Skip to main content

Tag: zero day

265 articles

Industrial control equipment and network switch on a rack in a brightly-lit control room.

Siemens ROX II Zero-Days Expose Critical Infrastructure Risks

Our research team, in close collaboration with Siemens, uncovered a critical vulnerability chain of three zero-day exploits in Siemens ROX II operational-technology switches, posing significant risks to critical infrastructure security. This chained exploit could allow attackers to escalate from basic reconnaissance to full root-level control.

Analyst 207
Windows laptop on a desk in a home office with a person's hands on the keyboard.

Windows Zero-Day Exploit LegacyHive Grants Hackers Admin Privileges

A security researcher, known as Nightmare Eclipse, has uncovered a new Windows zero-day exploit called LegacyHive, which can grant hackers admin privileges with just a few simple steps and some standard user credentials. This alarming vulnerability targets the Windows User Profile Service, putting users at risk of serious security breaches.

Analyst 207
Government agency server room with rows of computer equipment and SharePoint technology setup.

CISA Flags Exploited SharePoint Zero-Day Vulnerability

Don't wait until it's too late: Federal agencies have until July 19, 2026, to patch a critical Microsoft SharePoint Server vulnerability, CVE-2026-58644, that's already being exploited by hackers to execute malicious code remotely. This high-severity flaw, with a CVSS score of 9.8, could allow attackers to take control of your SharePoint Server if left unpatched.

Analyst 207
Government agency's private 5G network control room with radio units and base stations.

Private 5G Networks Expose Government to Hidden Security Risks

Government agencies and military organizations risk exposing themselves to hidden security threats if they don't adopt a zero-trust approach to their private 5G networks, leaving them vulnerable to potentially devastating attacks. Without proper security measures in place, adversaries could gain unrestricted access to sensitive information and wreak havoc.

Analyst 207
Rack-mounted SonicWall SMA1000 appliance in a typical office server closet.

Attackers Exploit Zero-Days in SonicWall Appliances

Cyber attackers are exploiting two zero-day vulnerabilities, CVE-2026-15409 and CVE-2026-15410, in SonicWall appliances, with ransomware attacks seemingly their ultimate goal. Rapid7's team has thwarted attempts at data exfiltration and encryption, but the threat remains.

Analyst 207
Internal computer components, including a motherboard and UEFI firmware chip, in a bright laboratory setting.

Vulnerabilities in UEFI Shims Expose Secure Boot Bypass Risk

Thousands of systems may be at risk of a Secure Boot bypass due to vulnerabilities in 11 UEFI shim bootloaders, all signed by Microsoft, that allow attackers to circumvent security measures. These weaknesses have the potential to create a broad attack surface, putting many devices at risk of compromise.

Analyst 207
Rows of computer equipment and cables in a bright, modern lab with a laptop screen in the foreground.

AI-Powered Tool Discovers Zero-Day in WordPress Plugin

Meet the AI-powered tool that just discovered a zero-day vulnerability in a popular WordPress plugin, and learn how its automated pipeline can detect and exploit weaknesses in code. This game-changing technology can extract sensitive data, like password hashes and secret tokens, from live databases.

Analyst 207
Windows laptop on a desk with a blank screen, surrounded by papers and a pen, conveying a sense of vulnerability.

Microsoft Faces New Zero-Day Exploit Disclosure Amid Ongoing Security Dispute

A security researcher has unveiled a proof-of-concept exploit, called LegacyHive, that targets a vulnerability in Windows User Profile Service, allowing for a potential elevation of privileges. This newly disclosed exploit requires just a standard user credential and a third username to launch.

Analyst 207
Windows device on a neutral surface with abstract security elements in the background.

Microsoft Disrupts 570 Security Flaws in Record Patch Tuesday Release

Microsoft just dropped a record-breaking Patch Tuesday update, fixing a whopping 570 security flaws - nearly triple the number from last month - with nearly 60 of them rated critical, allowing attackers to take remote control of your Windows device with ease. This massive update, powered by AI-driven vulnerability discoveries, also patched three zero-day vulnerabilities already being exploited in the wild.

Analyst 207
Government official stands before large screen displaying warning message about exploited system vulnerabilities.

CISA Warns of Actively Exploited SharePoint Flaws

Don't let your SharePoint servers become an easy target: over 800 Internet-exposed servers remain unpatched against actively exploited vulnerabilities, including CVE-2026-32201 and CVE-2026-45659. Act now to protect your systems from potential attacks.

Analyst 207
Network equipment room with racked device, cables, and blurred management console.

SonicWall Zero-Days Exploited, Enable Admin Command Execution

SonicWall is urging immediate action to fix two zero-day vulnerabilities in its Secure Mobile Access (SMA) 1000 series appliances, which are being actively exploited by attackers to execute admin-level commands. These critical flaws, tracked as CVE-2026-15409 and CVE-2026-15410, could compromise your system's security if not patched right away.

Analyst 207
Laptop screen displays Windows update progress bar with blurred coding environment background.

Microsoft Unveils Record-Breaking 622 Vulnerabilities in Massive Patch Update

Get ready for the bug apocalypse - Microsoft just dropped a massive Patch Tuesday update, fixing a record-breaking 622 vulnerabilities in one fell swoop! This behemoth of a patch tackles 416 Windows defects, 82 in Office, and 46 in Microsoft Edge, with 63 critical issues that demand immediate attention.

