Tag: zero-day
-
Zero-Day-Sicherheitslücke in Cisco-Catalyst-SD-WAN
Mandiant hat neue Forschungsergebnisse veröffentlicht, die detailliert beschreiben, wie ein Bedrohungsakteur eine inzwischen gepatchte Zero-Day-Sicherheitslücke in Cisco-Catalyst-SD-WAN (CVE-2026-20245) bei einem Kommunikationsdienstleister ausgenutzt hat, um die Rechte eines kompromittierten Administratorkontos auf vollständigen Root-Zugriff auszuweiten. Da diese Geräte den Datenverkehr innerhalb des Netzwerks steuern, könnte ein Angreifer mit Root-Rechten potenziell umfassende und unbemerkte Einblicke in den internen…
-
CVE-2026-20245 Zero-Day Exploited in Cisco Catalyst SD-WAN Manager to Gain Root Access
A newly disclosed zero-day vulnerability, CVE-2026-20245, has been exploited by a threat actor targeting Cisco Catalyst SD-WAN Manager. By exploiting a flaw in the platform’s file to upload functionality, the threat actor escalated privileges from a compromised administrative account to root access and used extensive anti-forensic measures to erase evidence of the attack. First seen on thecyberexpress.com Jump to…
-
Malicious hackers exploit Cisco zero-day for highest access level at communications service provider
Mandiant detailed the incident in a blog post Wednesday, but it’s unclear who was behind it or if they managed to get broad visibility into the victim’s internal traffic. First seen on cyberscoop.com Jump to article: cyberscoop.com/cisco-sd-wan-zero-day-exploit-communications-provider/
-
Cisco Catalyst SD-WAN Zero-Day CVE-2026-20245 Exploited Months Before Disclosure
Hackers exploited Cisco Catalyst SD-WAN flaw CVE-2026-20245 as a zero-day months before disclosure, enabling privileged command execution. Google-owned Mandiant reported that an unknown threat actor exploited Cisco Catalyst SD-WAN vulnerability CVE-2026-20245 (CVSS base score of 7.8) as a zero-day at least two months before it was publicly disclosed. The flaw allows an authenticated attacker with…
-
Mandiant reveals how Cisco SD-WAN zero-day attacks gained root access
New details have been revealed on how hackers exploited a Cisco Catalyst SD-WAN vulnerability tracked as CVE-2026-20245 in zero-day attacks to create rogue root accounts on targeted devices. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/mandiant-reveals-how-cisco-sd-wan-zero-day-attacks-gained-root-access/
-
Cisco Catalyst SD-WAN Zero-Day CVE-2026-20245 Exploited to Gain Root Access
An unknown threat actor exploited a recently disclosed high-severity security flaw impacting Cisco Catalyst SD-WAN as a zero-day at least two months before it was publicly disclosed, according to new findings from Google-owned Mandiant.The vulnerability, tracked as CVE-2026-20245 (CVSS score: 7.8), allows an authenticated, local attacker to execute arbitrary commands with elevated privileges First seen…
-
Five Eyes Agencies Warn AI Is Accelerating Cyber Threats and Zero-Day Exploitation
The Five Eyes cyber security agencies have issued a joint warning that artificial intelligence is rapidly accelerating cyber threats, including the exploitation of zero day vulnerabilities, and urged organizations to act immediately. In a statement released on June 22, 2026, senior leaders from agencies across the United States, United Kingdom, Canada, Australia, and New Zealand…
-
No Zero-Day Tied to 80,000 Harvested Fortinet Credentials
Researchers and Vendor Both Cite Previously Leaked Credentials, Brute-Force Attacks. The FortiBleed campaign harvesting and selling working credentials for 80,000 Fortinet firewalls and SSL-VPN gateways doesn’t appear to tie to a zero-day exploit, but rather attackers reusing leaked credentials or brute-forcing systems with weak password hygiene, the vendor and experts said. First seen on govinfosecurity.com…
-
(g+) Exchange OWA XSS: Angriff per Mail und ein Patch, der nicht alle erreicht
Ein aktiv ausgenutzter Zero-Day in Exchange OWA ist gepatcht, für 2016 und 2019 aber nur gegen Aufpreis. Was zu tun ist. First seen on golem.de Jump to article: www.golem.de/news/exchange-owa-xss-angriff-per-mail-und-ein-patch-der-nicht-alle-erreicht-2606-209967.html
