Tag: zero-day
-
Microsoft says hackers are exploiting critical zero-day bugs to target Windows and Office users
Critical security flaws targeting Windows and Office users allow hackers to take complete control of a victim’s computer by clicking a malicious link or opening a file. Patch now. First seen on techcrunch.com Jump to article: techcrunch.com/2026/02/11/microsoft-says-hackers-are-exploiting-critical-zero-day-bugs-to-target-windows-and-office-users/
-
Microsoft Patch Tuesday security updates for February 2026 fix six actively exploited zero-days
Microsoft Patch Tuesday security updates for February 2026 fix six actively exploited zero-day vulnerabilities. Microsoft Patch Tuesday security updates for February 2026 fix 58 new security flaws across Windows, Office, Azure, Edge, Exchange, Hyper-V, WSL, and other components, rising to 62 CVEs when third-party updates are included. Five vulnerabilities are Critical, two Moderate, and most…
-
Microsoft’s Valentine’s gift to admins: 6 exploited zero-day fixes
Roses are red, violets are blue … now get patching First seen on theregister.com Jump to article: www.theregister.com/2026/02/10/microsofts_valentines_gift_to_admins/
-
Microsoft Discloses ‘Extraordinarily High’ Number Of Zero-Day Vulnerabilities: Researcher
Microsoft’s monthly release of security updates Tuesday included fixes for six vulnerabilities that are considered to be actively exploited in cyberattacks. First seen on crn.com Jump to article: www.crn.com/news/security/2026/microsoft-discloses-extraordinarily-high-number-of-zero-day-vulnerabilities-researcher
-
Microsoft Patches 6 Actively Exploited Zero-Days
Three of those zero-days are security feature bypass flaws, which give attackers a way to slip past built-in protections in multiple Microsoft products. First seen on darkreading.com Jump to article: www.darkreading.com/vulnerabilities-threats/microsoft-fixes-6-actively-exploited-zero-days
-
Microsoft Patch Tuesday matches last year’s zero-day high with six actively exploited vulnerabilities
Microsoft said three of the exploited vulnerabilities were publicly known, suggesting attackers already had details about the defects prior to Tuesday’s release. First seen on cyberscoop.com Jump to article: cyberscoop.com/microsoft-patch-tuesday-february-2026/
-
Microsoft releases Windows 10 KB5075912 extended security update
Microsoft has released the Windows 10 KB5075912 extended security update to fix February 2026 Patch Tuesday vulnerabilities, including six zero-days, and continue rolling out replacements for expiring Secure Boot certificates. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/microsoft-releases-windows-10-kb5075912-extended-security-update/
-
Microsoft February 2026 Patch Tuesday fixes 6 zero-days, 58 flaws
Today is Microsoft’s February 2026 Patch Tuesday with security updates for 58 flaws, including 6 actively exploited and three publicly disclosed zero-day vulnerabilities. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/microsoft-february-2026-patch-tuesday-fixes-6-zero-days-58-flaws/
-
European Governments Breached in Zero-Day Attacks Targeting Ivanti
The European Commission and government agencies in Finland and the Netherlands have suffered potentially related breaches First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/european-governments-zeroday/
-
Fancy Bear Exploits Microsoft Zero-Day to Deploy Backdoors and Email Stealers
Fancy Bear has launched a sophisticated campaign exploiting a critical zero-day vulnerability in Microsoft RTF files to target users across Central and Eastern Europe. The operation, dubbed >>Operation Neusploit,<< demonstrates the group's continued evolution in tradecraft and its strategic focus on regions of geopolitical interest to Russia. The group embedded malicious code within specially crafted…
-
Dutch Authorities Confirm Ivanti Zero-Day Exploit Exposed Employee Contact Data
The Netherlands’ Dutch Data Protection Authority (AP) and the Council for the Judiciary confirmed both agencies (Rvdr) have disclosed that their systems were impacted by cyber attacks that exploited the recently disclosed security flaws in Ivanti Endpoint Manager Mobile (EPMM), according to a notice sent to the country’s parliament on Friday.”On January 29, the National…
-
Anthropic’s DXT poses “critical RCE vulnerability” by running with full system privileges
Difference are ‘stark’: Principal AI Security Researcher at LayerX Security Roy Paz said that he tested DXT against Perplexity’s Comet, OpenAI’s Atlas, and Microsoft’s CoPilot, and the differences were stark.”When you ask Copilot, Atlas, or Perplexity to use a tool, then it will use that tool for you. But Claude DXT allows tools to talk…
-
Anthropic’s DXT poses “critical RCE vulnerability” by running with full system privileges
Difference are ‘stark’: Principal AI Security Researcher at LayerX Security Roy Paz said that he tested DXT against Perplexity’s Comet, OpenAI’s Atlas, and Microsoft’s CoPilot, and the differences were stark.”When you ask Copilot, Atlas, or Perplexity to use a tool, then it will use that tool for you. But Claude DXT allows tools to talk…
-
Fallout from latest Ivanti zero-days spreads to nearly 100 victims
Shadowserver scans have identified 86 compromised instances, and researchers warn multiple threat groups are involved. First seen on cyberscoop.com Jump to article: cyberscoop.com/ivanti-zero-day-vulnerabilities-netherlands-european-commission-shadowserver/
-
Ivanti Zero-Days Likely Deployed in EU and Dutch Hacks
Ivanti’s Endpoint Manager Mobile Flaws Under Active Exploitation. The European Commission fell victim to a cyberattack that could have allowed the theft of some staff personal information. The European Union’s executive body said Friday it detected on Jan. 30 an attack on its central infrastructure managing mobile devices. First seen on govinfosecurity.com Jump to article:…
