Vulnerabilities

Microsoft Confirms RoguePlanet Defender Zero-Day, Says Patch is in Development

Microsoft acknowledged a privilege escalation vulnerability in Windows Defender that attackers could exploit to gain system-level access on affected m…

13h ago

Vulnerabilities

Adversarial Exposure Validation Turns Security Visibility into Confident Prioritization

Security teams drown in alerts and vulnerability reports. Tools generate endless findings, but teams lack confidence in which vulnerabilities actually…

Yesterday

Vulnerabilities

Cisco Releases Security Updates for Actively Exploited SD-WAN Manager Flaw

Cisco has released security patches for CVE-2026-20262, a medium-severity flaw in Catalyst SD-WAN Manager that attackers are actively exploiting in pr…

Yesterday

Vulnerabilities

Max-Severity Ivanti Flaw Exploited 24 Hours After Disclosure

Ivanti disclosed a maximum-severity vulnerability that attackers began exploiting within 24 hours of the public announcement. Security researchers ana…

3 days ago

Vulnerabilities

Bug Bounty Research Triggers ServiceNow Security Alert

ServiceNow issued a security alert after bug bounty research triggered false positive detections across customer environments. The activity mimicked c…

3 days ago

Vulnerabilities

Microsoft fixes Windows update failures linked to WUSA installer

Microsoft resolved a defect affecting the Windows Update Standalone Installer (WUSA) that prevented successful installation of Windows updates release…

4 days ago

Vulnerabilities

Early Warning Signs of Supply-Chain Attacks Live in the Dark Web

Threat actors actively advertise compromised GitHub credentials and stolen API keys on dark web marketplaces, creating direct pathways for supply-chai…

4 days ago

Vulnerabilities

LangGraph Flaw Chain Exposes Self-Hosted AI Agents to Remote Code Execution

Researchers disclosed three patched security flaws in LangGraph, an open-source framework by LangChain for building stateful multi-agent AI applicatio…

6 days ago

Vulnerabilities

A Record-Breaking Patch Tuesday for June 2026

Microsoft released patches for approximately 200 vulnerabilities in its June 2026 Patch Tuesday cycle, the highest number addressed in a single monthl…

Jun 11, 2026

Vulnerabilities

Microsoft Defender RoguePlanet Zero-Day Grants SYSTEM Access on Updated Windows

A critical zero-day vulnerability in Microsoft Defender allows attackers to escalate privileges to SYSTEM level on fully patched Windows systems. Secu…

Jun 11, 2026

Vulnerabilities

Microsoft Fixes One-Click GitHub Dev Attack That Let Attackers Steal OAuth Tokens

Microsoft patched a critical one-click attack in Visual Studio Code that allowed attackers to steal GitHub OAuth tokens from developers. Security rese…

Jun 8, 2026

Vulnerabilities

AI Agent Uncovers 21 Zero-Days in FFmpeg; Chrome Patches Record 429 Bugs

An autonomous AI security agent uncovered 21 zero-day vulnerabilities in FFmpeg, the open-source media processing library embedded across virtually ev…

Jun 7, 2026

Vulnerabilities

Cisco Catalyst SD-WAN Manager CVE-2026-20245 Flaw Actively Exploited – No Patch Available

Cisco disclosed active exploitation of CVE-2026-20245, a high-severity flaw in Catalyst SD-WAN Manager affecting multiple deployment models. The vulne…

Jun 6, 2026

Vulnerabilities

Cisco Patches CVE-2026-20230 in Unified CM as Exploit Code Goes Public

Cisco released a security patch for CVE-2026-20230, a server-side request forgery vulnerability in Unified Communications Manager that allows unauthen…

Jun 5, 2026

Vulnerabilities

Claude Code GitHub Action Flaw Let One Malicious Issue Hijack Repositories

A flaw in Anthropic's Claude Code GitHub Action enabled attackers to hijack repositories by submitting a single GitHub issue. Security researcher Ryot…

Jun 5, 2026

Vulnerabilities

WhatsApp, Slack Notifications Could Hijack Google Gemini on Android

A critical vulnerability in Google Gemini's Android implementation allowed attackers to hijack the voice assistant through poisoned notifications from…

Jun 4, 2026

Vulnerabilities

Microsoft 365 Android Apps Let Any App Steal Account Tokens via Leftover Debug Flag

Microsoft shipped production builds of multiple 365 Android apps with a debug flag enabled that bypassed token-sharing security controls. The flag dis…

Jun 4, 2026

Vulnerabilities

Google June 2026 Android Update Patches 124 Flaws, One Actively Exploited

Google released patches for 124 Android vulnerabilities in June 2026, including CVE-2025-48595, a high-severity privilege escalation flaw already unde…

Jun 3, 2026

Microsoft Confirms RoguePlanet Defender Zero-Day, Says Patch is in Development

Adversarial Exposure Validation Turns Security Visibility into Confident Prioritization

Cisco Releases Security Updates for Actively Exploited SD-WAN Manager Flaw

Max-Severity Ivanti Flaw Exploited 24 Hours After Disclosure

Bug Bounty Research Triggers ServiceNow Security Alert

Microsoft fixes Windows update failures linked to WUSA installer

Early Warning Signs of Supply-Chain Attacks Live in the Dark Web

LangGraph Flaw Chain Exposes Self-Hosted AI Agents to Remote Code Execution

A Record-Breaking Patch Tuesday for June 2026

Microsoft Defender RoguePlanet Zero-Day Grants SYSTEM Access on Updated Windows

Microsoft Fixes One-Click GitHub Dev Attack That Let Attackers Steal OAuth Tokens

AI Agent Uncovers 21 Zero-Days in FFmpeg; Chrome Patches Record 429 Bugs

Cisco Catalyst SD-WAN Manager CVE-2026-20245 Flaw Actively Exploited – No Patch Available

Cisco Patches CVE-2026-20230 in Unified CM as Exploit Code Goes Public

Claude Code GitHub Action Flaw Let One Malicious Issue Hijack Repositories

WhatsApp, Slack Notifications Could Hijack Google Gemini on Android

Microsoft 365 Android Apps Let Any App Steal Account Tokens via Leftover Debug Flag

Google June 2026 Android Update Patches 124 Flaws, One Actively Exploited

Get Daily CyberWireDaily