Technology ❯ Cybersecurity ❯ Vulnerabilities

Exploits

Spyware CVE-2025-53770 Malware CVE-2025-6558 Zero-Day Exploits CVE-2026-1731 Zero-Day Attacks Privilege Escalation User Safety Remote Access

Microsoft Defender Zero-Days Are Being Exploited as Two Remain Unpatched

Public exploit code accelerated real-world attacks, according to Huntress.

Google Rushes Chrome 146 Update to Fix WebGPU Zero-Day Exploited in the Wild

CISA Orders Federal Agencies to Patch Actively Exploited Citrix NetScaler Flaw

CISA Adds Actively Exploited Langflow RCE to KEV, Sets April 8 Deadline

CISA Flags SharePoint, Zimbra Flaws as Actively Exploited, Sets Rapid Federal Patching Deadlines

Chrome Pushes Second Emergency Update After Skia 0‑Day Fix Was Omitted

Apple Backports Coruna Exploit Fixes in iOS 16.7.15 and 15.8.7 for Older iPhones and iPads

CISA Flags BeyondTrust RCE as Used in Ransomware Attacks

BeyondTrust Pre-Auth RCE Is Now Being Exploited in the Wild

APT28 Exploits Newly Patched Microsoft Office Flaw in Targeted Campaigns

Google Warns of Widespread, Ongoing Exploitation of WinRAR Vulnerability

CISA Warns VMware vCenter Flaw Is Under Attack, Sets Federal Patch Deadline

Microsoft January Windows Patches Fix Active Exploit, Cause Cloud Logins and Shutdown Bugs

CISA Puts Actively Exploited Gogs RCE on KEV, Orders Federal Fix by Feb. 2

Low iOS 26.2 Uptake Leaves iPhones at Risk From Actively Exploited Flaws

Android’s January Patch Fixes Critical Dolby DD+ Flaw as Samsung Plans Play System Update Return

Notarized MacSync Stealer Variant Bypasses Gatekeeper as Apple Revokes Signing Certificate

Apple Limits Critical iPhone Fixes to iOS 26.2, Pressuring Users to Upgrade

Google Links More State Groups to React2Shell as Wallet-Draining Attacks Spread

Notepad++ Releases 8.8.9 After Updater Hijacking Compromised Installs