Latest Cyber Security News & Threat Headlines

Recent Vulnerability Related Headlines

Prev Next

CVE-2026-31574 clockevents: Add missing resets of the next_event_forced flag (msrc.microsoft.com)

11 May 2026

CVE-2026-23468 drm/amdgpu: Limit BO list entry count to prevent resource exhaustion (msrc.microsoft.com)

11 May 2026

CVE-2026-23371 sched/deadline: Fix missing ENQUEUE_REPLENISH during PI de-boosting (msrc.microsoft.com)

11 May 2026

CVE-2026-23346 arm64: io: Extract user memory type in ioremap_prot() (msrc.microsoft.com)

11 May 2026

CVE-2026-23383 bpf, arm64: Force 8-byte alignment for JIT buffer to prevent atomic tearing (msrc.microsoft.com)

11 May 2026

CVE-2026-23377 ice: change XDP RxQ frag_size from DMA write length to xdp.frame_sz (msrc.microsoft.com)

11 May 2026

CVE-2026-23361 PCI: dwc: ep: Flush MSI-X write before unmapping its ATU entry (msrc.microsoft.com)

11 May 2026

CVE-2026-23276 net: add xmit recursion limit to tunnel xmit functions (msrc.microsoft.com)

11 May 2026

CVE-2026-23272 netfilter: nf_tables: unconditionally bump set->nelems before insertion (msrc.microsoft.com)

11 May 2026

CVE-2026-23278 netfilter: nf_tables: always walk all pending catchall elements (msrc.microsoft.com)

11 May 2026

CVE-2026-23247 tcp: secure_seq: add back ports to TS offset (msrc.microsoft.com)

11 May 2026

CVE-2026-23240 tls: Fix race condition in tls_sw_cancel_work_tx() (msrc.microsoft.com)

11 May 2026

CVE-2024-36024 drm/amd/display: Disable idle reallow as part of command/gpint execution (msrc.microsoft.com)

11 May 2026

CVE-2024-35794 dm-raid: really frozen sync_thread during suspend (msrc.microsoft.com)

11 May 2026

CVE-2024-35931 drm/amdgpu: Skip do PCI error slot reset during RAS recovery (msrc.microsoft.com)

11 May 2026

New ‘Dirty Frag’ Linux Vulnerability Possibly Exploited in Attacks (www.securityweek.com)

11 May 2026

CVE-2025-37750 smb: client: fix UAF in decryption with multichannel (msrc.microsoft.com)

11 May 2026

CVE-2025-37745 PM: hibernate: Avoid deadlock in hibernate_compressor_param_set() (msrc.microsoft.com)

11 May 2026

CVE-2025-37807 bpf: Fix kmemleak warning for percpu hashmap (msrc.microsoft.com)

11 May 2026

CVE-2025-37877 iommu: Clear iommu-dma ops on cleanup (msrc.microsoft.com)

11 May 2026

CVE-2025-37826 scsi: ufs: core: Add NULL check in ufshcd_mcq_compl_pending_transfer() (msrc.microsoft.com)

11 May 2026

CVE-2025-37882 usb: xhci: Fix isochronous Ring Underrun/Overrun event handling (msrc.microsoft.com)

11 May 2026

CVE-2025-37870 drm/amd/display: prevent hang on link training fail (msrc.microsoft.com)

11 May 2026

CVE-2025-37856 btrfs: harden block_group::bg_list against list_del() races (msrc.microsoft.com)

11 May 2026

CVE-2025-37747 perf: Fix hang while freeing sigtrap event (msrc.microsoft.com)

11 May 2026

CVE-2025-37907 accel/ivpu: Fix locking order in ivpu_job_submit (msrc.microsoft.com)

11 May 2026

CVE-2023-52586 drm/msm/dpu: Add mutex lock in control vblank irq (msrc.microsoft.com)

11 May 2026

CVE-2026-43308 btrfs: don't BUG() on unexpected delayed ref type in run_one_delayed_ref() (msrc.microsoft.com)

11 May 2026

CVE-2026-43421 usb: gadget: f_ncm: Fix net_device lifecycle with device_move (msrc.microsoft.com)

11 May 2026

CVE-2026-43311 soc/tegra: pmc: Fix unsafe generic_handle_irq() call (msrc.microsoft.com)

11 May 2026

CVE-2026-43398 drm/amdgpu: add upper bound check on user inputs in wait ioctl (msrc.microsoft.com)

11 May 2026

CVE-2026-43292 mm/vmalloc: prevent RCU stalls in kasan_release_vmalloc_node (msrc.microsoft.com)

11 May 2026

CVE-2026-43294 drm: renesas: rz-du: mipi_dsi: fix kernel panic when rebooting for some panels (msrc.microsoft.com)

11 May 2026

CVE-2026-43310 media: verisilicon: Avoid G2 bus error while decoding H.264 and HEVC (msrc.microsoft.com)

11 May 2026

CVE-2026-43353 i3c: mipi-i3c-hci: Fix race in DMA ring dequeue (msrc.microsoft.com)

11 May 2026

CVE-2025-39707 drm/amdgpu: check if hubbub is NULL in debugfs/amdgpu_dm_capabilities (msrc.microsoft.com)

11 May 2026

CVE-2025-39677 net/sched: Fix backlog accounting in qdisc_dequeue_internal (msrc.microsoft.com)

11 May 2026

CVE-2025-39705 drm/amd/display: fix a Null pointer dereference vulnerability (msrc.microsoft.com)

11 May 2026

CVE-2025-38717 net: kcm: Fix race condition in kcm_unattach() (msrc.microsoft.com)

11 May 2026

CVE-2025-38722 habanalabs: fix UAF in export_dmabuf() (msrc.microsoft.com)

11 May 2026

CVE-2025-38705 drm/amd/pm: fix null pointer access (msrc.microsoft.com)

11 May 2026

CVE-2025-39762 drm/amd/display: add null check (msrc.microsoft.com)

11 May 2026

CVE-2025-39859 ptp: ocp: fix use-after-free bugs causing by ptp_ocp_watchdog (msrc.microsoft.com)

11 May 2026

CVE-2025-39862 wifi: mt76: mt7915: fix list corruption after hardware restart (msrc.microsoft.com)

11 May 2026

CVE-2025-39851 vxlan: Fix NPD when refreshing an FDB entry with a nexthop object (msrc.microsoft.com)

11 May 2026

CVE-2025-39810 bnxt_en: Fix memory corruption when FW resources change during ifdown (msrc.microsoft.com)

11 May 2026

CVE-2025-39833 mISDN: hfcpci: Fix warning when deleting uninitialized timer (msrc.microsoft.com)

11 May 2026

CVE-2025-39779 btrfs: subpage: keep TOWRITE tag until folio is cleaned (msrc.microsoft.com)

11 May 2026

CVE-2024-58241 Bluetooth: hci_core: Disable works on hci_unregister_dev (msrc.microsoft.com)

11 May 2026

CVE-2025-39754 mm/smaps: fix race between smaps_hugetlb_range and migration (msrc.microsoft.com)

11 May 2026

CVE-2025-39747 drm/msm: Add error handling for krealloc in metadata setup (msrc.microsoft.com)

11 May 2026

CVE-2025-39746 wifi: ath10k: shutdown driver when hardware is unreliable (msrc.microsoft.com)

11 May 2026

CVE-2025-39789 crypto: x86/aegis - Add missing error checks (msrc.microsoft.com)

11 May 2026

CVE-2025-39850 vxlan: Fix NPD in {arp,neigh}_reduce() when using nexthop objects (msrc.microsoft.com)

11 May 2026

CitrixBleed to BlueHammer: Identity Governance Failure Repeats (OFA-2026-04-CXB) (www.hackerstorm.com)

10 May 2026

CVSS vs EPSS: How to Prioritise Vulnerabilities by Real Exploitation Risk (www.hackerstorm.com)

10 May 2026

Dirty Frag, CVE-2026–43284, CVE-2026–43500: Universal Linux Local Privilege Escalation… (socfortress.medium.com)

10 May 2026

Incident CVE-2024-Yikes (nesbitt.io)

10 May 2026

New cPanel vulnerabilities could allow file access and remote code execution (securityaffairs.com)

10 May 2026

Ollama Out-of-Bounds Read Vulnerability Allows Remote Process Memory Leak (thehackernews.com)

