Researchers have linked the FortiBleed campaign to INC and Lynx ransomware operations while also examining whether a suspected zero-day vulnerability played a role.
Google has pushed another urgent Chrome patch after a zero-day was reported as actively exploited, putting patch speed and restart discipline at the center of browser defense.
Cisco’s warning about CVE-2026-20245 shows how a single management-plane flaw can become a high-value path to root in a centralized network.
The real danger is not just smarter attackers, but a shorter gap between vulnerability discovery, weaponization, and remediation.
Researchers warn that AI has already been used to build a working zero-day exploit, while threat groups are also using it to scale attacks before security teams can fully respond.
With cybercriminals already exploiting a flaw in Ivanti’s EPMM, U.S. federal agencies face a four-day deadline to avert a potential security disaster.
Unauthenticated attackers exploit a critical PAN-OS bug, turning trusted network defenses into silent attack platforms.
Unpatched vulnerability in Palo Alto Networks’ firewalls sparks global scramble as hackers and agencies race against the clock.
A critical buffer overflow flaw puts select Palo Alto firewalls at risk as hackers strike before patches arrive.
A devastating authentication bypass in cPanel has exposed millions of servers to root compromise, forcing global hosting providers into crisis mode.
From 17-year-old Excel exploits to new supply chain shocks, the latest cyber threats prove that no vulnerability is ever truly laid to rest.
A stealthy vulnerability in Adobe’s popular PDF software left users open to malware attacks for months before being discovered and patched.
Google races to patch 31 serious Chrome holes as hackers eye remote code execution opportunities.
A second severe vulnerability in Ivanti's mobile device management platform prompts urgent federal action amid ongoing exploitations.
A newly discovered zero-day in Adobe Reader has enabled sophisticated attacks via malicious PDFs, targeting unsuspecting users worldwide since late 2025.
Public exploit code for a dangerous Windows Defender flaw sparks industry alarm as patchless systems face imminent risk.
A public disclosure of a critical Windows Defender flaw ignites chaos as attackers gain a powerful new weapon-and Microsoft faces backlash from the security community.
A critical flaw in FortiClient EMS sparks rapid patching and exposes the escalating battle over enterprise security.
A critical flaw in Fortinet’s endpoint management tool is being actively weaponized, prompting an urgent global scramble for emergency patches.