Technology ❯ Cybersecurity ❯ Vulnerabilities

Zero-Day Vulnerabilities

Microsoft Security Updates Palo Alto Networks CVE-2025-53690 BlueHammer CVE-2026-20700 Microsoft Apple Security Updates Fortinet FortiWeb Ivanti EPMM CVE-2025-0282

CISA Adds Actively Exploited Microsoft Exchange Zero-Day to KEV Catalog

A hard May 29 deadline collides with the fact that only a temporary mitigation is available.

Researcher Publishes YellowKey BitLocker Bypass and GreenPlasma Windows Exploit PoCs

CISA Orders Rapid Patching of Cisco SD‑WAN Admin‑Bypass Flaw CVE‑2026‑20182

Microsoft Says Exchange OWA Flaw Is Under Active Attack, Rolls Out Auto Mitigation

Ivanti Patches EPMM Zero‑Day Under Active Exploitation as CISA Orders Fix by May 10

CISA Flags Palo Alto PAN-OS Zero-Day as Actively Exploited, Orders Federal Fixes by May 9

Researcher Publishes ‘BlueHammer’ Windows Zero-Day Exploit With No Patch

Microsoft Links China-Linked Storm-1175 to Fast Zero-Day Exploits in Medusa Ransomware Campaigns

CISA Orders Rapid Fix for Actively Exploited Fortinet EMS Zero-Day

CISA Flags Cisco Firewall Zero-Day Exploited by Interlock, Sets March 22 Patch Deadline

Google Rushes Chrome 146 Update to Patch Two Zero‑Days Exploited in the Wild

Microsoft’s March Patch Tuesday Fixes 80+ Flaws, Two Public Zero‑Days, No Active Exploits Reported

Dell Patches RecoverPoint Zero-Day Exploited Since 2024 by Suspected China Group

Apple Releases Fixes for Actively Exploited Dyld Zero-Day Across Its Platforms

Microsoft Fixes Six Actively Exploited Zero‑Days in February Patch Tuesday

Fortinet Begins Patching Actively Exploited FortiCloud SSO Bypass as CISA Sets Jan. 30 Deadline

Microsoft Issues Emergency Patches for Exploited Office Zero-Day CVE-2026-21509

Talos Ties Sitecore Zero-Day Intrusions to China-Linked UAT-8837

Apple Urges iPhone Updates After Active WebKit Spyware Exploits

Huntress Uncovers Pre-Disclosure ESXi VM-Escape Toolkit Used in December Intrusion