Collecting Cyber-News from over 60 sources

Tag: zero-day

Windows Defender 0-Day Published Online, Giving Attackers Potential Full Access

Apr 7, 2026 7:52 AM

Tags: access, cyber, data-breach, flaw, microsoft, update, vulnerability, windows, zero-day

A newly discovered zero-day vulnerability, dubbed >>BlueHammer,<< has been publicly disclosed. The flaw, which has been linked to Windows Defender, allows attackers to achieve Local Privilege Escalation (LPE) and potentially gain full administrative access to compromised systems. Because a patch is not yet available from Microsoft, this public release leaves Windows users temporarily exposed to…
Fortinet customers confront actively exploited zero-day, with a full patch still pending

Apr 6, 2026 11:51 PM

Tags: exploit, fortinet, update, zero-day

Two critical defects in FortiClient EMS have been exploited in the past couple weeks. Experts push for users to apply an immediate hotfix. First seen on cyberscoop.com Jump to article: cyberscoop.com/fortinet-forticlient-ems-zero-day-cve-2026-35616-hotfix-known-exploited/
Fortinet Issues Emergency Patch for FortiClient Zero-Day

Apr 6, 2026 11:51 PM

Tags: authentication, cve, exploit, flaw, fortinet, update, vulnerability, zero-day

The authentication bypass flaw, tracked as CVE-2026-35616, is the latest in a series of Fortinet vulnerabilities that have been exploited in the wild. First seen on darkreading.com Jump to article: www.darkreading.com/vulnerabilities-threats/fortinet-emergency-patch-forticlient-zero-day
Fortinet Issues Emergency Patch for FortiClient Zero-Day

Apr 6, 2026 11:51 PM

Tags: authentication, cve, exploit, flaw, fortinet, update, vulnerability, zero-day

The authentication bypass flaw, tracked as CVE-2026-35616, is the latest in a series of Fortinet vulnerabilities that have been exploited in the wild. First seen on darkreading.com Jump to article: www.darkreading.com/vulnerabilities-threats/fortinet-emergency-patch-forticlient-zero-day
Medusa ransomware group using zero-days to launch attacks within 24 hours of breach, Microsoft says

Apr 6, 2026 10:51 PM

Tags: access, attack, breach, data, group, microsoft, ransomware, zero-day

Microsoft said it has been alarmed to see how effective Medusa actors are, citing multiple cases where the group can move from initial access to data exfiltration and ransomware deployment within 24 hours. First seen on therecord.media Jump to article: therecord.media/medusa-ransomware-group-zero-days-microsoft
Disgruntled researcher leaks “BlueHammer” Windows zero-day exploit

Apr 6, 2026 9:52 PM

Tags: exploit, flaw, leak, microsoft, windows, zero-day

Exploit code has been released for an unpatched Windows privilege escalation flaw reported privately to Microsoft, allowing attackers to gain SYSTEM or elevated administrator permissions. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/disgruntled-researcher-leaks-bluehammer-windows-zero-day-exploit/
Attackers exploited this critical FortiClient EMS bug as a 0-day

Apr 6, 2026 8:52 PM

Tags: cisa, exploit, flaw, fortinet, kev, zero-day

CISA added the flaw to KEV after Fortinet confirmed exploitation in the wild First seen on theregister.com Jump to article: www.theregister.com/2026/04/06/forticlient_ems_bug_exploited/
CVE-2026-35616: Fortinet FortiClientEMS improper access control vulnerability exploited in the wild

Apr 6, 2026 7:52 PM

Tags: access, advisory, api, attack, authentication, cisa, control, cve, cyber, cybersecurity, data, exploit, flaw, fortinet, github, infrastructure, injection, kev, malicious, ransomware, sql, threat, update, vpn, vulnerability, zero-day

Exploitation has been observed for CVE-2026-35616, a critical improper access control zero-day vulnerability affecting Fortinet FortiClientEMS devices. Key takeaways: CVE-2026-35616, an improper access control vulnerability, has been exploited in the wild as a zero-day. Public exploit code has been identified and Fortinet products have a long history of targeting by malicious actors. Hotfixes have been…
Attackers Target Zero-Day Flaw in Fortinet Security Software