10 May 2026

Security Affairs newsletter Round 576 by Pierluigi Paganini – INTERNATIONAL EDITION (securityaffairs.com)

10 May 2026

CVE-2026-23870: Imperva Customers Protected Against Critical React Server Components DoS Vulnerability (securityboulevard.com)

10 May 2026

CVE-2026-33814 Infinite loop in HTTP/2 transport when given bad SETTINGS_MAX_FRAME_SIZE in net/http/internal/http2 in golang.org/x/net (msrc.microsoft.com)

10 May 2026

CVE-2026-33811 Crash when handling long CNAME response in net (msrc.microsoft.com)

10 May 2026

CVE-2026-42501 Malicious module proxy can bypass checksum database in cmd/go (msrc.microsoft.com)

10 May 2026

CVE-2026-39836 Panic in Dial and LookupPort when handling NUL byte on Windows in net (msrc.microsoft.com)

10 May 2026

CVE-2026-39825 ReverseProxy forwards queries with more than urlmaxqueryparams parameters in net/http/httputil (msrc.microsoft.com)

10 May 2026

CVE-2026-39820 Quadratic string concatentation in consumeComment in net/mail (msrc.microsoft.com)

10 May 2026

CVE-2026-41889 pgx: SQL Injection via placeholder confusion with dollar quoted string literals (msrc.microsoft.com)

10 May 2026

CVE-2026-39817 Invoking "go tool pack" does not sanitize output paths in cmd/go (msrc.microsoft.com)

10 May 2026

CVE-2026-39819 Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go (msrc.microsoft.com)

10 May 2026

CVE-2026-6665 PgBouncer buffer overflow in SCRAM (msrc.microsoft.com)

10 May 2026

CVE-2026-39823 Bypass of meta content URL escaping causes XSS in html/template (msrc.microsoft.com)

10 May 2026

CVE-2026-6667 PgBouncer missing authorization check in KILL_CLIENT admin command (msrc.microsoft.com)

10 May 2026

CVE-2026-39826 Escaper bypass leads to XSS in html/template (msrc.microsoft.com)

10 May 2026

CVE-2026-6666 PgBouncer crash in kill_pool_logins_server_error (msrc.microsoft.com)

10 May 2026

CVE-2026-42499 Quadratic string concatenation in consumePhrase in net/mail (msrc.microsoft.com)

10 May 2026

CVE-2026-45130 Vim: Heap Buffer Overflow in spell file loading (msrc.microsoft.com)

10 May 2026

CVE-2026-33079 Mistune ReDoS in LINK_TITLE_RE allows denial of service with crafted Markdown titles (msrc.microsoft.com)

10 May 2026

CVE-2026-44656 Vim: OS Command Injection via 'path' completion (msrc.microsoft.com)

10 May 2026

CVE-2026-6664 PgBouncer integer overflow in PgBouncer network packet parsing (msrc.microsoft.com)

10 May 2026

New cPanel and WHM Flaws Enable Code Execution, DoS Attacks (cybersecuritynews.com)

10 May 2026

"Dirty Frag" (CVE-2026-43284): The Second Linux Root Exploit in Eight Days (www.copahost.com)

09 May 2026

cPanel, WHM Release Fixes for Three New Vulnerabilities — Patch Now (thehackernews.com)

09 May 2026

CVE-2026-26164 M365 Copilot Information Disclosure Vulnerability (msrc.microsoft.com)

09 May 2026

Critical Microsoft 365 Copilot Vulnerabilities Exposes sensitive Information (cybersecuritynews.com)

08 May 2026

Five new holes, one exploited, found in Ivanti Endpoint Manager Mobile (www.csoonline.com)

08 May 2026

Dirty Frag (CVE-2026-43284, CVE-2026-43500): Frequently asked questions about this Linux kernel privilege escalation vulnerability chain (securityboulevard.com)

08 May 2026

CVE-2026-8178 - Remote Code Execution via Unsafe Class Loading in Amazon Redshift JDBC Driver (aws.amazon.com)

08 May 2026

Dirty Frag (CVE-2026-43284, CVE-2026-43500): Frequently asked questions about this Linux kernel privilege escalation vulnerability chain (www.tenable.com)

08 May 2026

Apache fixes critical HTTP/2 vulnerability allowing remote code execution (www.scworld.com)

08 May 2026

CVSS vs EPSS: How to Prioritise Vulnerabilities by Real Exploitation Risk (www.hackerstorm.com)

08 May 2026

Why the approaching flood of vulnerabilities changes everything — and what to do about it (securityboulevard.com)

08 May 2026

Dirty Frag: Unpatched Linux vulnerability delivers root access (www.helpnetsecurity.com)

08 May 2026

CVE-2026-23918: Apache HTTP/2 Double-Free Vulnerability with Possible RCE (securityboulevard.com)

08 May 2026

Dirty Frag: A new Linux privilege escalation vulnerability is already in the wild (securityaffairs.com)

08 May 2026

CVE-2026-6973: Authenticated Admin RCE In Ivanti EPMM Added to CISA KEV (socradar.io)

08 May 2026

Trellix Breach – RansomHouse Claims Access to Parts of Source Code (cybersecuritynews.com)

08 May 2026

Ivanti EPMM vulnerability exploited in zero-day attacks (CVE-2026-6973) (www.helpnetsecurity.com)

08 May 2026

New PCPJack Worm Targets Docker, Kubernetes, Redis, and MongoDB for Credential Theft (cybersecuritynews.com)

08 May 2026

Your CTEM program is probably ignoring MCP. Here’s how to fix it (www.csoonline.com)

08 May 2026

CVE-2025-68670: discovering an RCE vulnerability in xrdp (securelist.com)

08 May 2026

Mozilla Patches 423 Firefox 0-Day Vulnerabilities with Claude Mythos and Other AI Models (cybersecuritynews.com)

08 May 2026

Another Universal Linux Local Privilege Escalation (LPE) Vulnerability: Dirty Frag, (Fri, May 8th) (isc.sans.edu)

08 May 2026

Critical Spring Vulnerabilities Expose Arbitrary Files and GCP Secrets (cybersecuritynews.com)

08 May 2026

CVE-2026-25243 redis-server RESTORE invalid memory access may allow remote code execution (msrc.microsoft.com)

08 May 2026

CVE-2026-41673 xmldom: Denial of service via uncontrolled recursion in XML serialization (msrc.microsoft.com)

08 May 2026

CVE-2026-41675 xmldom: XML node injection through unvalidated processing instruction serialization (msrc.microsoft.com)

08 May 2026

CVE-2026-41674 xmldom: XML injection through unvalidated DocumentType serialization (msrc.microsoft.com)

08 May 2026

CVE-2026-41672 xmldom: XML node injection through unvalidated comment serialization (msrc.microsoft.com)

08 May 2026

CVE-2026-43869 Apache Thrift: TSSLTransportFactory.java hostname verification (msrc.microsoft.com)

08 May 2026

Chromium: CVE-2026-7919 Use after free in Aura (msrc.microsoft.com)

08 May 2026

CVE-2026-23631 redis-server Lua use-after-free may allow remote code execution (msrc.microsoft.com)

08 May 2026

CVE-2026-31717 ksmbd: validate owner of durable handle on reconnect (msrc.microsoft.com)

08 May 2026

CVE-2026-25589 RedisBloom RESTORE invalid memory access may allow remote code execution (msrc.microsoft.com)

08 May 2026

CVE-2026-25588 RedisTimeSeries RESTORE invalid memory access may allow remote code execution (msrc.microsoft.com)

08 May 2026

CVE-2026-23479 redis-server use-after-free in unblock client flow may allow remote code execution (msrc.microsoft.com)

08 May 2026

CVE-2026-31718 ksmbd: fix use-after-free in __ksmbd_close_fd() via durable scavenger (msrc.microsoft.com)

08 May 2026

Linux Kernel Dirty Frag LPE Exploit Enables Root Access Across Major Distributions (thehackernews.com)

08 May 2026

Ivanti Patches EPMM Zero-Day Exploited in Targeted Attacks (www.securityweek.com)

08 May 2026

Dirty Frag Linux Vulnerability Let Attackers Gain Root Privileges – PoC Released (cybersecuritynews.com)

