LIVE · cybersecurity feed

patch

zeroday.news · 10h ago·critical

Ubiquiti warns of new max severity UniFi OS vulnerability

Ubiquiti has issued updates to address seven critical vulnerabilities within its UniFi OS. Among these patched flaws is a command injection vulnerability rated at maximum severity.

zeroday.news · 11h ago·critical

CISA orders feds to patch max severity ColdFusion flaw by Friday

The Cybersecurity and Infrastructure Security Agency (CISA) has mandated that federal agencies address a maximum-severity Adobe ColdFusion vulnerability. This flaw is currently being actively exploited and requires patching by Friday.

zeroday.news · 2d ago·critical

Threat Actors Probe Gitea Docker Flaw CVE-2026-20896 13 Days After Disclosure

Threat actors have been observed attempting to exploit a recently patched critical security flaw in Gitea Docker images, according to Sysdig. The vulnerability in question is CVE-2026-20896 (CVSS score: 9.8), a vulnerability that stems from

zeroday.news · 2d ago

RCS and DNS: The NAPTR Record, (Mon, Jul 6th)

Over the last year, with recent updates to iOS and Android, RCS (Rich Communication Services) has become an increasingly used protocol [1]. RCS is supposed to eventually replace SMS, and in addition to richer formatting, provides added (but

zeroday.news · 2d ago

Opera GX Flaw Let Malicious Sites Auto-Install Mods to Steal Data From Visited Pages

Researchers found a flaw in Opera GX, the gaming-focused version of the Opera browser, that let a malicious website silently install a browser add-on and use it to lift specific data from the pages a victim visits. In a proof of concept, th

zeroday.news · 4d ago

Unpatched Flaws Disclosed in Filesystem Bundled Into Millions of Embedded Devices

Security firm runZero has disclosed seven vulnerabilities in FatFs, a small filesystem library that lets a device read and write the FAT and exFAT formats used on USB drives and SD cards. The flaws matter because FatFs is nearly everywhere.

zeroday.news · 4d ago

New "Bad Epoll" Linux Kernel Flaw Lets Unprivileged Users Gain Root, Hits Android

A newly disclosed Linux kernel flaw called Bad Epoll (CVE-2026-46242) lets an ordinary user with no special access take full control of a machine as root. It affects Linux desktops, servers, and Android, and a fix is out. Bad Epoll sits in

zeroday.news · 5d ago

Apple Reverses Age-Old Patch Policy to Keep Up With AI

Expect more compressed patching cycles from Apple going forward, as attackers leverage artificial intelligence to reduce time to exploit.

zeroday.news · 6d ago

Anthropic's AI Finds Bugs. IBM Bets $5B It Can Fix Them.

IBM and Red Hat assign 20,000 engineers to the new Project Lightwell service as Anthropic's Mythos findings ignite debate over how to secure the open source software supply chain.

zeroday.news · 6d ago

And the Winner in Dominant Malware Delivery? ClickFix

Researchers say the highly effective social engineering technique is no longer the exception for malware attacks — it's now the rule.

zeroday.news · 8d ago

Weekly Update 510: Live From Mallorca with Scott Helme

How's the view?! Back to business, it's now 8 years ago that Scott and I thought it would be a cool idea to build Why no HTTPS? We used the site to shame companies for not implementing their transport later security property, and to make it

zeroday.news · 8d ago

June 2026 Apple Updates, (Tue, Jun 30th)

Apple released updates for iOS/iPadOS, macOS, and Safari on Monday. There have been no updates for other Apple operating systems (visionOS, watchOS, tvOS). Usually, Apple updates all products at the same time.

zeroday.news · 14d ago

Weekly Update 509

I know enough about home cinema audiovisual to know there's a lot I don't know. It's conscious incompetence, if you like, which is different to the unconscious incompetence most people have on the topic. That's not to sound derogatory (it's

zeroday.news · 23d ago

Weekly Update 508

Light switches. How on earth is it so hard to find decent light switches?! It sounds ridiculous until you actually spend enough time looking for ones that meet two simple criteria: Aren't stateful (switch is up or down, has to be push-butto

zeroday.news · 28d ago

Weekly Update 507

1,000 breaches is one hell of a milestone. It's not just the process of getting data, verifying it, loading it, sending notifications etc, it's all the other stuff that goes into keeping the whole thing afloat. Legal docs. Trademarks. Accou

zeroday.news · 28d ago·critical

A Record-Breaking Patch Tuesday for June 2026

Microsoft today released software updates to plug nearly 200 security holes across its Windows operating systems and supported software, a record number of fixes for the company's monthly Patch Tuesday cycle. Nearly three dozen of those bug

zeroday.news · 28d ago

Microsoft Patch Tuesday for June 2026 — Snort rules and prominent vulnerabilities

