over a month after fixing the actively exploited CVE-2026-20700 zero-day, Apple has now issued its first Background Security Improvements release to address CVE-2026-20643, a WebKit vulnerability that could allow maliciously crafted web content to bypass the Same Origin Policy, one of the browser’s core security boundaries. The issue in the limelight adds…

Read more →

AI, Apps, Data Breaches, Endpoint, Exploits, Global Security News, Network Security, Risk Management

Google Patches Two Chrome Zero-Day Vulnerabilities Actively Exploited in the Wild

Google has released updates to patch two high-severity zero-day vulnerabilities in the Chrome browser that are already being exploited in the wild..  The flaws affect critical components responsible for rendering web content and executing JavaScript, potentially allowing attackers to crash the browser or execute malicious code on vulnerable systems. One of the vulnerabilities, CVE-2026-3909, allows…

Read more →

AI, Apps, Cybersecurity, Exploits, Global Security News, Network Security, Risk Management

CVE-2026-21262: SQL Server Zero-Day Fixed in Microsoft’s March Patch Tuesday Release

The beginning of 2026 has brought a wave of zero-day vulnerabilities affecting Microsoft products, including the actively exploited Windows Desktop Window Manager flaw (CVE-2026-20805), the Microsoft Office zero-day (CVE-2026-21509) that prompted an out-of-band fix, and the Windows Notepad RCE bug (CVE-2026-20841). Microsoft’s March Patch Tuesday release keeps defenders busy again, this time shifting attention to…

Read more →

AI, Endpoint, Global Security News

OPSWAT delivers AI-powered perimeter defense with unified zero-day verdicts

OPSWAT has introduced MetaDefender Aether, an AI-powered decision engine for fast zero-day detection, purpose-built for the perimeter. Unlike sandbox or antivirus solutions designed for endpoint protection, MetaDefender Aether intercepts files at every entry point, e.g. file transfers, removable media, email attachments, cloud storage, and web traffic, to detect unknown threats before they reach users, devices,…

Read more →

AI, Apps, china, Exploits, Global Security News, Government & Policy, malware, Network Security

Google GTIG: 90 zero-day flaws exploited in 2025 as enterprise targets grow

Google’s GTIG reports 90 zero-day vulnerabilities exploited in the wild in 2025, up from 78 in 2024, with a growing share targeting enterprise systems. Google’s Threat Intelligence Group (GTIG) identified 90 zero-day vulnerabilities exploited in the wild in 2025. While slightly below the 100 observed in 2023, the number increased from 78 in 2024, with…

Read more →

AI, Exploits, Global Security News, Risk Management

Google addresses actively exploited Qualcomm zero-day in fresh batch of 129 Android vulnerabilities

Google disclosed one actively exploited zero-day vulnerability Monday, warning that the high-severity defect affecting an open-source Qualcomm display component for Android devices “may be under limited, targeted exploitation.” The memory-corruption vulnerability — CVE-2026-21385 — which Google’s Android security team reported to Qualcomm Dec. 18, affects 234 chipsets, Qualcomm said in a security bulletin. Qualcomm said…

Read more →

AI, Exploits, Global Security News, Russia

Russia-linked APT28 exploited MSHTML zero-day CVE-2026-21513 before patch

Russia-linked APT28 reportedly exploited MSHTML zero-day CVE-2026-21513 before Microsoft patched it, a high-severity bypass flaw. Akamai reports that Russia-linked APT28 may have exploited CVE-2026-21513 CVSS score of 8.8), a high-severity MSHTML vulnerability (CVSS 8.8), before Microsoft patched it in February 2026. The vulnerability is an Internet Explorer security control bypass that can lead to code…

Read more →

AI, APAC, Cloud Security, Compliance, Cybersecurity, Data Breaches, Exploits, Global Security News, Government & Policy, Network Security, privacy, Risk Management, Russia