07 May 2026

Dirty Frag and other issues in Amazon Linux kernels (aws.amazon.com)

07 May 2026

Multiple Critical Vulnerabilities Patched in Next.js and React Server Components (cybersecuritynews.com)

07 May 2026

GNU IFUNC is the real culprit behind CVE-2024-3094 (github.com)

07 May 2026

Palo Alto Networks firewall flaw has been exploited for several weeks (www.csoonline.com)

07 May 2026

13 new critical holes in JavaScript sandbox allow execution of arbitrary code (www.csoonline.com)

07 May 2026

Ollama vulnerability highlights danger of AI frameworks with unrestricted access (www.csoonline.com)

07 May 2026

Nation-state actors exploit Palo Alto PAN-OS zero-day for weeks (securityaffairs.com)

07 May 2026

Chromium: CVE-2026-7946 Insufficient policy enforcement in WebUI (msrc.microsoft.com)

07 May 2026

Chromium: CVE-2026-7936 Object lifecycle issue in V8 (msrc.microsoft.com)

07 May 2026

Chromium: CVE-2026-7943 Insufficient validation of untrusted input in ANGLE (msrc.microsoft.com)

07 May 2026

Chromium: CVE-2026-7951 Out of bounds write in WebRTC (msrc.microsoft.com)

07 May 2026

Chromium: CVE-2026-8014 Inappropriate implementation in Preload (msrc.microsoft.com)

07 May 2026

Chromium: CVE-2026-7898 Use after free in Chromoting (msrc.microsoft.com)

07 May 2026

Chromium: CVE-2026-8019 Insufficient policy enforcement in WebApp (msrc.microsoft.com)

07 May 2026

Chromium: CVE-2026-8022 Inappropriate implementation in MHTML (msrc.microsoft.com)

07 May 2026

Chromium: CVE-2026-8021 Script injection in UI (msrc.microsoft.com)

07 May 2026

Chromium: CVE-2026-7959 Inappropriate implementation in Navigation (msrc.microsoft.com)

07 May 2026

Chromium: CVE-2026-7955 Uninitialized Use in GPU (msrc.microsoft.com)

07 May 2026

Chromium: CVE-2026-8015 Inappropriate implementation in Media (msrc.microsoft.com)

07 May 2026

Chromium: CVE-2026-7916 Insufficient data validation in InterestGroups (msrc.microsoft.com)

07 May 2026

Chromium: CVE-2026-7906 Use after free in SVG (msrc.microsoft.com)

07 May 2026

Chromium: CVE-2026-8018 Insufficient policy enforcement in DevTools (msrc.microsoft.com)

07 May 2026

Chromium: CVE-2026-7896 Integer overflow in Blink (msrc.microsoft.com)

07 May 2026

Chromium: CVE-2026-8017 Side-channel information leakage in Media (msrc.microsoft.com)

07 May 2026

Chromium: CVE-2026-7925 Use after free in Chromoting (msrc.microsoft.com)

07 May 2026

Anthropic response to 1-click pwn: Shouldn't have clicked 'ok' (www.theregister.com)

07 May 2026

State-sponsored hackers likely behind zero-day attacks on Palo Alto firewalls (www.helpnetsecurity.com)

07 May 2026

AI Vulnerability Discovery and the Open Source CVE Surge (securityboulevard.com)

07 May 2026

Ivanti EPMM CVE-2026-6973 RCE Under Active Exploitation Grants Admin-Level Access (thehackernews.com)

07 May 2026

U.S. CISA adds a flaw in Ivanti Endpoint Manager Mobile (EPMM) to its Known Exploited Vulnerabilities catalog (securityaffairs.com)

07 May 2026

New Ivanti EPMM 0-Day Vulnerability Actively Exploited in Attacks (cybersecuritynews.com)

07 May 2026

CISA Warns of Palo Alto PAN-OS Vulnerability Exploited to Gain Root Access (cybersecuritynews.com)

07 May 2026

New Cisco Network Vulnerability Let Remote Attacker Cause DoS Attack (cybersecuritynews.com)

07 May 2026

Cisco patches high-severity flaws enabling SSRF, code execution attacks (securityaffairs.com)

07 May 2026

Tp-Link Archer AX53 v1.0 Openvpn configuration restore client_connect OS command injection vulnerability (talosintelligence.com)

07 May 2026

Tp-Link Archer AX53 v1.0 dnsmasq configuration restore TFTP server enable vulnerability (talosintelligence.com)

07 May 2026

Tp-Link Archer AX53 v1.0 Openvpn configuration restore script_security OS command injection vulnerability (talosintelligence.com)

07 May 2026

PAN-OS RCE Exploit Under Active Use Enabling Root Access and Espionage (thehackernews.com)

07 May 2026

CVE-2025-68768 inet: frags: flush pending skbs in fqdir_pre_exit() (msrc.microsoft.com)

07 May 2026

WatchGuard Agent Vulnerabilities Let Attackers Grant Full SYSTEM Privileges on Windows (cybersecuritynews.com)

07 May 2026

Critical Redis Vulnerabilities Enables Remote Code Execution Attacks (cybersecuritynews.com)

07 May 2026

CVE-2026-26956: vm2 Sandbox Escape Enables Host RCE in Node.js 25 (socradar.io)

07 May 2026

CVE-2026-23918: Apache HTTP Server HTTP/2 Double Free With Possible RCE (socradar.io)

07 May 2026

CVE-2026-0300 Enables Root RCE in PAN-OS Captive Portal (socradar.io)

07 May 2026

CVE-2026-4670 & CVE-2026-5174: MOVEit Automation Flaws Enable Auth Bypass and Privilege Escalation (socradar.io)

07 May 2026

Palo Alto Networks Firewall Zero-Day RCE Vulnerability Exploited in the Wild Since April (cybersecuritynews.com)

07 May 2026

Critical Palo Alto Networks software bug hits exposed firewalls (www.csoonline.com)

07 May 2026

Exploits and vulnerabilities in Q1 2026 (securelist.com)

07 May 2026

Critical vm2 Node.js Library Vulnerabilities Enables Arbitrary Code Execution Attacks (cybersecuritynews.com)

07 May 2026

CVE-2026-34871 (msrc.microsoft.com)

07 May 2026

CVE-2025-66442 (msrc.microsoft.com)

07 May 2026

CVE-2026-34873 (msrc.microsoft.com)

07 May 2026

CVE-2026-34876 (msrc.microsoft.com)

07 May 2026

CVE-2026-25835 (msrc.microsoft.com)

07 May 2026

CVE-2026-34875 (msrc.microsoft.com)

07 May 2026

CVE-2026-34874 (msrc.microsoft.com)

07 May 2026

CVE-2026-3832 Gnutls: gnutls: security bypass allows acceptance of revoked server certificates via crafted ocsp response (msrc.microsoft.com)

07 May 2026

CVE-2026-6383 Kubevirt: kubevirt: unauthorized subresource access due to improper rbac evaluation (msrc.microsoft.com)

07 May 2026

CVE-2026-3833 Gnutls: gnutls: policy bypass due to case-sensitive nameconstraints comparison (msrc.microsoft.com)

07 May 2026

State Sponsored Activity

This chart provides an indication of state sponsored activity suspected or known to be actively targetting vulnerabilities recently.

