Microsoft Working on Patch for ‘RoguePlanet’ Zero-Day 2026-06-17 at 12:41 By Ionut Arghire The public PoC code exploits a race condition in Microsoft Defender to spawn a command prompt with System privileges. The post Microsoft Working on Patch for ‘RoguePlanet’ Zero-Day appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source
Microsoft Working on Patch for ‘RoguePlanet’ Zero-Day Read More »
Cisco Patches Another SD-WAN Zero-Day Exploited in Attacks 2026-06-16 at 09:20 By Eduard Kovacs Cisco recently became aware of the exploitation of CVE-2026-20262, a Catalyst SD-WAN Manager zero-day that allows arbitrary file write. The post Cisco Patches Another SD-WAN Zero-Day Exploited in Attacks appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View
Cisco Patches Another SD-WAN Zero-Day Exploited in Attacks Read More »
Google Confirms Exploitation of Oracle PeopleSoft Zero-Day by ShinyHunters 2026-06-12 at 09:44 By Eduard Kovacs Oracle has mitigated CVE-2026-35273, but it has not publicly confirmed the vulnerability’s in-the-wild exploitation. The post Google Confirms Exploitation of Oracle PeopleSoft Zero-Day by ShinyHunters appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source
Google Confirms Exploitation of Oracle PeopleSoft Zero-Day by ShinyHunters Read More »
Oracle Addresses PeopleSoft Vulnerability Amid Reports of Zero-Day Attacks 2026-06-11 at 16:57 By Eduard Kovacs Oracle has released a patch for CVE-2026-35273, but it has not said whether it’s a zero-day exploited in ShinyHunters attacks. The post Oracle Addresses PeopleSoft Vulnerability Amid Reports of Zero-Day Attacks appeared first on SecurityWeek. This article is an excerpt
Oracle Addresses PeopleSoft Vulnerability Amid Reports of Zero-Day Attacks Read More »
No Patch Planned for Exploited Arista EOS Vulnerability 2026-06-10 at 09:55 By Ionut Arghire Organizations are advised to apply vendor-supplied mitigations or discontinue the vulnerable devices. The post No Patch Planned for Exploited Arista EOS Vulnerability appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source
No Patch Planned for Exploited Arista EOS Vulnerability Read More »
Check Point VPN Zero-Day Exploited in Qilin Ransomware Attacks 2026-06-09 at 13:39 By Ionut Arghire The authentication bypass vulnerability allows attackers to establish VPN connections without a valid password. The post Check Point VPN Zero-Day Exploited in Qilin Ransomware Attacks appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source
Check Point VPN Zero-Day Exploited in Qilin Ransomware Attacks Read More »
Google Patches 5th Chrome Zero-Day Exploited in 2026 2026-06-09 at 09:42 By Eduard Kovacs The vulnerability is tracked as CVE-2026-11645 and it was reported in late April by an anonymous researcher. The post Google Patches 5th Chrome Zero-Day Exploited in 2026 appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source
Google Patches 5th Chrome Zero-Day Exploited in 2026 Read More »
Cisco Warns of 7th SD-WAN Zero-Day Exploited in 2026 2026-06-05 at 09:23 By Eduard Kovacs The vulnerability is tracked as CVE-2026-20245 and it can allow arbitrary command execution as root, but no patch yet. The post Cisco Warns of 7th SD-WAN Zero-Day Exploited in 2026 appeared first on SecurityWeek. This article is an excerpt from
Cisco Warns of 7th SD-WAN Zero-Day Exploited in 2026 Read More »
VS Code Vulnerability Allows One-Click GitHub Token Theft 2026-06-04 at 13:16 By Eduard Kovacs A researcher has disclosed the full details of the vulnerability and released a PoC without notifying Microsoft in advance. The post VS Code Vulnerability Allows One-Click GitHub Token Theft appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View
VS Code Vulnerability Allows One-Click GitHub Token Theft Read More »
Microsoft Tries to Calm Legal Threat Fears After Zero-Day Disclosure Backlash 2026-06-03 at 12:57 By Eduard Kovacs Microsoft responds to backlash over its threats of legal action against researchers who publicly disclose zero-day vulnerabilities. The post Microsoft Tries to Calm Legal Threat Fears After Zero-Day Disclosure Backlash appeared first on SecurityWeek. This article is an
Microsoft Tries to Calm Legal Threat Fears After Zero-Day Disclosure Backlash Read More »
