Zero Day Exploit

Minimalist vector on solid brown: A white video camera icon with a red "hacker" skull overlaid, representing collaboration software exploitation.

Vulnerabilities

PhantomCore Exploits TrueConf Vulnerabilities to Breach Russian Networks

A pro-Ukrainian hacktivist group called PhantomCore has been exploiting three TrueConf video conferencing flaws (BDU-2025-10114, 10115, 10116) since September 2025 to breach Russian networks. By chaining these vulnerabilities, the group bypasses authentication and executes arbitrary OS commands, turning video conferencing servers into springboards for lateral movement and data harvesting. ST.

28 Apr 2026

Vulnerabilities

10k+ Zimbra XSS – CISA-Flagged, 10k+ Exposed Servers, Active Exploitation

A stored cross-site scripting flaw in Zimbra Collaboration Suite (CVE-2025-48700) is now being exploited in the wild against more than 10,000 exposed servers worldwide, prompting CISA to add the bug to its Known Exploited Vulnerabilities catalog and order U.S. federal agencies to patch within three days. GLOBAL — For

27 Apr 2026

Stylized AI brain connects to an unmasked cloud, symbolizing SSRF attack on cloud metadata.

Vulnerabilities

LMDeploy LLM Engine SSRF (CVE-2026-33626) Exploited Within 12 Hours

A newly-disclosed Server-Side Request Forgery flaw in the LMDeploy LLM inference-serving toolkit is already under active exploitation, with attackers using a vision-language-module endpoint as an SSRF primitive to probe AWS IMDS, internal databases, and admin planes within minutes of patch availability. SHANGHAI, CHINA — The window between a vulnerability disclosure and

27 Apr 2026

Minimalist white line art on a vibrant teal background showing a stylized cloud icon with a small upward arrow piercing the bottom, representing a malicious file upload exploit.

Vulnerabilities

Hackers Exploit Critical Breeze Cache Flaw in WordPress Sites

A file-upload bug in the Breeze Cache plugin is under active exploitation, but only sites with the optional “Host Files Locally – Gravatars” feature enabled appear exposed. The issue highlights how a niche plugin setting can create outsized risk across a large WordPress install base. VALENCIA, SPAIN — Threat actors have begun

26 Apr 2026

A cracked shield and a network bridge on a slate blue background, representing the Cisco identity security patches.

Vulnerabilities

Cisco Issues Urgent Fixes for Critical Identity Services and Webex Impersonation Flaws

Security updates address four severe vulnerabilities that could allow unauthenticated attackers to execute remote code or impersonate high-level administrators within corporate environments. SAN JOSE, CA — Cisco Systems has released critical security patches to address a quartet of high-impact vulnerabilities affecting its Identity Services Engine (ISE) and Webex collaboration suite. The

16 Apr 2026

An Nginx server bypass on a crimson background, symbolizing the CVE-2026-33032 vulnerability.

Vulnerabilities

Critical Nginx UI Flaw Grants Unauthenticated Root Access to Web Servers

A severe vulnerability in the popular Nginx UI management tool is being actively exploited, allowing attackers to bypass authentication and gain full command execution on hosting infrastructure. SAN FRANCISCO, CA — Security researchers have issued an urgent warning following the discovery of CVE-2026-33032, a critical vulnerability in Nginx UI — a widely

15 Apr 2026

A Medusa head emerging from a server rack next to a cracked zero-day symbol, representing the Storm-1175 campaign and the rapid deployment of Medusa ransomware.

Zero Day Exploit

Microsoft Links High-Velocity Zero-Day Exploits to Medusa Ransomware Affiliate

Microsoft’s threat intelligence team has issued a high-priority warning regarding a sophisticated cyber-criminal actor, designated as Storm-1175, which is utilizing zero-day vulnerabilities to deploy the Medusa ransomware. The group, identified as an affiliate of the broader Medusa-as-a-Service operation, has demonstrated an unprecedented speed in its attack lifecycle, often moving

07 Apr 2026

A cracked security shield on a red background, representing the CVE-2026-35616 zero-day vulnerability and emergency patch for Fortinet FortiClient EMS.

Zero Day Exploit

Fortinet Issues Emergency Patches for Actively Exploited FortiClient EMS Zero-Day

Fortinet's FortiClient EMS has a critical zero-day — CVE-2026-35616 — being actively exploited in the wild. Unauthenticated attackers can push malware to every endpoint the server manages. Here's the technical breakdown and what to do right now.

06 Apr 2026

A smartphone lock screen with a red alarm bell as data fragments into binary and warning icons, symbolizing a mobile cyberattack or security breach.

Patch Management

Apple Issues Critical Lock Screen Security Alerts for iOS

In an unprecedented escalation of its security communications, Apple has begun pushing urgent, full-screen "Critical Software Alerts" to millions of iPhone and iPad users. The notifications, which bypass standard "Do Not Disturb" settings, warn users that their devices are running outdated versions of iOS 17 and

29 Mar 2026