Government Alerts & Advisories

Prev Next

cPanel security advisory (AV26-437)  (cyber.gc.ca)

08 May 2026

AL26-011 - Vulnerabilities affecting Linux - CVE-2026-43284 and CVE-2026-43500 (cyber.gc.ca)

08 May 2026

CISA Adds One Known Exploited Vulnerability to Catalog (www.cisa.gov)

08 May 2026

Microsoft Edge security advisory (AV26-436) (cyber.gc.ca)

08 May 2026

MAXHUB Pivot Client Application (www.cisa.gov)

07 May 2026

CISA Adds One Known Exploited Vulnerability to Catalog (www.cisa.gov)

07 May 2026

Ivanti security advisory (AV26-435) (cyber.gc.ca)

07 May 2026

Broadcom VMware security advisory (AV26-434) (cyber.gc.ca)

07 May 2026

Mozilla security advisory (AV26-433) (cyber.gc.ca)

07 May 2026

VM2 Node.js Library security advisory (AV26-432) (cyber.gc.ca)

07 May 2026

Spring security advisory (AV26-431) (cyber.gc.ca)

07 May 2026

Cisco security advisory (AV26-430) (cyber.gc.ca)

06 May 2026

CISA Adds One Known Exploited Vulnerability to Catalog (www.cisa.gov)

06 May 2026

Samsung mobile security advisory (AV26-429) (cyber.gc.ca)

06 May 2026

WatchGuard security advisory (AV26-428) (cyber.gc.ca)

06 May 2026

Palo Alto Networks security advisory (AV26-425) (cyber.gc.ca)

06 May 2026

Google Chrome security advisory (AV26-426) (cyber.gc.ca)

06 May 2026

Broadcom VMware security advisory (AV26-427) (cyber.gc.ca)

06 May 2026

2026-006: Critical Vulnerability in PAN-OS (cert.europa.eu)

06 May 2026

Juniper Networks security advisory (AV26-424) (cyber.gc.ca)

05 May 2026

Redis security advisory (AV26-423) (cyber.gc.ca)

05 May 2026

ABB B&R Automation Runtime (www.cisa.gov)

05 May 2026

Johnson Controls CEM AC2000 (www.cisa.gov)

05 May 2026

Apache security advisory (AV26-422) (cyber.gc.ca)

05 May 2026

Android security advisory – May 2026 monthly rollup (AV26-421) (cyber.gc.ca)

05 May 2026

Qualcomm security advisory – May 2026 monthly rollup (AV26-420) (cyber.gc.ca)

05 May 2026

Broadcom VMware security advisory (AV26-419) (cyber.gc.ca)

04 May 2026

Red Hat security advisory (AV26-418) (cyber.gc.ca)

04 May 2026

[Control systems] CISA ICS security advisories (AV26–417) (cyber.gc.ca)

04 May 2026

Dell security advisory (AV26-414) (cyber.gc.ca)

04 May 2026

IBM security advisory (AV26-413) (cyber.gc.ca)

04 May 2026

Ubuntu security advisory (AV26-416) (cyber.gc.ca)

04 May 2026

FreeBSD security advisory (AV26-415) (cyber.gc.ca)

04 May 2026

CISA Adds One Known Exploited Vulnerability to Catalog (www.cisa.gov)

01 May 2026

JetBrains security advisory (AV26-412) (cyber.gc.ca)

01 May 2026

AL26-010 – Cyber Criminals Social‑Engineering‑Enabled Compromise of Enterprise SaaS Environments (cyber.gc.ca)

01 May 2026

Microsoft Edge security advisory (AV26-411) (cyber.gc.ca)

01 May 2026

Preparing for a ‘vulnerability patch wave’ (www.ncsc.gov.uk)

01 May 2026

CRITICAL ALERT: Active Exploitation of cPanel/WHM critical vulnerability (www.cyber.gov.au)

01 May 2026

Progress security advisory (AV26-410) (cyber.gc.ca)

30 Apr 2026

Mozilla security advisory (AV26-409) (cyber.gc.ca)

30 Apr 2026

HPE security advisory (AV26-408) (cyber.gc.ca)

30 Apr 2026

AL26-009 - Vulnerability Affecting Linux - CVE-2026-31431 (cyber.gc.ca)

30 Apr 2026

CISA Adds One Known Exploited Vulnerability to Catalog (www.cisa.gov)

30 Apr 2026

ABB Edgenius Management Portal (www.cisa.gov)

30 Apr 2026

ABB AWIN Gateways (www.cisa.gov)

30 Apr 2026

ABB Ability Symphony Plus Engineering (www.cisa.gov)

30 Apr 2026

GNU security advisory (AV26-407) (cyber.gc.ca)

30 Apr 2026

GitLab security advisory (AV26-406) (cyber.gc.ca)

30 Apr 2026

2026-005: High Vulnerability in the Linux Kernel ("Copy Fail") (cert.europa.eu)

30 Apr 2026

AL26-008 - Vulnerability affecting cPanel and WebHost Manager (WHM) - CVE-2026-41940 (cyber.gc.ca)

29 Apr 2026

SonicWall security advisory (AV26-405) (cyber.gc.ca)

29 Apr 2026

cPanel security advisory (AV26-404) (cyber.gc.ca)

29 Apr 2026

Jenkins security advisory (AV26-403) (cyber.gc.ca)

29 Apr 2026

Google Chrome security advisory (AV26-402) (cyber.gc.ca)

29 Apr 2026

CISA Adds Two Known Exploited Vulnerabilities to Catalog (www.cisa.gov)

28 Apr 2026

NSA GRASSMARLIN (www.cisa.gov)

28 Apr 2026

Mozilla security advisory (AV26-401) (cyber.gc.ca)

28 Apr 2026

Citrix security advisory (AV26-400) (cyber.gc.ca)

28 Apr 2026

Zyxel security advisory (AV26-399) (cyber.gc.ca)

28 Apr 2026

SmarterTools security advisory (AV26-398) (cyber.gc.ca)

28 Apr 2026

Spring security advisory (AV26-397) (cyber.gc.ca)

27 Apr 2026

Microsoft Edge security advisory (AV26-396) (cyber.gc.ca)

27 Apr 2026

Notepad++ security advisory (AV26-395) (cyber.gc.ca)

27 Apr 2026

[Control Systems] Moxa security advisory (AV26-393) (cyber.gc.ca)

27 Apr 2026

Broadcom VMware security advisory (AV26-394) (cyber.gc.ca)

27 Apr 2026

Red Hat security advisory (AV26-392) (cyber.gc.ca)

27 Apr 2026

[Control systems] CISA ICS security advisories (AV26–391) (cyber.gc.ca)

27 Apr 2026

Dell security advisory (AV26-389) (cyber.gc.ca)

27 Apr 2026

Ubuntu security advisory (AV26-390) (cyber.gc.ca)

27 Apr 2026

IBM security advisory (AV26-388) (cyber.gc.ca)

27 Apr 2026

CISA Adds Four Known Exploited Vulnerabilities to Catalog (www.cisa.gov)

24 Apr 2026

HIGH ALERT: New steps for organisations running Cisco Firepower and Secure Firewall products (www.cyber.gov.au)

23 Apr 2026

Tenable security advisory (AV26-387) (cyber.gc.ca)

23 Apr 2026

Spring security advisory (AV26-386) (cyber.gc.ca)

23 Apr 2026

CISA Adds One Known Exploited Vulnerability to Catalog (www.cisa.gov)

23 Apr 2026

Yadea T5 Electric Bicycle (www.cisa.gov)

23 Apr 2026

Intrado 911 Emergency Gateway (EGW) (www.cisa.gov)

23 Apr 2026

Hangzhou Xiongmai Technology Co., Ltd XM530 IP Camera (www.cisa.gov)

23 Apr 2026

SpiceJet Online Booking System (www.cisa.gov)

23 Apr 2026

CrowdStrike security advisory (AV26-384) (cyber.gc.ca)

23 Apr 2026

GitHub security advisory (AV26-383) (cyber.gc.ca)

23 Apr 2026

FIRESTARTER Backdoor (www.cisa.gov)

23 Apr 2026

Google Chrome security advisory (AV26-382) (cyber.gc.ca)

23 Apr 2026

Executive Summary: Defending against China-nexus covert networks of compromised devices (www.ncsc.gov.uk)

23 Apr 2026

International cyber agencies share fresh advice to defend against China-linked covert networks (www.ncsc.gov.uk)

23 Apr 2026

Defending against China-nexus covert networks of compromised devices (www.ncsc.gov.uk)

23 Apr 2026

CISA Adds One Known Exploited Vulnerability to Catalog (www.cisa.gov)

22 Apr 2026

Apple security advisory (AV26-381) (cyber.gc.ca)

22 Apr 2026

n8n security advisory (AV26-379) (cyber.gc.ca)

22 Apr 2026

CISA Alerts & KEV Catalog Updates

CISA KEVs (known exploited vulnerabilities) identified as a priroty to mitigate over the past three months.