Zero-Days, Data Breaches, and AI Risks Define This Week’s Cybersecurity Landscape

Major Threats & Vulnerabilities Zero-Day Exploits and Critical CVEs Cisco SD-WAN Zero-Day Grants Root Access has been actively exploited since 2023, allowing attackers to bypass authentication and gain root privileges. Cisco urges administrators to patch immediately, secure management planes, and monitor for rogue peers. ServiceNow AI Platform Vulnerability could allow unauthenticated remote code execution through…

Read more →

AI, Data Breaches, Exploits, Global Security News, Network Security, Risk Management

Cisco SD-WAN Zero-Day Actively Exploited to Gain Root Access

A zero-day vulnerability in Cisco Catalyst SD-WAN products has been actively exploited since at least 2023, allowing attackers to bypass authentication and ultimately gain root access in targeted environments.  This flaw affects core control-plane components and has been linked to a sophisticated threat actor cluster known as UAT-8616. “The Cisco Catalyst SD-WAN zero-day, which is…

Read more →

AI, Cybersecurity, Exploits, Global Security News, Government & Policy, Network Security

Governments issue warning over Cisco zero-day attacks dating back to 2023

Attackers have been exploiting a pair of zero-day vulnerabilities in Cisco’s network edge software for at least three years, and the global campaign is ongoing, authorities said across a series of warnings released Wednesday. The Cybersecurity and Infrastructure Security Agency issued an emergency directive about the global attacks and issued joint guidance with the Five…

Read more →

AI, Exploits, Global Security News

Threat actor leveraged Cisco SD-WAN zero-day since 2023 (CVE-2026-20127)

A “highly sophisticated” cyber threat actor has been exploiting a zero-day authentication bypass vulnerability (CVE-2026-20127) in Cisco Catalyst SD-WAN Controller (formerly vSmart), Cisco has announced today. The vulnerability was reported by Australian Signals Directorate’s Australian Cyber Security Centre, who said that once the vulnerability was exploited, “the malicious actors add[ed] a rogue peer, and eventually…

Read more →

AI, APAC, Apps, Endpoint, Exploits, Global Security News, Government & Policy, Network Security

Attackers exploit Ivanti EPMM zero-days to seize control of MDM servers

Attackers are actively exploiting two critical zero-day vulnerabilities in Ivanti’s Endpoint Manager Mobile (EPMM) to gain unauthenticated control of enterprise mobile device management infrastructure and install backdoors engineered to persist even after organizations apply available patches. “Two critical zero-day vulnerabilities (CVE-2026-1281 and CVE-2026-1340) affecting Ivanti Endpoint Manager Mobile (EPMM) are being actively exploited in the wild, affecting…

Read more →

AI, APAC, Apps, china, Data Breaches, Endpoint, Exploits, Global Security News, malware, Network Security, Risk Management

Zero-Day in Dell RecoverPoint Enables GRIMBOLT Backdoor 

A zero-day vulnerability in Dell RecoverPoint for Virtual Machines is being actively exploited to deploy backdoors and pivot deeper into enterprise networks.  The flaw has reportedly been abused since at least mid-2024 by a suspected China-linked threat cluster. “Beyond the Dell appliance exploitation, Mandiant observed the actor employing novel tactics to pivot into VMware virtual…

Read more →

AI, china, Exploits, Global Security News, Network Security

China-linked hackers exploited Dell zero-day since 2024 (CVE-2026-22769)

A suspected China-linked cyberespionage group has been covertly exploiting a critical zero-day flaw (CVE-2026-22769) in Dell’s RecoverPoint for Virtual Machines software since at least mid-2024, according to new research from Google’s threat intelligence team and Mandiant. The attackers deployed stealthy backdoors (BRICKSTORM and GRIMBOLT), a webshell (SLAYSTYLE) and maintained long-term access inside targeted networks. “Beyond…

