CISA Contractor Leaked AWS GovCloud Keys
CISA contractor exposed AWS GovCloud secrets on GitHub, Exchange zero-day CVE-2026-42897 actively exploited, Storm-2949 malware-free Azure cloud breach.
Posts tagged: Zero-Day
Cisco SD-WAN Zero-Day CVE-2026-20182 Exploited
CVE-2026-20182 Cisco SD-WAN CVSS 10 auth bypass exploited, Exchange CVE-2026-42897 XSS-to-RCE active, NGINX RCE patched, Shai-Hulud worm open-sourced.
First AI-Generated Zero-Day — CVE-2026-41940
Google TAG confirms first AI-crafted zero-day exploiting CVE-2026-41940 in cPanel, Shai-Hulud npm/PyPI worm, Cl0p sat in UK water utility for 730 days.
PAN-OS CVE-2026-0300 Exploited by Chinese APT
CVE-2026-0300 PAN-OS zero-day RCE exploited by suspected Chinese state actors, Polish water plant ICS breaches, Linux Dirty Frag root exploit goes public.
PAN-OS CVE-2026-0300 Exploited Since April 9
CVE-2026-0300 PAN-OS User-ID RCE zero-day exploited since April 9, CISA launches CI Fortify, MuddyWater uses Chaos ransomware as espionage cover.
PAN-OS Zero-Day CVE-2026-0300 Under Active Attack
CVE-2026-0300 PAN-OS User-ID zero-day exploited in the wild, DAEMON Tools supply-chain backdoor, Canvas LMS 280M record breach, CloudZ RAT steals OTPs.
CVE-2026-41940 cPanel Auth Bypass Exploited
CVE-2026-41940 cPanel CVSS 10.0 auth bypass exploited since February with public PoC, SAP npm supply-chain backdoor, Linux Copy Fail kernel root flaw.
Microsoft Defender Zero-Day Exploited Pre-Disclosure
CISA adds Microsoft Defender zero-day to KEV. Unit 42 Zealot AI agent pwns cloud. CanisterSprawl npm worm self-propagates. Talos Q1 2026 IR data.
Adobe Reader Zero-Day CVE-2026-34621 Exploited
CVE-2026-34621 Adobe Reader zero-day exploited for months, CPUID site serves trojanized CPU-Z and HWMonitor, OpenAI revokes macOS signing cert.
Adobe Reader Zero-Day CVE-2026-34621 Exploited
CVE-2026-34621 Adobe Reader RCE exploited for months before emergency patch, CPUID supply chain serves STX RAT, Marimo notebook RCE active.