View Catalog & Updates

Actively Exploited Vulnerabilities

Prev Next

New ‘Dirty Frag’ Linux Vulnerability Possibly Exploited in Attacks (www.securityweek.com)

11 May 2026

Week in review: cPanel vulnerability actively exploited, DigiCert breach, LinkedIn job scams (www.helpnetsecurity.com)

10 May 2026

Five new holes, one exploited, found in Ivanti Endpoint Manager Mobile (www.csoonline.com)

08 May 2026

From Active Exploitation to State-Aligned Espionage: Threat Actors Intensify Operations Against… (medium.com)

08 May 2026

CISA gives feds four days to patch Ivanti flaw exploited as zero-day (www.bleepingcomputer.com)

08 May 2026

Dirty Frag: A new Linux privilege escalation vulnerability is already in the wild (securityaffairs.com)

08 May 2026

Ivanti EPMM vulnerability exploited in zero-day attacks (CVE-2026-6973) (www.helpnetsecurity.com)

08 May 2026

Ivanti Patches EPMM Zero-Day Exploited in Targeted Attacks (www.securityweek.com)

08 May 2026

Palo Alto Networks firewall flaw has been exploited for several weeks (www.csoonline.com)

07 May 2026

Palo Alto Networks says patch for exploited PAN-OS firewall bug forthcoming (www.scworld.com)

07 May 2026

Ivanti EPMM CVE-2026-6973 RCE Under Active Exploitation Grants Admin-Level Access (thehackernews.com)

07 May 2026

U.S. CISA adds a flaw in Ivanti Endpoint Manager Mobile (EPMM) to its Known Exploited Vulnerabilities catalog (securityaffairs.com)

07 May 2026

New Ivanti EPMM 0-Day Vulnerability Actively Exploited in Attacks (cybersecuritynews.com)

07 May 2026

CISA Warns of Palo Alto PAN-OS Vulnerability Exploited to Gain Root Access (cybersecuritynews.com)

07 May 2026

Palo Alto Zero-Day Exploited in Campaign Bearing Hallmarks of Chinese State Hacking (www.securityweek.com)

07 May 2026

Ivanti warns of new EPMM flaw exploited in zero-day attacks (www.bleepingcomputer.com)

07 May 2026

Palo Alto Networks Firewall Zero-Day RCE Vulnerability Exploited in the Wild Since April (cybersecuritynews.com)

07 May 2026

Palo Alto Networks firewall zero-day exploited for nearly a month (www.bleepingcomputer.com)

07 May 2026

U.S. CISA adds a flaw in Palo Alto Networks PAN-OS to its Known Exploited Vulnerabilities catalog (securityaffairs.com)

07 May 2026

MetInfo CMS vulnerability exploited by threat actors (www.scworld.com)

06 May 2026

Palo Alto Networks warns of critical PAN-OS vulnerability exploited in the wild (www.scworld.com)

06 May 2026

Root-level RCE vulnerability in Palo Alto firewalls exploited (CVE-2026-0300) (www.helpnetsecurity.com)

06 May 2026

ShinyHunters claims dump puts 119K Vimeo emails in the wild (www.theregister.com)

06 May 2026

Palo Alto Networks PAN-OS flaw exploited for remote code execution (securityaffairs.com)

06 May 2026

Palo Alto PAN-OS Flaw Under Active Exploitation Enables Remote Code Execution (thehackernews.com)

06 May 2026

Palo Alto Networks to Patch Zero-Day Exploited to Hack Firewalls (www.securityweek.com)

05 May 2026

Critical Palo Alto Firewalls Vulnerability Exploited in the Wild to Gain Root Access (cybersecuritynews.com)

05 May 2026

Critical 9.8 Weaver E-cology vulnerability actively exploited (www.scworld.com)

05 May 2026

Critical Weaver E-cology RCE Vulnerability Actively Exploited in Attacks (cybersecuritynews.com)

05 May 2026

Education Sector Under Attack From State Espionage, Spear-Phishing, and Supply Chain Attacks (cybersecuritynews.com)

05 May 2026

MetInfo CMS CVE-2026-29014 Exploited for Remote Code Execution Attacks (thehackernews.com)

05 May 2026

ShinyHunters claims dump puts 119K Vimeo emails in the wild (go.theregister.com)

05 May 2026

Weaver E-cology RCE Flaw CVE-2026-22679 Actively Exploited via Debug API (thehackernews.com)

05 May 2026

Weaver E-cology critical bug exploited in attacks since March (www.bleepingcomputer.com)

04 May 2026

Copy Fail bug added to CISA's list of known exploited vulnerabilities (www.scworld.com)

04 May 2026

CISA Warns of Linux Kernel 0-Day Vulnerability Exploited in Attacks (cybersecuritynews.com)

04 May 2026

CISA says ‘Copy Fail’ flaw now exploited to root Linux systems (www.bleepingcomputer.com)

04 May 2026

U.S. CISA adds a flaw in Linux Kernel to its Known Exploited Vulnerabilities catalog (securityaffairs.com)

04 May 2026

CISA Warns of cPanel & WHM Vulnerability Exploited in Attacks (cybersecuritynews.com)

04 May 2026

U.S. CISA adds a flaw in WebPros cPanel to its Known Exploited Vulnerabilities catalog (securityaffairs.com)

03 May 2026

Week in review: High-severity LPE vulnerability in the Linux kernel, cPanel 0-day exploited for months (www.helpnetsecurity.com)

03 May 2026

CISA Adds Actively Exploited Linux Root Access Bug CVE-2026-31431 to KEV (thehackernews.com)

03 May 2026

Critrical cPanel flaw mass-exploited in "Sorry" ransomware attacks (www.bleepingcomputer.com)

02 May 2026

How Escape AI Pentesting Exploited SSRF in LiteLLM (securityboulevard.com)

01 May 2026

Actively exploited cPanel bug exposes millions of websites to takeover (www.malwarebytes.com)

01 May 2026

cPanel zero-day exploited for months before patch release (CVE-2026-41940) (www.helpnetsecurity.com)

30 Apr 2026

Critical cPanel and WHM bug exploited as a zero-day, PoC now available (www.bleepingcomputer.com)

30 Apr 2026

Critical cPanel & WHM Vulnerability Exploited as Zero-Day for Months (www.securityweek.com)

30 Apr 2026

Bug of the year (so far)? Nasty cPanel vulnerability probably exploited as a 0-day (go.theregister.com)

30 Apr 2026

Qinglong Task Scheduler RCE Vulnerabilities Exploited in the Wild (cybersecuritynews.com)

30 Apr 2026

CISA Warns of ConnectWise ScreenConnect Vulnerability Exploited in Attacks (cybersecuritynews.com)

30 Apr 2026

cPanel 0-Day Authentication Bypass Vulnerability Actively Exploited in the Wild — PoC Released (cybersecuritynews.com)

30 Apr 2026

CVE-2026-42208: LiteLLM bug exploited 36 hours after its disclosure (securityaffairs.com)

29 Apr 2026

LiteLLM exploited within 36 hours of disclosure via SQL injection bug (www.scworld.com)

29 Apr 2026

Microsoft's patch for a 0-day exploited by Russian spies fell short. Another Windows flaw is under attack (go.theregister.com)

29 Apr 2026

New Windows flaw stems from incomplete fix for APT28-exploited bugs (www.scworld.com)

29 Apr 2026

[un]prompted 2026 – Total Recon: How We Discovered 1000s Of Open Agents In The Wild (securityboulevard.com)

29 Apr 2026

Fresh LiteLLM Vulnerability Exploited Shortly After Disclosure (www.securityweek.com)

29 Apr 2026

CISA Warns Microsoft Windows Shell 0-click Vulnerability Exploited in Attacks (cybersecuritynews.com)

29 Apr 2026

CISA orders feds to patch Windows flaw exploited as zero-day (www.bleepingcomputer.com)

29 Apr 2026

CISA, Microsoft warn of active exploitation of Windows Shell vulnerability (CVE-2026-32202) (www.helpnetsecurity.com)

29 Apr 2026

CISA Adds Actively Exploited ConnectWise and Windows Flaws to KEV (thehackernews.com)

29 Apr 2026

U.S. CISA adds Microsoft Windows Shell and ConnectWise ScreenConnect flaws to its Known Exploited Vulnerabilities catalog (securityaffairs.com)

29 Apr 2026

LiteLLM CVE-2026-42208 SQL Injection Exploited within 36 Hours of Disclosure (thehackernews.com)

29 Apr 2026

Robinhood account creation flaw exploited for phishing emails (www.scworld.com)

