Advertisement
VS Code Zero-Day Exploit: Stealing GitHub Tokens via URI Handlers
Security researcher mthcht reveals a VS Code zero-day vulnerability allowing GitHub token theft via URI handlers. Learn how to defend against this exploit.
Windows 11 BitLocker Bypass: Nightmare Eclipse Exploit Analysis
Microsoft threatens legal action against researcher Nightmare Eclipse after the release of a Windows 11 BitLocker bypass. Learn how to detect and mitigate.
Linux Rootkits and Router Zero-Day Exploits: ThreatsDay Analysis
Recent intelligence highlights a surge in Linux rootkits and router zero-day vulnerabilities targeting trusted system components and AI-driven intrusions.
Microsoft Exchange Zero-Day and npm Supply Chain Worm Under Active Use
Critical security briefing on the active exploitation of an Exchange Server zero-day, npm supply chain worms, and Cisco network control vulnerabilities.
Pwn2Own Berlin 2026: Critical RCE and Escalation Targets Identified
Security researchers demonstrate critical zero-day exploits against Windows, VMware, and AI systems at Pwn2Own Berlin 2026, earning over $1.3 million.
AI-Developed Zero-Day 2FA Bypass: Analyzing Google's Disclosure
Google identifies the first in-the-wild zero-day exploit for 2FA bypass developed using AI, signaling a shift in cybercriminal vulnerability discovery.
AI-Augmented Zero-Day Exploitation and Autonomous Malware Orchestration
GTIG report reveals how threat actors leverage generative AI for zero-day discovery, autonomous Android malware orchestration, and AI supply chain attacks.
Dirty Frag: Linux Kernel Zero-Day Enables Local Privilege Escalation
The Dirty Frag zero-day vulnerability allows local attackers to gain root access on major Linux distributions via an exploit in kernel fragmentation handling.
Microsoft Edge Plaintext Password Exposure and ICS Zero-Day Risks
Analysis of Microsoft Edge plaintext password storage risks, newly disclosed ICS zero-day vulnerabilities, and Telegram-based data exfiltration TTPs.
CVE-2026-41940: Active Zero-Day Exploitation in cPanel and WHM
Critical zero-day CVE-2026-41940 in cPanel and WHM allows for authentication bypass. Learn about active exploitation, public PoCs, and essential patch guidance.
Microsoft Defender Zero-Days BlueHammer and RedSun Actively Exploited
Huntress warns of active exploitation of three Microsoft Defender vulnerabilities, including BlueHammer and RedSun, allowing for privilege escalation.
SharePoint Zero-Day Fixed in Microsoft April 2026 Security Updates
Microsoft addresses 169 vulnerabilities, including an actively exploited SharePoint zero-day. Learn how to secure your environment against these flaws.