A Cisco SD-WAN zero-day reportedly lived in the wild for months, reminding defenders that a flaw in the management layer can matter long before anyone sees a noisy outage.
A Cisco SD-WAN weakness now tied to root-level compromise shows how a routine admin workflow can turn into a control-plane security event.
Cisco has warned that an active zero-day in its SD-WAN environment could permit command injection, a serious reminder that management systems can become the most valuable target in the room.
Google’s latest security bulletin is a broad cleanup, but one zero-day exploited in targeted attacks turns the update into an exposure race for unpatched devices.
Fortinet’s April hotfixes for a FortiClient EMS security defect show how quickly a management-plane bug can become an urgent fleet-risk problem.
Trend Micro’s warning about an exploited Apex One zero-day is a reminder that endpoint defenses are only as strong as the management layer behind them.
Two actively exploited zero-days in Defender turn endpoint protection into the attack surface, showing why security tooling must be patched as aggressively as the systems it protects.
A Google threat-intelligence update points to a shift from AI-assisted research to AI-assisted weaponization, with one reported zero-day built around a trust-assumption flaw rather than classic memory corruption.
A sanctioned exploit contest in Berlin turned browser sandboxes, Windows privilege boundaries, Linux workstations, container runtimes, and AI tools into a live stress test for today’s security architecture.
A sanctioned exploit contest put Microsoft Edge, Windows 11, LiteLLM, and NVIDIA-related technologies under pressure, showing how today’s attack surface reaches from the browser sandbox to AI control planes.
A controlled exploit contest in Berlin turned into a stress test for modern security layers, with researchers demonstrating 24 unique zero-days across Microsoft Edge, Windows 11, LiteLLM, and NVIDIA-related targets.
Microsoft moved to blunt a high-severity Exchange Server flaw after exploitation was reported, and the case again shows how browser-based mail can become a security boundary, not just a convenience.
A claim tied to Google’s threat-intelligence work points to a new kind of offensive workflow: AI-assisted exploit creation moving into zero-day territory, with defenders left racing the clock.
A reported zero-day believed to involve AI assistance points to a dangerous possibility: machine help moving closer to the moment a flaw becomes weaponized.
A reported Google threat-intelligence claim points to AI being used as an accelerator for exploit work, Android backdoors, and software-supply-chain abuse.
Google said it spotted an unknown actor using a zero-day exploit that was likely AI-assisted, with a 2FA bypass in a campaign aimed at mass exploitation.
A Google threat-intelligence finding points to a rare shift: exploit development that appears to have been accelerated by AI, with implications for how fast defenders now need to move.
Google’s threat researchers have tied a zero-day against a web admin tool to indicators of AI-assisted development, a sign that exploit creation may be shifting from manual craft to machine-augmented logic work.
A detected zero-day framed as AI-generated raises a sharper question than hype: whether machine assistance is starting to compress the time it takes criminals to turn authentication logic against itself.
Researchers warn that AI has already been used to build a working zero-day exploit, while threat groups are also using it to scale attacks before security teams can fully respond.