28 Apr 2026

Critical LiteLLM SQL Injection Vulnerability Exploited in the Wild (cybersecuritynews.com)

28 Apr 2026

Robinhood Vulnerability Exploited for Phishing Attacks (www.securityweek.com)

28 Apr 2026

New Windows Shell 0-Click Vulnerability Exploited to Bypass Defender SmartScreen (cybersecuritynews.com)

28 Apr 2026

Security Advisory: CVE-2024–21413 Outlook RCE Actively Exploited (CVSS 9.8) (medium.com)

28 Apr 2026

Microsoft Confirms Active Exploitation of Windows Shell CVE-2026-32202 (thehackernews.com)

28 Apr 2026

Thousands of Zimbra servers vulnerable to actively exploited flaw (www.scworld.com)

27 Apr 2026

LMDeploy vulnerability exploited, highlighting AI infrastructure risks (www.scworld.com)

27 Apr 2026

Litecoin Zero-Day Vulnerability Exploited in DoS Attack, Disrupts Major Mining Pools (cybersecuritynews.com)

25 Apr 2026

U.S. CISA adds SimpleHelp, Samsung, and D-Link flaws to its Known Exploited Vulnerabilities catalog (securityaffairs.com)

25 Apr 2026

CISA Warns of Multiple SimpleHelp Vulnerabilities Exploited in Attack (cybersecuritynews.com)

25 Apr 2026

CISA Adds 4 Exploited Flaws to KEV, Sets May 2026 Federal Deadline (thehackernews.com)

25 Apr 2026

Indirect prompt injection is taking hold in the wild (www.helpnetsecurity.com)

24 Apr 2026

Telecom infrastructure exploited in global spy campaigns (www.scworld.com)

24 Apr 2026

LMDeploy CVE-2026-33626 Flaw Exploited Within 13 Hours of Disclosure (thehackernews.com)

24 Apr 2026

Actively Exploited: CVE-2023–46805 in Ivanti Connect Secure Enables Authentication Bypass (medium.com)

23 Apr 2026

Actively exploited SharePoint spoofing bug continues to threaten over 1,300 instances (www.scworld.com)

23 Apr 2026

Apple just fixed an iOS flaw exploited by the FBI - here's what happened (www.zdnet.com)

23 Apr 2026

CISA orders feds to patch BlueHammer flaw exploited as zero-day (www.bleepingcomputer.com)

23 Apr 2026

Apple Patches Exploited Notification Flaw, (Thu, Apr 23rd) (isc.sans.edu)

23 Apr 2026

U.S. CISA adds a flaw in Microsoft Defender to its Known Exploited Vulnerabilities catalog (securityaffairs.com)

23 Apr 2026

Recent Microsoft Defender Vulnerability Exploited as Zero-Day (www.securityweek.com)

23 Apr 2026

Over 1,300 SharePoint Servers Still Exposed to Actively Exploited Spoofing Flaw (www.esecurityplanet.com)

22 Apr 2026

[un]prompted 2026 – 8 Minutes to Admin. We Caught It in the Wild. Welcome to VibeHacking. (securityboulevard.com)

22 Apr 2026

Thousands of Apache ActiveMQ instances still unpatched, weeks after an actively exploited hole discovered (www.csoonline.com)

21 Apr 2026

CISA Warns of Cisco Catalyst SD-WAN Manager Vulnerabilities Exploited in Attacks (cybersecuritynews.com)

21 Apr 2026

CISA flags new SD-WAN flaw as actively exploited in attacks (www.bleepingcomputer.com)

21 Apr 2026

CISA flags another Cisco Catalyst SD-WAN Manager bug as exploited (CVE-2026-20133) (www.helpnetsecurity.com)

21 Apr 2026

Organizations Warned of Exploited Cisco, Kentico, Zimbra Vulnerabilities (www.securityweek.com)

21 Apr 2026

Actively exploited Apache ActiveMQ flaw impacts 6,400 servers (www.bleepingcomputer.com)

21 Apr 2026

U.S. CISA adds Cisco Catalyst, Kentico Xperience, PaperCut NG/MF, Synacor ZCS, Quest KACE SMA, and JetBrains TeamCity flaws to its…

21 Apr 2026

CISA Adds 8 Exploited Flaws to KEV, Sets April-May 2026 Federal Deadlines (thehackernews.com)

21 Apr 2026

Trio of new Windows vulnerabilities under active exploitation (www.scworld.com)

20 Apr 2026

CVE-2023-33538 under attack for a year, but exploitation still unsuccessful (securityaffairs.com)

20 Apr 2026

Week in review: Acrobat Reader flaw exploited, Claude Mythos offensive capabilities and limits (www.helpnetsecurity.com)

19 Apr 2026

Microsoft Defender under attack as three zero-days, two of them still unpatched, enable elevated access (securityaffairs.com)

18 Apr 2026

Apache ActiveMQ RCE bug to CISA list of exploited vulnerabilities (www.scworld.com)

17 Apr 2026

[un]prompted 2026 – Kinetic Risk: Securing And Governing Physical Al In The Wild (securityboulevard.com)

17 Apr 2026

BlueHammer, RedSun, and UnDefend: Three Windows Defender Zero-Days Exploited in the Wild (socradar.io)

17 Apr 2026

Three Microsoft Defender Zero-Days Actively Exploited; Two Still Unpatched (thehackernews.com)

17 Apr 2026

CISA Warns of Apache ActiveMQ Input Validation Vulnerability Exploited in Attacks (cybersecuritynews.com)

17 Apr 2026

Leaked Windows Defender 0-Day Vulnerability Actively Exploited in Attacks (cybersecuritynews.com)

17 Apr 2026

Researcher drops two more Microsoft Defender zero-days, all three now exploited in the wild (www.helpnetsecurity.com)

17 Apr 2026

Recent Apache ActiveMQ Vulnerability Exploited in the Wild (www.securityweek.com)

17 Apr 2026

CISA flags Apache ActiveMQ flaw as actively exploited in attacks (www.bleepingcomputer.com)

17 Apr 2026

U.S. CISA adds a flaw in Apache ActiveMQ to its Known Exploited Vulnerabilities catalog (securityaffairs.com)

17 Apr 2026

Recently leaked Windows zero-days now exploited in attacks (www.bleepingcomputer.com)

17 Apr 2026

Apache ActiveMQ CVE-2026-34197 Added to CISA KEV Amid Active Exploitation (thehackernews.com)

16 Apr 2026

Nginx-ui MCP missing authentication flaw actively exploited (www.scworld.com)

16 Apr 2026

April 2026 Patch Tuesday: 165 Vulnerabilities, Two Zero-Days Including One Actively Exploited (socradar.io)

16 Apr 2026

Nginx-ui Vulnerability Actively Exploited in Attack – Enables Full Server Takeover (cybersecuritynews.com)

16 Apr 2026

31 High-Impact Vulnerabilities Exploited in March as Interlock Hits Cisco FMC Zero-Day (cybersecuritynews.com)

16 Apr 2026

Unveiling the Exploitative Tactics: Windows SyncAppvPublishingServer Exploited in the Wild to… (surajmundalik.medium.com)

16 Apr 2026

[Guest Diary] Compromised DVRs and Finding Them in the Wild, (Thu, Apr 16th) (isc.sans.edu)

15 Apr 2026

Critical Nginx UI auth bypass flaw now actively exploited in the wild (www.bleepingcomputer.com)

15 Apr 2026

Flashpoint Surpasses Cataloging 7,000 Known Exploited Vulnerabilities as Disclosure Volume Accelerates (securityboulevard.com)

15 Apr 2026

Trending Adversarial Group(s)

Top 10 Adverserial groups suspected or known to be actively targetting vulnerabilities.