Read more →

AI, Apps, Endpoint, Exploits, Global Security News, Risk Management

Exploit available for new Chrome zero-day vulnerability, says Google

Threat actors now have the ability to exploit a new zero-day vulnerability in the Chrome browser, Google has advised IT administrators. The warning comes after Google released a patch for Chrome to plug a use after free memory vulnerability (CVE-2026-2441) in cascading style sheets (CSS), which means the browser’s CSS engine isn’t properly managing memory…

Read more →

AI, Apps, Endpoint, Exploits, Global Security News, Risk Management

Exploit available for new Chrome zero-day vulnerability, says Google

Threat actors now have the ability to exploit a new zero-day vulnerability in the Chrome browser, Google has advised IT administrators. The warning comes after Google released a patch for Chrome to plug a use after free memory vulnerability (CVE-2026-2441) in cascading style sheets (CSS), which means the browser’s CSS engine isn’t properly managing memory…

Read more →

AI, Compliance, Endpoint, Exploits, Global Security News, malware, Risk Management

CVE-2026-2441: Google Patches Chrome Zero-Day Exploited in the Wild

Right after Apple’s CVE-2026-20700 zero-day under active exploitation made headlines, Google released security updates for Chrome to address the first actively exploited Chrome zero-day of 2026. CVE-2026-2441 Analysis The high-severity flaw, tracked as CVE-2026-2441, is a use-after-free vulnerability in Chrome’s CSS component. NIST’s NVD description notes that the issue could allow a remote attacker to…

Read more →

AI, Exploits, Global Security News

Google fixes first actively exploited Chrome zero-day of 2026

Google patched Chrome zero-day CVE-2026-2441, a high-severity CSS use-after-free flaw actively exploited in the wild. Google has released urgent security updates to address a high-severity zero-day vulnerability, tracked as CVE-2026-2441, in Chrome that is already being exploited in real-world attacks. The flaw is a use-after-free bug in the browser’s CSS component. This is the first…

Read more →

AI, Apple, Apps, Cybersecurity, Cybersecurity and Infrastructure Security Agency (CISA), Exploits, Global Security News, Threats

Apple discloses first actively exploited zero-day of 2026

Apple disclosed a zero-day vulnerability Wednesday that the vendor warned was previously “exploited in an extremely sophisticated attack against specific targeted individuals,” the company said in a security update. The memory-corruption vulnerability — CVE-2026-20700 — affects iPhones and iPads and was exploited on devices running versions of iOS before iOS 26. The Cybersecurity and Infrastructure…

Read more →

AI, Apps, Compliance, Cybersecurity, Data Breaches, Endpoint, Exploits, Global Security News, Mobile, Network Security, News, Risk Management, Threats

Apple Patches Actively Exploited Zero-Day Flaw

Apple is urging users to update immediately after patching a zero-day vulnerability that was exploited in what it described as “extremely sophisticated” attacks against specific individuals.  The flaw, which impacts multiple Apple operating systems, allowed attackers to execute arbitrary code on vulnerable devices. “An attacker with memory write capability may be able to execute arbitrary…

Read more →

AI, Apps, Blog, Compliance, CVE, CVEs, Cybersecurity, Exploits, Global Security News, Risk Management, vulnerability

CVE-2026-20700: Apple Patches Zero-Day Exploited in Sophisticated Cyber Attacks

SOC Prime previously highlighted Apple’s actively exploited WebKit zero-day CVE-2025-14174, a case that showed how quickly weaponized iOS flaws can move from targeted activity to real operational risk for organizations and high-value users. That same case later led to additional fixes, with CVE-2025-14174 and CVE-2025-43529 both issued in response to it, reinforcing a familiar pattern…

Read more →

AI, Apple, Don't miss, Exploits, Global Security News, Hot stuff, News

Apple fixes zero-day flaw exploited in targeted attacks (CVE-2026-20700)

