Microsoft Confirms MSHTML Zero-Day CVE-2026-21513 Used in APT28 Attack
A security vulnerability in Microsoft Windows, tracked as CVE-2026-21513, may have been actively exploited by the Russia-linked cyber espionage group […]
Zero-Day
Cisco SD-WAN Zero-Day CVE-2026-20127 Actively Exploited Since 2023
A critical zero-day vulnerability in Cisco SD-WAN products has been actively exploited by advanced threat actors since at least 2023.
Critical Chrome Security Flaw CVE-2026-2441 Under Active Attack
Google has released an urgent security update for its Chrome web browser after confirming that a dangerous zero-day vulnerability is
CVE-2026-20700: Apple Fixes Zero-Day Impacting iPhone, Mac, and Apple Watch
Apple has released a series of important security updates to fix a dangerous zero-day vulnerability that was actively exploited in
Microsoft Office Zero-Day CVE-2026-21509 Actively Exploited
Microsoft has released emergency out-of-band security updates to fix a dangerous zero-day vulnerability in Microsoft Office that is being actively
Apple Fixes Actively Exploited WebKit Zero-Day Flaws Across iOS and macOS
Apple has released critical security updates for its entire ecosystem after confirming that two serious WebKit vulnerabilities were actively exploited
Gogs Zero-Day Exploited: 700+ Servers Hacked Worldwide
A newly discovered zero-day vulnerability in Gogs, a popular self-hosted Git service, is being actively exploited in the wild, putting
Oracle Zero-Day (CVE-2025-61757) Under Active Exploitation, CISA Issues Alert
CISA has issued an urgent warning about a critical zero-day vulnerability in Oracle Identity Manager, a widely used enterprise identity
CVE-2025-21042: Samsung Zero-Day Exploited to Deploy LANDFALL Spyware
A serious security flaw in Samsung Galaxy smartphones was exploited as a zero-day vulnerability to secretly install a powerful Android
New VMware Vulnerability CVE-2025-41244 Under Active Exploitation
CISA has issued a serious warning after adding a new VMware vulnerability to its Known Exploited Vulnerabilities (KEV) catalog. The
CVE-2025-41244: VMware Zero-Day Exploited in Real Attacks, Patch Released
A critical security flaw in Broadcom VMware Tools and VMware Aria Operations has been actively exploited by a China-linked hacking
Google Patches Chrome Zero-Day CVE-2025-10585 Exploited in Active Attacks
Google has released an update for its Chrome browser to patch four security flaws, including a critical zero-day vulnerability already
Critical Samsung Android Zero-Day Vulnerability CVE-2025-21043 Patched
Samsung has rolled out its September 2025 Android Security Maintenance Release (SMR), fixing several vulnerabilities, including a critical zero-day flaw
FreePBX Zero-Day Exploit Hits Servers, Emergency Patch Released
The Sangoma FreePBX Security Team has issued an urgent warning about a dangerous zero-day vulnerability in FreePBX. Attackers are already
CVE-2025-43300: Apple Patches Zero-Day Exploited in Targeted iPhone and Mac Attacks
Apple has rolled out urgent security updates for iOS, iPadOS, and macOS to patch a critical zero-day vulnerability actively exploited