Analyst 207
Network equipment and security appliance in a secure facility setup.

SonicWall Disrupts Zero-Day Attacks with Urgent Patch for SMA1000 Flaws

SonicWall has issued a critical patch to combat zero-day attacks exploiting two vulnerabilities in its SMA1000 line, with attackers already taking advantage of these flaws in the wild. The company urges immediate action to prevent further damage from these actively exploited security gaps.

Analyst 207
Laptop on cluttered desk with Google Docs open, surrounded by papers and notes in a home office setting.

Claude for Chrome Flaw Exposes Gmail, Google Docs to Rogue Extensions

A security flaw in Claude for Chrome could put your Gmail, Google Docs, and Calendar at risk of being accessed by rogue extensions, with researchers rating the vulnerability as high-severity. A simple script with just six lines of code can trick the extension into treating a fake click as a genuine user action.

Analyst 207
Windows 10 laptop screen on a neutral surface with a blurred office background.

Microsoft Bolsters Windows 10 Security with KB5099539 Update

Microsoft just released a major security update for Windows 10, packed with fixes for a whopping 570 vulnerabilities, including some that were already being exploited by hackers. The KB5099539 update is a crucial security boost for Windows 10 users, with no new features but essential bug fixes and protection.

Analyst 207
Laptop screen with blurred background displays patch management system interface.

Microsoft Patch Tuesday Disrupts 570 Flaws, Fixes 3 Zero-Days

Microsoft just dropped a massive Patch Tuesday update, tackling a record-breaking 570 security flaws, including three zero-day vulnerabilities that hackers were exploiting or had publicly disclosed. This critical update is a must-apply to keep your systems safe.

Analyst 207
Server room interior with rows of racks and one empty storage bay centered.

Progress Confirms Zero-Day Flaw Behind ShareFile Shutdown

A critical zero-day flaw allowed hackers to access sensitive files, write malicious content, and map server files - prompting Progress Software to urgently shut down ShareFile Storage Zone Controller Windows servers to protect customer data. The emergency move came after a credible external security threat was flagged, temporarily disabling access to all affected ShareFile accounts.

Analyst 207
Security analysts work amidst a chaotic atmosphere in a brightly-lit operations center.

Vulnerability Management Lagging Behind AI-Driven Exploit Boom

The threat landscape is evolving at breakneck speed, with a new vulnerability emerging every 7.4 minutes and AI-driven tools slashing the time it takes to turn these vulnerabilities into active threats. As a result, traditional vulnerability management strategies are struggling to keep pace with the sheer volume and velocity of attacks.

Analyst 207
Dimly lit server room with exposed cables and a hint of data deletion.

Musk Vows Data Purge After Grok Exposes User Repos

Elon Musk has vowed to wipe out all user data uploaded to SpaceXAI, following a shocking discovery that the company's AI tool, Grok Build, was secretly sending entire repositories, complete with full Git history and raw files, to a Google Cloud Storage bucket. The purge promises a clean slate, with Musk assuring that zero data will remain.

Analyst 207
Cluttered computer workstation with code on laptop screen, notes, and coffee cups in dim lighting.

Threat Actors Leverage AI-Generated Scripts to Accelerate Active Directory Attacks

Cyber attackers are now using AI-generated scripts to supercharge their Active Directory attacks, allowing them to quickly map and exploit sensitive domains, users, and computers. This alarming trend was uncovered by Huntress researchers, who analyzed a sophisticated PowerShell script that bore hallmarks of AI assistance.

Analyst 207
Joomla website backend on laptop with iCagenda extension file attachment feature.

Joomla Flaws Exploited as Zero-Days in Active Attacks

A critical vulnerability in the iCagenda extension for Joomla, known as CVE-2026-48939, has been exploited as a zero-day since June 15, 2026, allowing attackers to upload arbitrary files via the component's file attachment feature. This severe flaw, scoring 10.0 on the CVSS scale, has already sparked a wave of automated attacks against popular content-management-system extensions.

Analyst 207
Rows of computer servers and networking equipment in a calm, empty server room.

Unpatched XQUIC Flaw Exposes HTTP/3 Servers to Remote Crashes

A single, tiny error - just 260 bytes of ordinary QPACK traffic - can take down an HTTP/3 server, thanks to a flaw in Alibaba's XQUIC library, dubbed XRING. This unpatched vulnerability can cause remote crashes without needing a login or malformed packets.

Analyst 207
Modern office workspace with laptop, papers, and blurred computer screen.

Microsoft Ramps Up Vulnerability Detection with AI-Driven Scanning Tools

Microsoft is supercharging its vulnerability detection capabilities with AI-driven scanning tools, which will soon lead to a surge in Windows updates as more zero-day vulnerabilities are uncovered. Get ready for a higher volume of security updates, as AI helps defenders identify and address issues faster than ever before.

Analyst 207
Modern coding environment with laptop, notes, and materials by a bright window.

Microsoft Ramps Up Windows Security Updates with AI-Discovered Flaws

Microsoft is supercharging its Windows security updates with the help of AI, which is turbocharging the discovery of flaws and enabling the company to identify more issues faster than ever before. This means you can expect a higher volume of fixes to keep your Windows experience safer and more secure.

Analyst 207