12 articles
January 2026 saw 23 actively exploited CVEs, including APT28’s Microsoft Office zero-day and critical auth bypass flaws impacting enterprise systems.
Mandiant reveals campaign featuring exploit of a CVSS 10.
Written by: Peter Ukhanov, Daniel Sislo, Nick Harbour, John Scarbrough, Fernando Tomlinson, Jr., Rich Reece Introduction Mandiant and Google Threat Intellige...
A high severity vulnerability in Google Chrome and allows remote attackers to execute code
Six actively exploited zero-day bug have been patched by Microsoft
Microsoft today released updates to fix more than 50 security holes in its Windows operating systems and other software, including patches for a whopping six...
The European Commission and government agencies in Finland and the Netherlands have suffered potentially related breaches
Microsoft urged customers running Microsoft Office 2016 and 2019 to apply the patch to be protected
VulnCheck analysts found that vulnerabilities exploited before being publicly disclosed rose from 23.6% in 2024 to 28.
China is consolidating cyber power through zero-days. Explore how state control of vulnerabilities enables long-term strategic advantage.
Introduction Despite extensive scrutiny and public reporting, commercial surveillance vendors continue to operate unimpeded. A prominent name continues to su...
The attacks used spearphishing campaigns to target financial, manufacturing, defense, and logistics companies in Europe and Canada, ESET research finds