Fortinet has confirmed a new zero-day vulnerability that is allowing attackers to exploit single sign-on (SSO) authentication for malicious logins. In response to the ongoing attacks, the company has temporarily disabled FortiCloud SSO authentication across all devices to mitigate the risk. This means that users relying on this feature for secure access may face disruptions while Fortinet works on a solution. The situation is particularly concerning as it puts sensitive information at risk and could lead to unauthorized access to critical systems. Companies using Fortinet products should monitor the situation closely and be prepared to implement any updates once they are released.
Articles tagged "Zero-day"
Found 143 articles
Microsoft has released a patch for a zero-day vulnerability in its Office software, identified as CVE-2026-21509. This flaw allows attackers to bypass certain security features, potentially putting users at risk. Reports suggest that the vulnerability may have already been exploited in targeted attacks against specific organizations. As a result, it's crucial for all users of Microsoft Office to apply this patch promptly to protect themselves from potential intrusions. The patch is part of Microsoft's ongoing efforts to enhance the security of its products and safeguard user data from malicious activities.
The Hacker News
Microsoft has released emergency patches for a serious vulnerability in Microsoft Office, identified as CVE-2026-21509. This zero-day flaw has a CVSS score of 7.8, indicating it is a significant security risk. The vulnerability allows attackers to bypass security features by exploiting untrusted inputs, potentially leading to unauthorized access. Organizations using affected Microsoft Office products should prioritize applying these patches, as the vulnerability is currently being exploited in the wild. This situation emphasizes the need for users to stay vigilant and maintain their software up to date to protect against such threats.
During the Pwn2Own Automotive 2026 event, security researchers successfully exploited 76 zero-day vulnerabilities, earning a total of $1,047,000 over three days from January 21 to January 23. This event showcases the ongoing challenges in automotive cybersecurity, where researchers target vulnerabilities in vehicle software and systems. The financial rewards for discovering these exploits underscore the critical need for automakers to prioritize security in their products. These vulnerabilities could potentially be exploited by malicious actors, posing risks to vehicle safety and user privacy. As vehicles become increasingly reliant on software and connectivity, addressing these weaknesses is essential for protecting consumers and maintaining trust in automotive technology.
Infosecurity Magazine
A recent analysis by VulnCheck has revealed a troubling trend in cybersecurity: the percentage of vulnerabilities being exploited before they are publicly disclosed has risen significantly from 23.6% in 2024 to nearly 29% in 2025. This increase indicates that attackers are becoming more adept at identifying and exploiting weaknesses in software and systems before developers have a chance to address them. This situation puts both companies and users at greater risk, as they may be unaware of the vulnerabilities affecting their systems until after an attack occurs. It’s crucial for organizations to prioritize vulnerability management and stay updated on potential threats to safeguard their assets effectively. The rise in zero-day exploits highlights the need for more proactive security measures and timely disclosure by vendors.
During the second day of the Pwn2Own Automotive 2026 competition, hackers successfully exploited 29 zero-day vulnerabilities, earning a total of $439,250 in rewards. This event highlights the ongoing security challenges in the automotive sector, as researchers and ethical hackers test the resilience of vehicles against cyber threats. The vulnerabilities targeted various systems within automotive technology, but specific details about the affected models or manufacturers were not provided. This incident is significant because it showcases the ease with which skilled attackers can uncover critical flaws, raising concerns about the safety and security of connected vehicles. As the automotive industry increasingly adopts smart technology, it must prioritize robust security measures to protect against such vulnerabilities.
Cisco has addressed a serious security flaw in its Unified Communications and Webex Calling platforms, identified as CVE-2026-20045. This vulnerability allows attackers to execute arbitrary commands remotely without authentication, posing a significant risk to users. The flaw has been actively exploited in the wild, which raises concerns for organizations relying on these communication tools. With a CVSS score of 8.2, it is classified as critical, emphasizing the urgency for users to apply the available patches. Companies utilizing Cisco's services should prioritize updating their systems to mitigate potential attacks.