Apr 6, 2026 7:52 PM

Tags: endpoint, flaw, fortinet, software, zero-day

Vendor Issues Hotfix for Critical Flaw in FortiClient Endpoint Management Server. Fortinet’s endpoint management security server software is under fire from attackers, who are actively targeting two critical flaws, including a fresh zero-day that facilitates unauthenticated remote code or command execution. The vendor has issued a hotfix and promised a full patch. First seen on…
Microsoft links Medusa ransomware affiliate to zero-day attacks

Apr 6, 2026 7:52 PM

Tags: attack, china, cybercrime, exploit, group, microsoft, ransomware, zero-day

Microsoft says that Storm-1175, a China-based financially motivated cybercriminal group known for deploying Medusa ransomware payloads, has been deploying n-day and zero-day exploits in high-velocity attacks. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/microsoft-links-medusa-ransomware-affiliate-to-zero-day-attacks/
New Fortinet Flaw Allows Unauthorized Access to Enterprise Systems

Apr 6, 2026 6:50 PM

Tags: access, authentication, exploit, flaw, fortinet, unauthorized, vulnerability, zero-day

Fortinet warns of a critical FortiClient EMS zero-day vulnerability that is currently being exploited, allowing attackers to bypass authentication and execute commands. The post New Fortinet Flaw Allows Unauthorized Access to Enterprise Systems appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-fortinet-forticlient-ems-zero-day-active-exploitation/
âš¡ Weekly Recap: Axios Hack, Chrome 0-Day, Fortinet Exploits, Paragon Spyware and More

Apr 6, 2026 4:51 PM

Tags: attack, browser, chrome, exploit, fortinet, software, spyware, tool, zero-day

This week had real hits. The key software got tampered with. Active bugs showed up in the tools people use every day. Some attacks didn’t even need much effort because the path was already there.One weak spot now spreads wider than before. What starts small can reach a lot of systems fast. New bugs, faster…
Chinesische APT nutzt CitrixDay – Salt Typhoon: Systematischer und verdeckter Angriff

Apr 6, 2026 12:51 PM

Tags: apt, citrix, cyberattack, zero-day

First seen on security-insider.de Jump to article: www.security-insider.de/salt-typhoon-systematischer-und-verdeckter-angriff-a-ce0e527281b7bb9a75b4623a5d628bb0/
FortiClient EMS zero-day exploited, emergency hotfixes available (CVE-2026-35616)

Apr 4, 2026 4:51 PM

Tags: cyber, endpoint, exploit, fortinet, vulnerability, zero-day

Defused Cyber has spotted a critical Fortinet FortiClient Endpoint Management Server (EMS) zero-day vulnerability (CVE-2026-35616) being exploited in the wild. This time … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/04/04/forticlient-ems-zero-day-cve-2026-35616/
Cisco fixes critical IMC auth bypass present in many products

Apr 3, 2026 11:52 PM

Tags: access, ai, api, apt, attack, authentication, cisco, computing, credentials, cybersecurity, dns, email, exploit, firewall, firmware, flaw, group, infrastructure, linux, malicious, monitoring, network, password, ransomware, risk, router, vulnerability, zero-day

[ Related: More Cisco news and insights ] The Cisco IMC is a baseboard management controller (BMC), a dedicated controller embedded into server motherboards with its own RAM and network interface that gives administrators monitoring and management capabilities as if they were physically connected to the server with a keyboard, monitor, and mouse (KVM). Because BMCs run…
5 essential steps to bulletproof your endpoint security (and avoid the biggest mistakes)

Apr 3, 2026 10:52 PM

Tags: ai, antivirus, attack, automation, backup, business, control, data, defense, detection, edr, endpoint, exploit, identity, linux, macOS, malware, metric, monitoring, ransomware, resilience, risk, soc, strategy, threat, tool, unauthorized, update, vulnerability, windows, zero-day

Inventory all devices continuously. Go beyond manual tracking. Automated discovery tools can identify each device, from remote laptops to IoT assets, as soon as they join your network. Mitigate shadow IT risk. Unmanaged devices are a favorite entry point for attackers. Every asset must be accounted for and brought under management. No exceptions. Learn more about automating discovery and reducing blind spots in your endpoint management strategy…
5 essential steps to bulletproof your endpoint security (and avoid the biggest mistakes)