Apple has released fixes for a zero-day vulnerability (CVE-2026-20700) exploited in targeted attacks last year. CVE-2026-20700 is a memory corruption issue in dyld, the Dynamic Link Editor component of Apple’s operating systems, and may allow attackers with memory write capability to execute arbitrary code. “Apple is aware of a report that this issue may have…

Read more →

AI, Apple, Apps, Breaking News, Exploits, Global Security News, hacking, hacking news, Security

Apple fixed first actively exploited zero-day in 2026

Apple fixed an exploited zero-day in iOS, macOS, and other devices that allowed attackers to run code via a memory flaw. Apple released updates for iOS, iPadOS, macOS, watchOS, tvOS, and visionOS to address an actively exploited zero-day tracked as CVE-2026-20700. The flaw is a memory corruption issue in Apple’s Dynamic Link Editor (dyld) that…

Read more →

Don't miss, Exploits, Global Security News, Hot stuff, News

Microsoft Patch Tuesday: 6 exploited zero-days fixed in February 2026

Microsoft has plugged 50+ security holes on February 2026 Patch Tuesday, including six zero-day vulnerabilities exploited by attackers in the wild. The “security feature bypass” zero-days Among the zero-days fixed are three vulnerabilities that allow attackers to bypass a security feature. CVE-2026-21513 affects the MSHTML/Trident browser engine for the Microsoft Windows version of Internet Explorer,…

Read more →

AI, Breaking News, Exploits, Global Security News, hacking, hacking news, Security, Uncategorized

Microsoft Patch Tuesday security updates for February 2026 fix six actively exploited zero-days

Microsoft Patch Tuesday security updates for February 2026 fix six actively exploited zero-day vulnerabilities. Microsoft Patch Tuesday security updates for February 2026 fix 58 new security flaws across Windows, Office, Azure, Edge, Exchange, Hyper-V, WSL, and other components, rising to 62 CVEs when third-party updates are included. Five vulnerabilities are Critical, two Moderate, and most…

Read more →

AI, Cybersecurity, Cybersecurity and Infrastructure Security Agency (CISA), Exploits, Global Security News, Microsoft, Patch Tuesday, Risk Management, Threats

Microsoft Patch Tuesday matches last year’s zero-day high with six actively exploited vulnerabilities

Microsoft’s latest security update is littered with zero-day vulnerabilities, actively exploited defects that account for more than 10% of the total CVEs the vendor addressed in this month’s Patch Tuesday update. The vendor addressed 59 vulnerabilities affecting its various products for business operations and underlying systems, including six defects that were actively exploited prior to…

Read more →

AI, Apps, Blog, CVE, CVEs, Cybersecurity, Endpoint, Exploits, Global Security News, Network Security, Risk Management, sql injection

CVE-2026-21643: Critical FortiClient EMS Vulnerability Enables Unauthenticated Remote Code Execution

Shortly after our recent coverage of high-impact FortiOS SSO zero-day exploitation (CVE-2026-24858), defenders are facing another urgent patching priority in the Fortinet ecosystem. On February 6, Fortinet released a fix for a critical SQL injection flaw that can be triggered remotely and doesn’t require authentication, potentially leading to unauthorized code or command execution.  Although there…

Read more →

AI, Apps, APT28, Blog, CERT-UA, CVE-2026-21509, CVEs, Cybersecurity, Europe, Exploits, Global Security News, Government & Policy, Network Security, Russia

UAC-0001 (APT28) Attack Detection: russia-Backed Actor Actively Exploits CVE-2026-21509 Targeting Ukraine and the EU

Right after Microsoft disclosed an actively exploited Office zero-day (CVE-2026-21509) on January 26, 2026, CERT-UA reported UAC-0001 (APT28) leveraging the vulnerability in the wild. The russia-backed threat actor targeted organizations in Ukraine and the EU with malicious Office documents, and metadata shows one sample was created on January 27 at 07:43 UTC, illustrating the rapid…