-
AI-Driven Threats, Zero-Days, and Data Breaches Define This Week in Cybersecurity for June 2026
Weekly summary of Cybersecurity Insider newsletters First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/weekly-roundup/ai-driven-threats-zero-days-and-data-breaches-define-this-week-in-cybersecurity-for-june-2026/
-
Microsoft Confirms RoguePlanet Zero-Day in Defender, Patch Under Development
Microsoft confirmed the RoguePlanet Defender zero-day (CVE-2026-50656), a privilege escalation flaw, and is developing a security patch. Microsoft has acknowledged the RoguePlanet zero-day affecting Microsoft Defender, tracked as CVE-2026-50656 (CVSS score of 7.8). The vulnerability allows privilege escalation through the Microsoft Malware Protection Engine. The company stated it is aware of the issue and is…
-
Microsoft Confirms RoguePlanet Zero-Day Exploit Targeting Defender
Microsoft has confirmed a newly disclosed zero-day vulnerability, tracked as CVE-2026-50656, affecting Microsoft Defender, following the public release of a proof-of-concept (PoC) exploit dubbed “RoguePlanet” by security researcher NightmareEclipse. The vulnerability, classified as an elevation-of-privilege flaw, was officially published on June 16, 2026, and is already drawing attention due to its reliability and ability to…
-
Microsoft Confirms RoguePlanet Zero-Day Exploit Targeting Defender
Microsoft has confirmed a newly disclosed zero-day vulnerability, tracked as CVE-2026-50656, affecting Microsoft Defender, following the public release of a proof-of-concept (PoC) exploit dubbed “RoguePlanet” by security researcher NightmareEclipse. The vulnerability, classified as an elevation-of-privilege flaw, was officially published on June 16, 2026, and is already drawing attention due to its reliability and ability to…
-
Microsoft Confirms RoguePlanet Defender Zero-Day, Says Patch is in Development
Microsoft has formally disclosed that it’s working to release a patch to address a Defender zero-day codenamed RoguePlanet.The vulnerability has now been assigned the CVE identifier CVE-2026-50656 (CVSS score: 7.8), with the tech giant describing it as a privilege escalation flaw.”Microsoft is aware of an elevation of privilege in the Microsoft Malware Protection Engine in…
-
Microsoft working on patch for RoguePlanet Defender zero-day (CVE-2026-50656)
Microsoft has acknowledged the local elevation of privilege issue in Microsoft Defender that can be triggered via the >>RoguePlanet<>working … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/06/17/rogueplanet-zero-day-cve-2026-50656/
-
Microsoft working on Defender patch for RoguePlanet zero-day
Microsoft confirmed that it’s working on a security patch for a Defender zero-day vulnerability named “RoguePlanet,” disclosed one week ago. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/microsoft-working-on-defender-patch-for-rogueplanet-zero-day/
-
ShinyHunters Hits Universities Via Oracle Zero-Day
Mandiant: 68% of Targets Were Higher Ed Institutions Running PeopleSoft. ShinyHunters exploited a critical zero-day in Oracle PeopleSoft to breach more than 100 organizations globally, researchers at Mandiant and Google’s Threat Intelligence Group said, with universities and colleges accounting for the majority of confirmed targets in the active extortion campaign. First seen on govinfosecurity.com Jump…
-
Cisco fixes SD-WAN vManage flaw exploited in zero-day attacks
Cisco has released security updates to address a vulnerability in the Catalyst SD-WAN Manager, tracked as CVE-2026-20262, that was exploited in attacks to escalate to root privileges. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/cisco-fixes-sd-wan-vmanage-flaw-exploited-in-zero-day-attacks/
-
Oracle Warns PeopleSoft Customers After Critical Zero-Day Exploited
Oracle issued emergency guidance for CVE-2026-35273, a critical PeopleSoft flaw exploited in a ShinyHunters-linked campaign targeting universities. The post Oracle Warns PeopleSoft Customers After Critical Zero-Day Exploited appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-oracle-peoplesoft-zero-day-shinyhunters/