Zero Day ( 0-day)

Prev Next

Canvas, Shai-Hulud, QuasarRat, 0Days, Anthropic, Aaran Leyland, and EU Compliance! - SWN #579 (www.scworld.com)

08 May 2026

Federal agencies ordered to patch Ivanti EPMM zero-day in 3 days (www.scworld.com)

08 May 2026

'Dirty Frag' Linux zero-day exposes most distributions to LPE (www.scworld.com)

08 May 2026

CISA gives feds four days to patch Ivanti flaw exploited as zero-day (www.bleepingcomputer.com)

08 May 2026

Ivanti EPMM vulnerability exploited in zero-day attacks (CVE-2026-6973) (www.helpnetsecurity.com)

08 May 2026

Mozilla Patches 423 Firefox 0-Day Vulnerabilities with Claude Mythos and Other AI Models (cybersecuritynews.com)

08 May 2026

New Linux 'Dirty Frag' zero-day gives root on all major distros (www.bleepingcomputer.com)

08 May 2026

Ivanti Patches EPMM Zero-Day Exploited in Targeted Attacks (www.securityweek.com)

08 May 2026

Nation-state actors exploit Palo Alto PAN-OS zero-day for weeks (securityaffairs.com)

07 May 2026

State-sponsored hackers likely behind zero-day attacks on Palo Alto firewalls (www.helpnetsecurity.com)

07 May 2026

New Ivanti EPMM 0-Day Vulnerability Actively Exploited in Attacks (cybersecuritynews.com)

07 May 2026

Palo Alto Zero-Day Exploited in Campaign Bearing Hallmarks of Chinese State Hacking (www.securityweek.com)

07 May 2026

Ivanti warns of new EPMM flaw exploited in zero-day attacks (www.bleepingcomputer.com)

07 May 2026

ThreatsDay Bulletin: Edge Plaintext Passwords, ICS 0-Days, Patch-or-Die Alerts and 25+ New Stories (thehackernews.com)

07 May 2026

Palo Alto Networks Firewall Zero-Day RCE Vulnerability Exploited in the Wild Since April (cybersecuritynews.com)

07 May 2026

Palo Alto Networks firewall zero-day exploited for nearly a month (www.bleepingcomputer.com)

07 May 2026

Palo Alto Networks to Patch Zero-Day Exploited to Hack Firewalls (www.securityweek.com)

05 May 2026

Threat Actors Use AI to Automate Zero-Day Discovery and Exploitation at Machine Speed (securityboulevard.com)

04 May 2026

CISA Warns of Linux Kernel 0-Day Vulnerability Exploited in Attacks (cybersecuritynews.com)

04 May 2026

Threat Actors Use AI to Automate 0-Day Discovery and Exploitation at Machine Speed (cybersecuritynews.com)

04 May 2026

Week in review: High-severity LPE vulnerability in the Linux kernel, cPanel 0-day exploited for months (www.helpnetsecurity.com)

03 May 2026

cPanel zero-day exploited for months before patch release (CVE-2026-41940) (www.helpnetsecurity.com)

30 Apr 2026

Critical cPanel and WHM bug exploited as a zero-day, PoC now available (www.bleepingcomputer.com)

30 Apr 2026

Critical cPanel & WHM Vulnerability Exploited as Zero-Day for Months (www.securityweek.com)

30 Apr 2026

Bug of the year (so far)? Nasty cPanel vulnerability probably exploited as a 0-day (go.theregister.com)

30 Apr 2026

cPanel 0-Day Authentication Bypass Vulnerability Actively Exploited in the Wild — PoC Released (cybersecuritynews.com)

30 Apr 2026

Linux Kernel 0-Day “Copy Fail” Roots Every Major Distribution Since 2017 (cybersecuritynews.com)

29 Apr 2026

Microsoft's patch for a 0-day exploited by Russian spies fell short. Another Windows flaw is under attack (go.theregister.com)

29 Apr 2026

Claude Mythos Has Found 271 Zero-Days in Firefox (securityboulevard.com)

29 Apr 2026

Claude Mythos Has Found 271 Zero-Days in Firefox (www.schneier.com)

29 Apr 2026

CISA orders feds to patch Windows flaw exploited as zero-day (www.bleepingcomputer.com)

29 Apr 2026

ZDI-26-305: (0Day) OpenAI Codex Sandbox Escape Vulnerability (www.zerodayinitiative.com)

28 Apr 2026

Blue Origin Leak Claim, iOS Zero Day Sale, VPN and AWS Access Listings, and Ticketmaster Database Post (socradar.io)

28 Apr 2026

Litecoin Zero-Day Vulnerability Exploited in DoS Attack, Disrupts Major Mining Pools (cybersecuritynews.com)

25 Apr 2026

When Mythos Finds Thousands of Zero-Days, EU Regulators Won’t Wait for Your SOC to Catch Up (securityboulevard.com)

23 Apr 2026

Why Chrome Zero-Days Keep Winning and What Enterprises Need to Change – Blog | Menlo Security (securityboulevard.com)

23 Apr 2026

CISA orders feds to patch BlueHammer flaw exploited as zero-day (www.bleepingcomputer.com)

23 Apr 2026

Recent Microsoft Defender Vulnerability Exploited as Zero-Day (www.securityweek.com)

23 Apr 2026

Claude Mythos AI Model Uncovers 271 Zero-Day Vulnerabilities in Firefox (cybersecuritynews.com)

22 Apr 2026

Claude Mythos finds 271 Firefox flaws, Mozilla believes zero-days are numbered (www.helpnetsecurity.com)

22 Apr 2026

ZDI-26-293: (0Day) Microsoft Office URI Handler NTLM Response Information Disclosure Vulnerability (www.zerodayinitiative.com)

21 Apr 2026

ZDI-26-294: (0Day) Microsoft Windows library-ms NTLM Response Information Disclosure Vulnerability (www.zerodayinitiative.com)

21 Apr 2026

ZDI-26-295: (0Day) PublicCMS getXml Server-Side Request Forgery Information Disclosure Vulnerability (www.zerodayinitiative.com)

21 Apr 2026

RedSun Microsoft zero-day: When Microsoft Defender Turns Against You (blog.blu3raven.ai)

21 Apr 2026

[un]prompted 2026 – Al Found 12 Zero-Days in OpenSSL (securityboulevard.com)

19 Apr 2026

Microsoft Defender under attack as three zero-days, two of them still unpatched, enable elevated access (securityaffairs.com)

18 Apr 2026

BlueHammer, RedSun, and UnDefend: Three Windows Defender Zero-Days Exploited in the Wild (socradar.io)

17 Apr 2026

Three Microsoft Defender Zero-Days Actively Exploited; Two Still Unpatched (thehackernews.com)

17 Apr 2026

Leaked Windows Defender 0-Day Vulnerability Actively Exploited in Attacks (cybersecuritynews.com)

17 Apr 2026

Researcher drops two more Microsoft Defender zero-days, all three now exploited in the wild (www.helpnetsecurity.com)

17 Apr 2026

Recently leaked Windows zero-days now exploited in attacks (www.bleepingcomputer.com)

17 Apr 2026

Microsoft Defender 0-Day Vulnerability “RedSun” Enables Full SYSTEM Access (cybersecuritynews.com)

17 Apr 2026

Microsoft awards $2.3 million in Zero Day Quest hacking contest (www.scworld.com)

16 Apr 2026

New Microsoft Defender “RedSun” zero-day PoC grants SYSTEM privileges (www.bleepingcomputer.com)

16 Apr 2026

ThreatsDay Bulletin: Defender 0-Day, SonicWall Brute-Force, 17-Year-Old Excel RCE and 15 More Stories (thehackernews.com)

16 Apr 2026

April 2026 Patch Tuesday: 165 Vulnerabilities, Two Zero-Days Including One Actively Exploited (socradar.io)

16 Apr 2026

Microsoft Paid Out $2.3 Million at Zero Day Quest 2026 Hacking Contest (www.securityweek.com)

16 Apr 2026

31 High-Impact Vulnerabilities Exploited in March as Interlock Hits Cisco FMC Zero-Day (cybersecuritynews.com)

16 Apr 2026

Patch Tuesday notes: Microsoft addresses two zero-days. (thecyberwire.com)

15 Apr 2026

Microsoft pays $2.3M for cloud and AI flaws at Zero Day Quest (www.bleepingcomputer.com)

15 Apr 2026

ZDI-26-258: (0Day) Docker Desktop extension-manager Exposed Dangerous Function Local Privilege Escalation Vulnerability (www.zerodayinitiative.com)

15 Apr 2026

ZDI-26-259: (0Day) Docker Desktop cli-plugins Incorrect Permission Assignment Local Privilege Escalation Vulnerability (www.zerodayinitiative.com)