Apr 3, 2026 10:52 PM

Tags: ai, antivirus, attack, automation, backup, business, control, data, defense, detection, edr, endpoint, exploit, identity, linux, macOS, malware, metric, monitoring, ransomware, resilience, risk, soc, strategy, threat, tool, unauthorized, update, vulnerability, windows, zero-day

Inventory all devices continuously. Go beyond manual tracking. Automated discovery tools can identify each device, from remote laptops to IoT assets, as soon as they join your network. Mitigate shadow IT risk. Unmanaged devices are a favorite entry point for attackers. Every asset must be accounted for and brought under management. No exceptions. Learn more about automating discovery and reducing blind spots in your endpoint management strategy…
Breach Roundup: Feds Confirm ‘Major’ Hack of FBI System

Apr 3, 2026 5:50 AM

Tags: breach, citrix, data, exploit, flaw, fraud, healthcare, iran, leak, ransomware, russia, update, zero-day

Also, Lloyds Data Leak, Dutch Treasury Breach, Citrix Bug Exploit, Pay2Key Activity. This week, Lloyds data leak hits 450K, Dutch treasury breach, Citrix flaw exploited, Iran-linked ransomware ops, TrueConf zero-day, Russian fraud ring sentenced, Romania targeted, patch gaps persist, and U.S. hospital breach affects 257K. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/breach-roundup-feds-confirm-major-hack-fbi-system-a-31329
When Your Own Eyes Turn Against You: How Compromised Security Cameras and IoT/OT Devices Become Tools for Your Attackers

Apr 3, 2026 1:51 AM

Tags: access, advisory, attack, botnet, cctv, china, cloud, control, corporate, credentials, cyber, cyberattack, cybersecurity, dark-web, data, data-breach, defense, detection, endpoint, espionage, exploit, finance, firmware, flaw, government, group, hacking, healthcare, infrastructure, intelligence, international, Internet, iot, iran, law, linux, malware, network, office, privacy, ransomware, resilience, risk, russia, service, supply-chain, technology, threat, tool, ukraine, unauthorized, update, vpn, vulnerability, warfare, windows, zero-day, zero-trust

TL;DR Security cameras, IoT, and OT devices that are meant to protect us, are easily compromised and turned against defenders, enabling nation-state reconnaissance (Iranian hacks on Hikvision/Dahua cameras during strikes, Russian webcam abuse in Ukraine), espionage via exposed live feeds, ransomware pivots (Akira group bypassing EDR), massive botnets (Mirai/Eleven11bot), and physical disruption. Structural weaknesses like…
Patch Now: Chrome Flaw Under Active Attack, Google Confirms

Apr 2, 2026 9:52 PM

Tags: attack, browser, chrome, exploit, flaw, google, update, vulnerability, zero-day

Google patches 21 Chrome vulnerabilities, including an actively exploited zero-day flaw that could enable code execution and full device compromise. The post Patch Now: Chrome Flaw Under Active Attack, Google Confirms appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-chrome-zero-day-cve-2026-5281-active-exploit/
CISA Issues Alert on Chrome Zero-Day Under Active Exploitation

Apr 2, 2026 11:51 AM

Tags: browser, chrome, cisa, cve, cyber, cybersecurity, exploit, flaw, google, hacker, infrastructure, kev, vulnerability, zero-day

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent warning regarding a critical zero-day vulnerability affecting Google Chrome and other Chromium-based web browsers. Officially tracked as CVE-2026-5281, this security flaw has been added to CISA’s Known Exploited Vulnerabilities (KEV) catalog because hackers are actively exploiting it in real-world attacks. The vulnerability originates…
Cybersecurity in the age of instant software

Apr 2, 2026 11:51 AM

Tags: access, ai, attack, computing, control, credentials, cybersecurity, deep-fake, defense, detection, exploit, flaw, injection, intelligence, iot, malicious, network, open-source, programming, risk, social-engineering, software, technology, tool, update, vulnerability, zero-day

Automating patch creation: But that’s just half of the arms race. Defenders get to use AI, too. These same AI vulnerability-finding technologies are even more valuable for defense. When the defensive side finds an exploitable vulnerability, it can patch the code and deny it to attackers forever.How this works in practice depends on another related…
TrueConf zero-day vulnerability exploited to target government networks