-
Dutch data watchdog snitches on itself after getting caught in Ivanti zero-day attacks
Staff data belonging to the regulator and judiciary’s governing body accessed First seen on theregister.com Jump to article: www.theregister.com/2026/02/09/dutch_data_protection_ivanti/
-
EU, Dutch government announce hacks following Ivanti zero-days
Ivanti said it was aware “a very limited number of customers” had been attacked while two vulnerabilities were still unpatched. First seen on therecord.media Jump to article: therecord.media/eu-dutch-government-announce-hacks-ivanti-zero-days
-
EU, Dutch government announce hacks following Ivanti zero-days
Ivanti said it was aware “a very limited number of customers” had been attacked while two vulnerabilities were still unpatched. First seen on therecord.media Jump to article: therecord.media/eu-dutch-government-announce-hacks-ivanti-zero-days
-
BeyondTrust Remote Access Products Hit by 0-Day RCE Vulnerability
BeyondTrust has issued an urgent security advisory regarding a critical zero-day vulnerability affecting its popular remote access solutions. The flaw, tracked as CVE-2026-1731, carries a near-maximum severity score of 9.9 out of 10 on the CVSSv4 scale. It poses a significant risk to organizations using self-hosted versions of BeyondTrust Remote Support (RS) and Privileged Remote Access (PRA). The…
-
Claude Opus 4.6: KI findet über 500 Zero-Day-Lücken in Open-Source-Software
Anthropics neues Sprachmodell Claude Opus 4.6 hat in internen Tests Hunderte bislang unbekannte Sicherheitslücken aufgespürt – ohne spezielles Training. First seen on golem.de Jump to article: www.golem.de/news/claude-opus-4-6-ki-findet-ueber-500-zero-day-luecken-in-open-source-software-2602-205139.html
-
CISA Confirms VMware ESXi 0-Day Vulnerability Exploited in Ransomware Operations
Tags: cisa, cve, cyber, cybersecurity, exploit, flaw, infrastructure, kev, ransomware, vmware, vulnerability, zero-dayThe Cybersecurity and Infrastructure Security Agency (CISA) has officially added a critical vulnerability affecting VMware ESXi to its Known Exploited Vulnerabilities (KEV) catalog. Tracked as CVE-2025-22225, this zero-day flaw allows attackers to escape security sandboxes. It is currently being leveraged in active ransomware operations. Technical Analysis of CVE-2025-22225 The vulnerability is classified as an arbitrary write memory…
-
VMware ESXi flaw now exploited in ransomware attacks
CISA confirmed on Wednesday that ransomware gangs have begun exploiting a high-severity VMware ESXi sandbox escape vulnerability that was previously used in zero-day attacks. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/cisa-vmware-esxi-flaw-now-exploited-in-ransomware-attacks/
-
Interlock Ransomware Exploits Zero-Day in Gaming Anti-Cheat Driver to Disable EDR, AV
Interlock ransomware operators have been observed using a new process”‘killing tool that abuses a zero”‘day flaw in a gaming anti”‘cheat kernel driver to try to shut down endpoint defenses (EDR/AV). The activity was documented during an intrusion against a North Americabased education organization and shows Interlock continuing to evolve its internal tooling rather than relying…
-
Why Zero-Day Downstream Mass Data Extortion Campaigns are Losing Their Bite
Are we seeing the extinction of mass data exfiltration campaigns? The stats demonstrate these attacks are losing their efficacy. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/02/why-zero-day-downstream-mass-data-extortion-campaigns-are-losing-their-bite/
-
Ivanti’s EPMM is under active attack, thanks to two critical zero-days
Limited attacks occurred prior to Ivanti’s disclosure, followed by mass exploitation by multiple threat groups. More than 1,400 potentially vulnerable instances remain exposed. First seen on cyberscoop.com Jump to article: cyberscoop.com/ivanti-endpoint-manager-mobile-zero-day-vulnerabilities-exploit/
-
APT28 Exploits Active Microsoft Office Zero-Day to Deliver Malware
The Russia-linked advanced persistent threat group APT28 has been observed actively exploiting a zero-day vulnerability in Microsoft Office to deliver malware through a sophisticated multi-stage attack campaign. Security researchers from Zscaler ThreatLabz identified this new operation, dubbed Operation Neusploit, targeting users across Central and Eastern Europe with weaponized RTF documents. The campaign specifically targeted Ukraine,…
-
Zero-Day in Microsoft Office Enables Stealthy Malware Infections
Tags: cve, cyber, exploit, government, infection, infrastructure, malicious, malware, microsoft, office, vulnerability, zero-dayMicrosoft disclosed a critical zero-day vulnerability in Office products on January 26, 2026, tracked as CVE-2026-21509, with active exploitation in the wild confirmed. The vulnerability enables attackers to deploy sophisticated malware through malicious document files, targeting government organizations and critical infrastructure. Indicator Type Value CVE CVE-2026-21509 Malicious Domains freefoodaid[.]com, wellnesscaremed[.]com, wellnessmedcare[.]org C2 Infrastructure *.filen.net, *.filen.io…
-
Russia-linked APT28 attackers already abusing new Microsoft Office zero-day
Ukraine’s CERT says the bug went from disclosure to active exploitation in days First seen on theregister.com Jump to article: www.theregister.com/2026/02/02/russialinked_apt28_microsoft_office_bug/
-
Ivanti Issues Urgent Fix for Critical Zero-Day Flaws Under Active Attack
Ivanti has disclosed two critical remote code execution (RCE) flaws (CVE-2026-1281 CVE-2026-1340) in its EPMM software. First seen on hackread.com Jump to article: hackread.com/ivanti-urgent-fix-critical-zero-day-vulnerabilities/