15 Apr 2026

ZDI-26-260: (0Day) Docker Desktop System Editor Uncontrolled Search Path Element Privilege Escalation Vulnerability (www.zerodayinitiative.com)

15 Apr 2026

ZDI-26-261: (0Day) Docker Desktop credentialHelper Directory Traversal Privilege Escalation Vulnerability (www.zerodayinitiative.com)

15 Apr 2026

April Patch Tuesday fixes two zero-days, including one under active attack (securityboulevard.com)

15 Apr 2026

April Patch Tuesday fixes two zero-days, including one under active attack (www.malwarebytes.com)

15 Apr 2026

Microsoft Issues Patches for SharePoint Zero-Day and 168 Other New Vulnerabilities (thehackernews.com)

15 Apr 2026

Microsoft Defender 0-Day Vulnerability Enables Privilege Escalation Attack (cybersecuritynews.com)

15 Apr 2026

Microsoft Patch Tuesday for April 2026 fixed actively exploited SharePoint zero-day (securityaffairs.com)

15 Apr 2026

Microsoft SharePoint Server 0-Day Vulnerability Actively Exploited in Attacks (cybersecuritynews.com)

14 Apr 2026

April Patch Tuesday roundup: Zero day vulnerabilities and critical bugs (www.csoonline.com)

14 Apr 2026

Microsoft Patches Exploited SharePoint Zero-Day and 160 Other Vulnerabilities (www.securityweek.com)

14 Apr 2026

Microsoft April 2026 Patch Tuesday fixes 167 flaws, 2 zero-days (www.bleepingcomputer.com)

14 Apr 2026

Microsoft Patch Tuesday April 2026 – 168 Vulnerabilities Fixed, Including Actively Exploited 0-day (cybersecuritynews.com)

14 Apr 2026

Researcher Reverse Engineered 0-Day Used to Disable CrowdStrike EDR (cybersecuritynews.com)

14 Apr 2026

Adobe Patches Actively Exploited Zero-Day That Lingered for Months (www.darkreading.com)

13 Apr 2026

Adobe rolls out emergency fix for Acrobat, Reader zero-day flaw (www.bleepingcomputer.com)

13 Apr 2026

Simply opening a PDF could trigger this Adobe Reader zero-day (securityboulevard.com)

13 Apr 2026

Simply opening a PDF could trigger this Adobe Reader zero-day (www.malwarebytes.com)

13 Apr 2026

CVE-2026-34621: Adobe Acrobat Reader Zero-Day Enables Arbitrary Code Execution via Crafted PDF (socradar.io)

13 Apr 2026

Adobe Patches Acrobat Reader 0-Day Vulnerability Exploited in the Wild (cybersecuritynews.com)

13 Apr 2026

Week in review: Windows zero-day exploit leaked, Patch Tuesday forecast (www.helpnetsecurity.com)

12 Apr 2026

Adobe Patches Reader Zero-Day Exploited for Months (www.securityweek.com)

12 Apr 2026

Saturday Security: AI Could Trigger a Zero-Day Exploit Tsunami (securityboulevard.com)

11 Apr 2026

Unpatched Adobe Reader Zero-Day Exploited for Months via Weaponized PDFs Targeting Energy and… (medium.com)

11 Apr 2026

Adobe Reader zero-day vulnerability in active exploitation (www.sophos.com)

10 Apr 2026

The PDF You Just Opened Could Be Watching You: Inside the Adobe Reader Zero-Day (socfortress.medium.com)

10 Apr 2026

Adobe Reader zero-day exploit used in months-long cyber campaign (www.scworld.com)

10 Apr 2026

In Other News: Cyberattack Stings Stryker, Windows Zero-Day, China Supercomputer Hack (www.securityweek.com)

10 Apr 2026

Storm-1175: China’s Zero-Day Ransomware Machine Hits Critical Infrastructure at Record Speed (medium.com)

10 Apr 2026

'BlueHammer' Windows Zero-Day Exploit Signals Microsoft Bug Disclosure Issues (www.darkreading.com)

09 Apr 2026

Malicious PDF reveals active Adobe Reader zero-day in the wild (securityaffairs.com)

09 Apr 2026

Claude Mythos Preview identifies 27-year-old bug, finds 'thousands' of zero-days in weeks (www.scworld.com)

09 Apr 2026

Months-old Adobe Reader zero-day uses PDFs to size up targets (go.theregister.com)

09 Apr 2026

We Confirmed the BlueHammer Zero-Day Before Microsoft Said a Word (medium.com)

09 Apr 2026

Acrobat Reader zero-day exploited in the wild for many months (www.helpnetsecurity.com)

09 Apr 2026

Adobe Reader Zero-Day Exploited via Malicious PDFs Since December 2025 (thehackernews.com)

09 Apr 2026

Hackers exploiting Acrobat Reader zero-day flaw since December (www.bleepingcomputer.com)

09 Apr 2026

Adobe Reader Zero-Day Exploited for Months: Researcher (www.securityweek.com)

09 Apr 2026

BlueHammer: Windows zero-day exploit leaked (www.helpnetsecurity.com)

08 Apr 2026

[un]prompted 2026 – FENRIR: Al Hunting For Al Zero-Days At Scale (securityboulevard.com)

08 Apr 2026

Hackers Actively Attacking Adobe Reader Users Using Sophisticated 0-Day Exploit (cybersecuritynews.com)

08 Apr 2026

Anthropic Unveils Claude Mythos Preview With Powerful Zero-Day Detection Capabilities (cybersecuritynews.com)

08 Apr 2026

The zero-day timeline just collapsed. Here’s what security leaders do next (www.csoonline.com)

08 Apr 2026

Anthropic's Claude Mythos Finds Thousands of Zero-Day Flaws Across Major Systems (thehackernews.com)

08 Apr 2026

Anthropic’s new AI model finds and exploits zero-days across every major OS and browser (www.helpnetsecurity.com)

07 Apr 2026

Anthropic: All your zero-days are belong to Mythos (go.theregister.com)

07 Apr 2026

Fortinet releases emergency hotfix for FortiClient EMS zero-day flaw (www.csoonline.com)

07 Apr 2026

Windows zero-day vulnerability 'BlueHammer' exploit code released (www.scworld.com)

07 Apr 2026

The Edge of the Abyss: How APTs Reverse Engineer Corporate Firewalls for 0-Days (medium.com)

07 Apr 2026

BlueHammer Windows Zero-Day: Privilege Escalation Risk (socradar.io)

07 Apr 2026

Experts published unpatched Windows zero-day BlueHammer (securityaffairs.com)

07 Apr 2026

Microsoft Warns Storm-1175 Exploits Web-Facing Assets 0-Day Flaws in Medusa Ransomware Attacks (cybersecuritynews.com)

07 Apr 2026

China-Linked Storm-1175 Exploits Zero-Days to Rapidly Deploy Medusa Ransomware (thehackernews.com)

07 Apr 2026

Researcher Released Windows Defender 0-Day Exploit Code, Allowing Attackers to Gain Full Access (cybersecuritynews.com)

06 Apr 2026

Fortinet Issues Emergency Patch for FortiClient Zero-Day (www.darkreading.com)

06 Apr 2026

Disgruntled researcher leaks “BlueHammer” Windows zero-day exploit (www.bleepingcomputer.com)

06 Apr 2026

Attackers exploited this critical FortiClient EMS bug as a 0-day (go.theregister.com)

06 Apr 2026

Microsoft links Medusa ransomware affiliate to zero-day attacks (www.bleepingcomputer.com)

06 Apr 2026

CISA Warns of Fortinet 0-Day Vulnerability Actively Exploited in Attacks (cybersecuritynews.com)

06 Apr 2026

FAQs

Today’s top cybersecurity headlines typically include actively exploited vulnerabilities, ransomware campaigns, major data breaches, zero-day disclosures, nation-state activity, and critical vendor security advisories. Security teams should prioritise threat alerts involving KEVs, remote code execution vulnerabilities, cloud platform attacks, and vulnerabilities affecting internet-facing systems.
By using this site, you agree to our Terms & Conditions.

COOKIE / PRIVACY POLICY: This website uses essential cookies required for basic site functionality. We also use analytics cookies to understand how the website is used. We do not use cookies for marketing or personalization, and we do not sell or share any personal data with third parties.

Terms & Privacy Policy