A leaked Windows Defender zero-day is being rapidly weaponized, with attackers hiding malicious files in user folders and testing security responses. Find out how these stealthy campaigns work and the latest on Microsoft's defense efforts.
RedSun, a newly released zero-day exploit for Microsoft Defender, allows attackers to gain SYSTEM privileges on fully patched Windows systems. Published as a protest by the researcher, the incident exposes deep tensions between security researchers and Microsoft’s vulnerability response process.
A newly discovered Adobe Acrobat and Reader vulnerability (CVE-2026-34621) is under active exploitation, enabling attackers to run malicious code via booby-trapped PDFs. Discover the risks, technical details, and urgent mitigation steps.
The BlueHammer Windows zero-day exploit, leaked after a researcher’s frustration with Microsoft’s slow response, exposes deep problems in the company’s vulnerability disclosure process and leaves millions of systems at risk.
A newly discovered zero-day vulnerability in Adobe Reader has been actively exploited by hackers using weaponized PDFs since December, enabling data theft and potential full system compromise. Users are urged to stay vigilant until Adobe releases a fix.
A sophisticated zero-day vulnerability in Adobe Reader has been exploited since at least November 2025, enabling attackers to harvest user data and potentially gain remote control. The exploit, discovered by researcher Haifei Li, evaded detection for months and uses Russian-language lures. Adobe is investigating as cybersecurity experts work to unravel the full attack chain.
A newly disclosed zero-day in Qualcomm’s Android graphics component is under active attack, prompting urgent patches from Google. Discover the risks, technical details, and what it means for Android users.
#Android Security | #Qualcomm Vulnerability | #Zero-Day Exploit
APT28 exploited a critical MSHTML zero-day vulnerability before Microsoft’s February 2026 patch, using malicious LNK files to bypass protections and execute code. The attack highlights evolving tactics and ongoing risks from state-sponsored cyber actors.
A critical zero-day flaw in Cisco’s SD-WAN controllers has enabled sophisticated attackers to seize root-level access in critical infrastructure networks since at least 2023. Immediate patching and vigilant monitoring are essential to prevent catastrophic breaches.
#Cisco SD-WAN | #Zero-Day Exploit | #Critical Infrastructure
A critical buffer overflow in Grandstream GXP1600 VoIP phones exposes millions of devices to unauthenticated remote code execution. With public exploit code available, organizations must act fast to patch and secure their voice networks.