Android Update Patches Exploited Zero-Day, 123 Other Vulnerabilities 2026-06-02 at 18:01 By Eduard Kovacs Google says the Android vulnerability CVE-2025-48595 has been exploited in limited, targeted attacks. The post Android Update Patches Exploited Zero-Day, 123 Other Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source
Android Update Patches Exploited Zero-Day, 123 Other Vulnerabilities Read More »
CISA Urges Immediate Patching of Exploited LiteSpeed cPanel Plugin Zero-Day 2026-05-27 at 09:56 By Ionut Arghire Resolved last week, the vulnerability was exploited in the wild as a zero-day to execute scripts with root privileges. The post CISA Urges Immediate Patching of Exploited LiteSpeed cPanel Plugin Zero-Day appeared first on SecurityWeek. This article is an
CISA Urges Immediate Patching of Exploited LiteSpeed cPanel Plugin Zero-Day Read More »
Hackers Exploited KnowledgeDeliver Zero-Day for Web Shell Deployment 2026-05-26 at 17:32 By Ionut Arghire Hardcoded machineKey values in a configuration file enabled ViewState deserialization attacks leading to remote code execution. The post Hackers Exploited KnowledgeDeliver Zero-Day for Web Shell Deployment appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source
Hackers Exploited KnowledgeDeliver Zero-Day for Web Shell Deployment Read More »
TrendAI Patches Apex One Zero-Day Exploited in the Wild 2026-05-22 at 11:53 By Eduard Kovacs CVE-2026-34926 is a directory traversal flaw that can be exploited against the on-premise version of Apex One. The post TrendAI Patches Apex One Zero-Day Exploited in the Wild appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View
TrendAI Patches Apex One Zero-Day Exploited in the Wild Read More »
Microsoft Patches Exploited UnDefend and RedSun Defender Zero-Days 2026-05-21 at 13:14 By Ionut Arghire The bugs could be exploited to elevate privileges to System or create a denial-of-service (DoS) condition. The post Microsoft Patches Exploited UnDefend and RedSun Defender Zero-Days appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source
Microsoft Patches Exploited UnDefend and RedSun Defender Zero-Days Read More »
Microsoft Warns of Exchange Server Zero-Day Exploited in the Wild 2026-05-15 at 15:32 By Eduard Kovacs Microsoft has shared mitigations for CVE-2026-42897 until a permanent patch can be released for affected Exchange Server versions. The post Microsoft Warns of Exchange Server Zero-Day Exploited in the Wild appeared first on SecurityWeek. This article is an excerpt
Microsoft Warns of Exchange Server Zero-Day Exploited in the Wild Read More »
Cisco Patches Another SD-WAN Zero-Day, the Sixth Exploited in 2026 2026-05-15 at 10:16 By Eduard Kovacs The zero-day, tracked as CVE-2026-20182, has been exploited in targeted attacks by a sophisticated threat actor identified as UAT-8616. The post Cisco Patches Another SD-WAN Zero-Day, the Sixth Exploited in 2026 appeared first on SecurityWeek. This article is an
Cisco Patches Another SD-WAN Zero-Day, the Sixth Exploited in 2026 Read More »
Researcher Drops YellowKey, GreenPlasma Windows Zero-Days 2026-05-14 at 11:16 By Ionut Arghire YellowKey is a BitLocker bypass that requires physical access. GreenPlasma enables elevation of privileges to System. The post Researcher Drops YellowKey, GreenPlasma Windows Zero-Days appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source
Researcher Drops YellowKey, GreenPlasma Windows Zero-Days Read More »
Ivanti Patches EPMM Zero-Day Exploited in Targeted Attacks 2026-05-08 at 11:42 By Eduard Kovacs CVE-2026-6973 is a high-severity vulnerability that allows an attacker who has admin privileges to execute arbitrary code. The post Ivanti Patches EPMM Zero-Day Exploited in Targeted Attacks appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source
Ivanti Patches EPMM Zero-Day Exploited in Targeted Attacks Read More »
Palo Alto Zero-Day Exploited in Campaign Bearing Hallmarks of Chinese State Hacking 2026-05-07 at 19:01 By Eduard Kovacs The cybersecurity firm has not explicitly accused China of being behind the attack, but the evidence suggests it was. The post Palo Alto Zero-Day Exploited in Campaign Bearing Hallmarks of Chinese State Hacking appeared first on SecurityWeek.
Palo Alto Zero-Day Exploited in Campaign Bearing Hallmarks of Chinese State Hacking Read More »