-
âš¡ Weekly Recap: Chrome 0-Day, UniFi Exploits, macOS Stealers, VPN Flaw and More
Stuff broke again. Not in a movie way. An old tool was left exposed. An abandoned package was abused. A deprecated feature was still running in prod.This week is the same lesson in a new form: phishing kits are easier to rent, AI names are useful bait, old login paths still fail, and forgotten software…
-
Mandiant bestätigt CVE-2026-35273 und aktive Angriffe – ShinyHunters missbrauchen Zero-Day-Lücke in Oracle PeopleSoft
First seen on security-insider.de Jump to article: www.security-insider.de/shinyhunters-oracle-peoplesoft-zero-day-cve-2026-35273-a-8b23ff9753f50c14facb5845c4b23ee4/
-
Week in review: Exploited Check Point VPN zero-day, Oracle PeopleSoft servers under attack
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: DockSec: Open-source AI-powered Docker security scanner DockSec is an OWASP … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/06/14/week-in-review-exploited-check-point-vpn-zero-day-oracle-peoplesoft-servers-under-attack/
-
The FCC Wants to Kill Burner Phones
Plus: AI bug hunting fuels Microsoft’s biggest-ever Patch Tuesday, ShinyHunters ransomware gang exploits an Oracle zero-day, and more. First seen on wired.com Jump to article: www.wired.com/story/security-news-this-week-the-fcc-wants-to-kill-burner-phones/
-
New Windows Zero-Day Claims BitLocker Bypass Amid Microsoft Disclosure Fight
A new Windows zero-day reportedly bypasses BitLocker, adding pressure on Microsoft as researchers debate the exploit’s real-world impact. The post New Windows Zero-Day Claims BitLocker Bypass Amid Microsoft Disclosure Fight appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-windows-bitlocker-zero-day-june-2026/
-
ShinyHunters Uses Oracle Zero-Day to Rampage Higher Ed
A major bug in Oracle’s ERP software disproportionately affected American universities, and hackers have capitalized by stealing gobs of data. First seen on darkreading.com Jump to article: www.darkreading.com/vulnerabilities-threats/shinyhunters-oracle-zero-day-higher-ed
-
PeopleSoft 0-day affecting hundreds of organizations steals gigabytes of data
Vulnerability in the Oracle-owned PeopleSoft software is about as critical as they come. First seen on arstechnica.com Jump to article: arstechnica.com/security/2026/06/peoplesoft-0-day-affecting-hundreds-of-organizations-steals-gigabytes-of-data/
-
Oracle fixes PeopleSoft flaw exploited by ShinyHunters
A zero-day vulnerability affecting Oracle’s PeopleSoft products is being exploited by a ShinyHunters campaign targeting schools and universities. First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366644375/Oracle-fixes-PeopleSoft-flaw-exploited-by-ShinyHunters
-
ShinyHunters Target Universities in Oracle PeopleSoft Zero-Day Attack
Google says ShinyHunters exploited Oracle PeopleSoft zero-day to steal data from 100+ organisations, with universities making up most victims. First seen on hackread.com Jump to article: hackread.com/shinyhunters-universities-oracle-peoplesoft-zero-day-attack/
-
Zero-Days, AI Exploits, and Supply Chain Risks Define This Week in Cybersecurity in June 2026
Weekly summary of Cybersecurity Insider newsletters First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/weekly-roundup/zero-days-ai-exploits-and-supply-chain-risks-define-this-week-in-cybersecurity-in-june-2026/
-
Oracle PeopleSoft RCE Flaw Used as Zero-Day in Ongoing ShinyHunters Campaign
Tags: advisory, breach, exploit, flaw, google, group, intelligence, mandiant, oracle, rce, remote-code-execution, threat, update, vulnerability, zero-dayShinyHunters exploited a critical Oracle PeopleSoft zero-day to breach over 100 organizations, mostly universities, before a patch was available. Mandiant and Google’s Threat Intelligence Group published an analysis of an active ShinyHunters campaign on June 11, one day after Oracle finally issued an advisory for the vulnerability being exploited. The gap matters: the activity ran…