Read more →

AI, Apps, APT28, Blog, CERT-UA, CVE-2026-21509, CVEs, Cybersecurity, Europe, Exploits, Global Security News, Government & Policy, Network Security, Russia

UAC-0001 (APT28) Attack Detection: russia-Backed Actor Actively Exploits CVE-2026-21509 Targeting Ukraine and the EU

Right after Microsoft disclosed an actively exploited Office zero-day (CVE-2026-21509) on January 26, 2026, CERT-UA reported UAC-0001 (APT28) leveraging the vulnerability in the wild. The russia-backed threat actor targeted organizations in Ukraine and the EU with malicious Office documents, and metadata shows one sample was created on January 27 at 07:43 UTC, illustrating the rapid…

Read more →

AI, Apps, APT28, Blog, CERT-UA, CVE-2026-21509, CVEs, Cybersecurity, Europe, Exploits, Global Security News, Government & Policy, Network Security, Russia

UAC-0001 (APT28) Attack Detection: russia-Backed Actor Actively Exploits CVE-2026-21509 Targeting Ukraine and the EU

Right after Microsoft disclosed an actively exploited Office zero-day (CVE-2026-21509) on January 26, 2026, CERT-UA reported UAC-0001 (APT28) leveraging the vulnerability in the wild. The russia-backed threat actor targeted organizations in Ukraine and the EU with malicious Office documents, and metadata shows one sample was created on January 27 at 07:43 UTC, illustrating the rapid…

Read more →

AI, Apps, APT28, Blog, CERT-UA, CVE-2026-21509, CVEs, Cybersecurity, Europe, Exploits, Global Security News, Government & Policy, Network Security, Russia

UAC-0001 (APT28) Attack Detection: russia-Backed Actor Actively Exploits CVE-2026-21509 Targeting Ukraine and the EU

Right after Microsoft disclosed an actively exploited Office zero-day (CVE-2026-21509) on January 26, 2026, CERT-UA reported UAC-0001 (APT28) leveraging the vulnerability in the wild. The russia-backed threat actor targeted organizations in Ukraine and the EU with malicious Office documents, and metadata shows one sample was created on January 27 at 07:43 UTC, illustrating the rapid…

Read more →

AI, Apps, APT28, Blog, CERT-UA, CVE-2026-21509, CVEs, Cybersecurity, Europe, Exploits, Global Security News, Government & Policy, Network Security, Russia

UAC-0001 (APT28) Attack Detection: russia-Backed Actor Actively Exploits CVE-2026-21509 Targeting Ukraine and the EU

Right after Microsoft disclosed an actively exploited Office zero-day (CVE-2026-21509) on January 26, 2026, CERT-UA reported UAC-0001 (APT28) leveraging the vulnerability in the wild. The russia-backed threat actor targeted organizations in Ukraine and the EU with malicious Office documents, and metadata shows one sample was created on January 27 at 07:43 UTC, illustrating the rapid…

Read more →

AI, Apps, APT28, Blog, CERT-UA, CVE-2026-21509, CVEs, Cybersecurity, Europe, Exploits, Global Security News, Government & Policy, Network Security, Russia

UAC-0001 (APT28) Attack Detection: russia-Backed Actor Actively Exploits CVE-2026-21509 Targeting Ukraine and the EU

Right after Microsoft disclosed an actively exploited Office zero-day (CVE-2026-21509) on January 26, 2026, CERT-UA reported UAC-0001 (APT28) leveraging the vulnerability in the wild. The russia-backed threat actor targeted organizations in Ukraine and the EU with malicious Office documents, and metadata shows one sample was created on January 27 at 07:43 UTC, illustrating the rapid…

Read more →

AI, Apps, APT28, Blog, CERT-UA, CVE-2026-21509, CVEs, Cybersecurity, Europe, Exploits, Global Security News, Government & Policy, Network Security, Russia

