zero-day

Check Point VPN zero-day (CVE-2024-50751) actively exploited by Qilin ransomware. Urgent hotfixes and CISA deadline issued.

Cisco customers face a seventh actively exploited SD-WAN zero-day this year, demanding urgent defensive strategies without a patch.

The Nightmare Eclipse incident highlights the enduring conflict between security researchers and vendors over vulnerability disclosure.

Ivanti customers face another actively exploited zero-day, targeting mobile endpoint security at the network edge.

Forescout study reveals commercial AI models are rapidly advancing vulnerability research and exploit development, posing new cybersecurity risks.

Huntress warns of three Microsoft Defender zero-days (BlueHammer, RedSun, UnDefend) actively exploited for privilege escalation; two unpatched.

Fortinet warns of critical FortiClient EMS zero-day allowing authentication bypass and command execution, actively exploited in the wild.

Google patches two actively exploited Chrome vulnerabilities. Billions of users urged to update immediately to prevent browser crashes or arbitrary code execution.

Byzantine monks' squid consumption due to taxonomic oversight reveals parallels to modern cybersecurity's unclassified threats and policy gaps.

Ivanti EPMM zero-days continue to plague enterprises, demanding a shift from 'patch and pray' to proactive security.

Microsoft fixes exploited Office zero-day, Fortinet patches FortiCloud SSO flaw. Critical security updates for enterprise protection.

Microsoft releases urgent OOB update for actively exploited Office zero-day, CVE-2026-21509. Immediate patching is critical.