Critical cPanel Vulnerability Lets Attackers Bypass Login, Gain Root Access

A critical cPanel vulnerability lets attackers bypass login and gain root access, with active exploitation reported before patches were released.

·

0day, Critical, cybersecurity, EOL, Security, vulnerability, WHM

¶¶¶¶¶

Microsoft Vulnerabilities Drop, But Critical Flaws Double, Report Warns

Microsoft vulnerabilities fall, but critical flaws double, BeyondTrust report highlights rising risk in Microsoft Office, Azure, and cloud systems.

·

0day, AI, Azure, cybersecurity, Dynamics 365, Microsoft, Security, vulnerability, Zero-Day

¶¶¶¶¶

Adobe Reader Zero-Day Exploited to Steal Data via Malicious PDFs

An Adobe Reader zero-day vulnerability is being actively exploited via malicious PDFs, allowing hackers to steal data without user interaction, with no patch available.

·

0day, adobe, Adobe Reader, Cyber Attack, cybersecurity, EXPMON, Haifei Li, PDF, Security, vulnerability

¶¶¶¶¶

ImageMagick Zero-Day Enables RCE on Linux and WordPress Servers

New research from Octagon Networks reveals a critical zero-day ImageMagick vulnerability that allows Remote Code Execution (RCE) via simple image uploads affecting Ubuntu, Amazon Linux, and WordPress. This magic byte shift bypasses even the most secure…

·

0day, cybersecurity, ImageMagick, Octagon Networks, RCE, Security, vulnerability, Wordpress

¶¶¶¶¶

Microsoft Fixes 79 Flaws in March Patch Tuesday, Including Two 0-Days

Microsoft fixes 79 vulnerabilities in March 2026 Patch Tuesday, including two publicly disclosed 0-days affecting SQL Server, .NET and Windows systems.

·

0day, cybersecurity, Microsoft, Patch Tuesday, Security, vulnerability, Windows

¶¶¶¶¶

Multiple Zero-Day Flaws in PDF Platforms Enable XSS and One-Click Attacks

We often think of a PDF file (Portable Document Format file) as a simple digital version of a…

·

0day, Apryse, cybersecurity, Foxit, Novee Security, Security, vulnerability, xss

¶¶¶¶¶

Ivanti Issues Urgent Fix for Critical Zero-Day Flaws Under Active Attack

Ivanti has disclosed two critical remote code execution (RCE) flaws (CVE-2026-1281 & CVE-2026-1340) in its EPMM software.

·

0day, Cyber Attack, cybersecurity, EPMM, Ivanti, RPM, Security, vulnerability

¶¶¶¶¶

Microsoft January 2026 Patch Tuesday: 115 Vulnerabilities Fixed

Microsoft kicks off 2026 with 115 security updates, including a fix for an actively exploited zero-day. Protect your Windows and Office systems today.

·

0day, cybersecurity, Microsoft, Patch Tuesday, Security, vulnerability

¶¶¶¶¶

Critical 0day flaw Exposes 70k XSpeeder Devices as Vendor Ignores Alert

Researchers reveal CVE-2025-54322, a critical unpatched flaw in XSpeeder networking gear found by AI agents. 70,000 industrial and branch devices are exposed.

·

0day, Agentic AI, AI, cybersecurity, Security, vulnerability, XSpeeder

¶¶¶¶¶

Amazon: Russian GRU hackers favor misconfigured devices over vulnerabilities

Amazon Threat Intelligence reports Russian GRU hackers are increasingly breaking into critical infrastructure by abusing misconfigured devices instead of exploiting software vulnerabilities.

·

0day, Amazon, APT44, AWS, Curly COMrades, Cyber Attack, Cyber Crime, cybersecurity, GRU, Malware, Russia, Sandworm, Seashell Blizzard, Security, vulnerability

¶¶¶¶¶

1010.cx

1010.cx

Category: 0day

Critical cPanel Vulnerability Lets Attackers Bypass Login, Gain Root Access

Microsoft Vulnerabilities Drop, But Critical Flaws Double, Report Warns

Adobe Reader Zero-Day Exploited to Steal Data via Malicious PDFs

ImageMagick Zero-Day Enables RCE on Linux and WordPress Servers

Microsoft Fixes 79 Flaws in March Patch Tuesday, Including Two 0-Days

Multiple Zero-Day Flaws in PDF Platforms Enable XSS and One-Click Attacks

Ivanti Issues Urgent Fix for Critical Zero-Day Flaws Under Active Attack

Microsoft January 2026 Patch Tuesday: 115 Vulnerabilities Fixed

Critical 0day flaw Exposes 70k XSpeeder Devices as Vendor Ignores Alert

Amazon: Russian GRU hackers favor misconfigured devices over vulnerabilities