-
Day Two of Pwn2Own Automotive 2026 kicked off with high intensity, as security researchers targeted automotive infotainment systems, EV chargers, and gateways. Building on Day One’s momentum, teams demonstrated 37 unique zero-day vulnerabilities,…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
CISA has added CVE-2026-20045, a critical zero-day remote code execution (RCE) vulnerability in Cisco Unified Communications Manager (Unified CM), to its Known Exploited Vulnerabilities (KEV) catalog. Added on January 21, 2026, this flaw affects multip…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Cisco has warned customers of a critical zero-day vulnerability affecting several of its Unified Communications products, including Cisco Unified Communications Manager (Unified CM), Unified Communications Manager Session Management Edition (Unified CM…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Microsoft has released its January 2026 Patch Tuesday security updates, addressing 114 vulnerabilities across Windows, Office, and other products. The update includes three actively exploited zero-day vulnerabilities and 12 critical-severity flaws that…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A critical remote code execution vulnerability in Gladinet Triofox is now under active exploitation by threat actors, and security researchers have demonstrated that weaponizing the flaw requires far more sophistication than initial analyses suggest. C…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Cisco Talos has uncovered an active campaign exploiting a zero-day vulnerability in Cisco AsyncOS Software, affecting Cisco Secure Email Gateway and Cisco Secure Email and Web Manager. The security flaw enables attackers to execute system-level command…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The ForumTroll APT group has resurfaced with a sophisticated phishing campaign targeting Russian academics, marking a significant escalation in their ongoing operations against entities in Russia and Belarus. While the group initially gained notoriety …
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Rapid7’s Metasploit team has released a new exploit module targeting critical zero-day vulnerabilities in Fortinet’s FortiWeb web application firewall, chaining two security flaws to achieve unauthenticated remote code execution with root p…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
North Korea’s two most formidable APT groups Kimsuky and Lazarus have established a coordinated operational framework that combines intelligence gathering with large-scale cryptocurrency theft. According to a comprehensive Trend Micro analysis, t…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A critical zero-day vulnerability in Fortinet FortiWeb has been actively exploited in the wild, allowing attackers to gain complete administrator access without any prior authentication. The flaw affects Fortinet’s Web Application Firewall, which…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