UAC-0001 (APT28) Attack Detection: russia-Backed Actor Actively Exploits CVE-2026-21509 Targeting Ukraine and the EU

Right after Microsoft disclosed an actively exploited Office zero-day (CVE-2026-21509) on January 26, 2026, CERT-UA reported UAC-0001 (APT28) leveraging the vulnerability in the wild. The russia-backed threat actor targeted organizations in Ukraine and the EU with malicious Office documents, and metadata shows one sample was created on January 27 at 07:43 UTC, illustrating the rapid…

Read more →

AI, Apps, APT28, Blog, CERT-UA, CVE-2026-21509, CVEs, Cybersecurity, Europe, Exploits, Global Security News, Government & Policy, Network Security, Russia

UAC-0001 (APT28) Attack Detection: russia-Backed Actor Actively Exploits CVE-2026-21509 Targeting Ukraine and the EU

Right after Microsoft disclosed an actively exploited Office zero-day (CVE-2026-21509) on January 26, 2026, CERT-UA reported UAC-0001 (APT28) leveraging the vulnerability in the wild. The russia-backed threat actor targeted organizations in Ukraine and the EU with malicious Office documents, and metadata shows one sample was created on January 27 at 07:43 UTC, illustrating the rapid…

Read more →

AI, Apps, Blog, CVE, CVE-2025-15467, CVEs, Cybersecurity, Exploits, Global Security News, privacy, Risk Management, vulnerability

CVE-2025-15467: OpenSSL Vulnerability Leads to Denial-of-Service, Remote Code Execution

Just as organizations were working to patch the Microsoft Office zero-day (CVE-2026-21509), the cybersecurity world is confronted with another serious threat. OpenSSL disclosed a high-severity stack buffer overflow issue that can trigger denial-of-service (DoS) conditions and, under specific circumstances, enable remote code execution (RCE). Tracked as CVE-2025-15467, the vulnerability was promptly patched by the vendor…

Read more →

AI, Apps, Blog, CVE, CVE-2025-15467, CVEs, Cybersecurity, Exploits, Global Security News, privacy, Risk Management, vulnerability

CVE-2025-15467: OpenSSL Vulnerability Leads to Denial-of-Service, Remote Code Execution

Just as organizations were working to patch the Microsoft Office zero-day (CVE-2026-21509), the cybersecurity world is confronted with another serious threat. OpenSSL disclosed a high-severity stack buffer overflow issue that can trigger denial-of-service (DoS) conditions and, under specific circumstances, enable remote code execution (RCE). Tracked as CVE-2025-15467, the vulnerability was promptly patched by the vendor…

Read more →

AI, Apps, Blog, CVE, CVE-2025-15467, CVEs, Cybersecurity, Exploits, Global Security News, privacy, Risk Management, vulnerability

CVE-2025-15467: OpenSSL Vulnerability Leads to Denial-of-Service, Remote Code Execution

Just as organizations were working to patch the Microsoft Office zero-day (CVE-2026-21509), the cybersecurity world is confronted with another serious threat. OpenSSL disclosed a high-severity stack buffer overflow issue that can trigger denial-of-service (DoS) conditions and, under specific circumstances, enable remote code execution (RCE). Tracked as CVE-2025-15467, the vulnerability was promptly patched by the vendor…

Read more →

AI, Apps, Blog, CVE, CVE-2025-15467, CVEs, Cybersecurity, Exploits, Global Security News, privacy, Risk Management, vulnerability

CVE-2025-15467: OpenSSL Vulnerability Leads to Denial-of-Service, Remote Code Execution

Just as organizations were working to patch the Microsoft Office zero-day (CVE-2026-21509), the cybersecurity world is confronted with another serious threat. OpenSSL disclosed a high-severity stack buffer overflow issue that can trigger denial-of-service (DoS) conditions and, under specific circumstances, enable remote code execution (RCE). Tracked as CVE-2025-15467, the vulnerability was promptly patched by the vendor…

Read more →