Apr 2, 2026 11:51 AM

Tags: china, exploit, government, malware, network, vulnerability, zero-day

Suspected China-nexus attackers have leveraged a zero-day vulnerability (CVE-2026-3502) in the TrueConf client application to distribute malware within government networks in … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/04/02/trueconf-zero-day-vulnerability-cyber-espionage/
Vim and GNU Emacs: Claude Code helpfully found zero-day exploits for both

Apr 1, 2026 8:31 PM

Tags: ai, attack, control, cve, cvss, cybersecurity, exploit, flaw, LLM, malicious, sql, tool, vulnerability, zero-day

P_MLE and P_SECURE) in the tabpanel sidebar introduced in 2025, and a missing security check in the autocmd_add() function.Claude Code then helpfully tried to find ways to exploit the vulnerability, eventually suggesting a tactic that bypassed the Vim sandbox by persuading a target to open a malicious file. It had gone from prompt to proof-of-concept…
How Sonatype’s Container Scanning Protects You From Zero-Days

Apr 1, 2026 5:29 PM

Tags: container, programming, software, tool, zero-day

<div cla Software development moves fast, and engineering teams face intense pressure to deliver applications securely without slowing down. Containers offer incredible speed and portability, allowing developers to build and deploy applications rapidly. But this speed introduces hidden risks when organizations rely on inadequate tools to secure their environments. First seen on securityboulevard.com Jump to…
New Chrome Zero-Day CVE-2026-5281 Under Active Exploitation, Patch Released

Apr 1, 2026 4:29 PM

Tags: browser, chrome, cve, exploit, flaw, google, open-source, update, vulnerability, zero-day

Google on Thursday released security updates for its Chrome web browser to address 21 vulnerabilities, including a zero-day flaw that it said has been exploited in the wild.The high-severity vulnerability, CVE-2026-5281 (CVSS score: N/A), concerns a use-after-free bug in Dawn, an open-source and cross-platform implementation of the WebGPU standard.”Use-after-free in Dawn in Google Chrome prior…
Zero-Day-Schwachstelle in abgehärteten Videokonferenz-Tool Trueconf

Apr 1, 2026 3:30 PM

Tags: bug, exploit, malware, phishing, software, tool, update, vulnerability, zero-day

Check Point Research (CPR) hat eine bisher unbekannte Zero-Day-Sicherheitslücke in der Videokonferenz-Software <> aufgedeckt. Wie die Sicherheitsforscher von Check Point Software Technologies herausfanden, konnten Angreifer vertrauenswürdige, lokal installierte Software-Updates missbrauchen. Sie verbreiteten so unbemerkt Malware in mehreren südostasiatischen Behörden und Regierungsapparaten. Die Täter mussten also weder auf Phishing, also den Diebstahl von Anmeldedaten, noch auf Exploits…
Google Warns of New Chrome Zero-Day Under Active Exploitation Users Urged to Update Immediately

Apr 1, 2026 3:30 PM

Tags: browser, chrome, cyber, exploit, flaw, google, linux, threat, update, vulnerability, windows, zero-day

Google has released an urgent security update for its Chrome desktop browser to address 21 vulnerabilities, including a critical zero-day flaw that is actively being exploited in the wild. Users are strongly urged to update their browsers immediately to version 146.0.7680.177/.178 for Windows and Mac, or 146.0.7680.177 for Linux . Active Zero-Day Threat The most…
Google fixes Chrome zero-day with in-the-wild exploit (CVE-2026-5281)

Apr 1, 2026 2:29 PM

Tags: browser, chrome, cve, exploit, google, vulnerability, zero-day

Google has fixed 21 vulnerabilities affecting its popular Chrome browser, among them a zero-day (CVE-2026-5281) with an in-the-wild exploit. About CVE-2026-5281 As per usual, … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/04/01/google-chrome-zero-day-cve-2026-5281/
ImageMagick Zero-Day Enables RCE on Linux and WordPress Servers

Apr 1, 2026 1:29 PM

Tags: linux, network, rce, remote-code-execution, vulnerability, wordpress, zero-day

New research from Octagon Networks reveals a critical zero-day ImageMagick vulnerability that allows Remote Code Execution (RCE) via simple image uploads affecting Ubuntu, Amazon Linux, and WordPress. This magic byte shift bypasses even the most secure policies. First seen on hackread.com Jump to article: hackread.com/imagemagick-zero-day-rce-linux-wordpress-servers/