Cisco has addressed a serious vulnerability in its Unified Communications and Webex Calling platforms, identified as CVE-2026-20045. This remote code execution flaw was found to be actively exploited by attackers, posing a significant risk to users. The vulnerability could allow unauthorized access to systems, potentially leading to data breaches or service disruptions. Organizations using these Cisco products are urged to apply the latest updates to mitigate the risk. This incident underscores the importance of timely patch management in maintaining cybersecurity hygiene.
Security researchers successfully exploited Tesla's Infotainment System during the Pwn2Own Automotive 2026 competition, demonstrating 37 zero-day vulnerabilities on the first day. They earned a total of $516,500 for their exploits, which showcase significant flaws in the system. This incident raises concerns about the security of Tesla vehicles and the potential risks they pose to users. As more vehicles become connected, the implications of such vulnerabilities could extend beyond just infotainment systems, affecting critical vehicle functions and user safety. Companies like Tesla need to prioritize addressing these vulnerabilities to protect their customers and maintain trust in their technology.
Cisco has addressed a serious flaw in its Secure Email products, which was exploited by a China-linked hacking group known as UAT-9686. The vulnerability, tracked as CVE-2025-20393, has a maximum severity score of 10.0 and affects the Secure Email Gateway and Email and Web Manager. Attackers were able to exploit this flaw as a zero-day, meaning it was actively used in attacks before a patch was made available. It's crucial for users of these products to apply the latest updates to protect their systems from potential exploitation. This incident highlights the ongoing risks posed by advanced persistent threat groups targeting widely used software.
Cisco has addressed a serious vulnerability in its AsyncOS software that has been exploited since November 2025. This zero-day flaw specifically affects Secure Email Gateway (SEG) appliances, which are used by organizations to filter and protect email traffic. Attackers have been able to exploit this weakness, putting sensitive data at risk and potentially compromising email communications for users relying on these appliances. The timely patch is crucial for organizations to secure their email systems and prevent further exploitation. Companies using these SEG appliances should prioritize applying the update to safeguard against these attacks.
The Cybersecurity and Infrastructure Security Agency (CISA) has issued a directive for federal agencies to address a serious vulnerability in Gogs, an open-source Git service. This flaw has already been exploited in zero-day attacks, which means attackers took advantage of it before it was publicly known. Government systems using Gogs are particularly at risk, and CISA's mandate aims to prevent further exploitation. It's crucial for agencies to apply the necessary patches to protect their data and operations from potential breaches. Ignoring this could lead to significant security incidents, given the active nature of the attacks targeting this vulnerability.
Hackers are taking advantage of a serious zero-day vulnerability in D-Link DSL routers that are no longer supported. This flaw allows attackers to execute arbitrary commands on the devices, posing significant risks to users still relying on these outdated models. As these routers are not receiving security updates, individuals and businesses using them are particularly vulnerable to unauthorized access and potential data breaches. Users are urged to consider replacing their D-Link routers with more secure, supported options to mitigate these risks. The exploitation of such vulnerabilities underscores the importance of using updated technology in a cybersecurity landscape that is constantly evolving.
A newly discovered vulnerability in discontinued D-Link devices poses a serious risk, allowing attackers to execute arbitrary shell commands without authentication. This critical-severity flaw affects users of these outdated devices, which may still be in use despite not being supported or receiving updates from the manufacturer. The fact that the vulnerability is being actively exploited means that users should take immediate action to safeguard their networks. If left unaddressed, this could allow attackers to gain control over affected devices, potentially leading to larger network breaches. Users of D-Link products are advised to assess their device usage and consider replacing unsupported hardware to mitigate these risks.
In April and May 2023, a Chinese advanced persistent threat (APT) group exploited a zero-day vulnerability in Ivanti's Endpoint Mobile Management (EPMM) platform, impacting thousands of organizations. This attack allowed unauthorized access and control over mobile devices managed through Ivanti's software, raising serious concerns about the security of sensitive data within those systems. The incident serves as a stark reminder of the vulnerabilities that can exist in widely used management tools. Security experts warn that similar attacks could occur again if organizations do not take proactive measures to secure their systems. Companies using Ivanti EPMM should assess their security posture and implement necessary updates to prevent future breaches.