Microsoft Patch Tuesday details for June 2026.

zeroday.news · 34d ago

Smashing Security podcast #470: This AI security flaw might be impossible to fix

A website called "UK visa portal" has been quietly collecting passport scans, selfies, and personal data from thousands of travellers who thought they were applying through official channels. They weren't. And when a journalist tried to war

zeroday.news · 37d ago

Weekly Update 506

I'm finding it quite fascinating to watch the current spate of ShinyHunters breaches and dumps. There's the obvious criminality of it all, but then there's also the response from organisations (or lack thereof, as it relates to disclosure t

zeroday.news · 41d ago

Less panic patching, more precision

In this newsletter, Thor breaks down why you should stop relying solely on CVSS and start using EPSS and GCVE to focus your patching efforts on the threats that actually matter.

zeroday.news · 45d ago

Weekly Update 505

Well, that didn't last long! Recording this on Saturday morning my time, I observed ShinyHunters having gone quiet since the massive haul that would have been the Instructure ransom. It was two weeks almost to the hour since I'd first heard

zeroday.news · 51d ago

Weekly Update 504

It's a hot topic, the old "pay or don't pay" for hackers not to leak your data. Since recording this a few days ago, we've had Grafana go with the "no pay" approach, and I've seen a raft

zeroday.news · 56d ago·critical

A 0-click exploit chain for the Pixel 10: When a Door Closes, a Window Opens

We recently published an exploit chain for the Google Pixel 9 that demonstrated it was possible to go from a zero-click context to root on Android in just two exploits. The Dolby 0-click vulnerability existed across all of Android, until it

zeroday.news · 58d ago

Weekly Update 503

Well, it's the day before the Instructure "pay or leak" deadline (at least by my Aussie watch), and the company remains removed from the ShinyHunters website. In its place sits a press statement that amounts to "we're not making any stateme

zeroday.news · 125d ago

On the Effectiveness of Mutational Grammar Fuzzing

Mutational grammar fuzzing is a fuzzing technique in which the fuzzer uses a predefined grammar that describes the structure of the samples. When a sample gets mutated, the mutations happen in such a way that any resulting samples still adh

zeroday.news · 132d ago

A Deep Dive into the GetProcessHandleFromHwnd API

In my previous blog post I mentioned the GetProcessHandleFromHwnd API. This was an API I didn’t know existed until I found a publicly disclosed UAC bypass using the Quick Assist UI Access application. This API looked interesting so I though

zeroday.news · 146d ago

Bypassing Administrator Protection by Abusing UI Access

In my last blog post I introduced the new Windows feature, Administrator Protection and how it aimed to create a secure boundary for UAC where one didn’t exist. I described one of the ways I was able to bypass the feature before it was rele

zeroday.news · 159d ago·critical

Breaking the Sound Barrier, Part II: Exploiting CVE-2024-54529

In the first part of this series, I detailed my journey into macOS security research, which led to the discovery of a type confusion vulnerability (CVE-2024-54529) and a double-free vulnerability (CVE-2025-31235) in the coreaudiod system da

zeroday.news · 163d ago

Bypassing Windows Administrator Protection

A headline feature introduced in the latest release of Windows 11, 25H2 is Administrator Protection. The goal of this feature is to replace User Account Control (UAC) with a more robust and importantly, securable system to allow a local use

zeroday.news · 175d ago·critical

A 0-click exploit chain for the Pixel 9 Part 3: Where do we go from here?

While our previous two blog posts provided technical recommendations for increasing the effort required by attackers to develop 0-click exploit chains, our experience finding, reporting and exploiting these vulnerabilities highlighted some

zeroday.news · 175d ago

A 0-click exploit chain for the Pixel 9 Part 2: Cracking the Sandbox with a Big Wave

With the advent of a potential Dolby Unified Decoder RCE exploit, it seemed prudent to see what kind of Linux kernel drivers might be accessible from the resulting userland context, the mediacodec context. As per the AOSP documentation, the

zeroday.news · 175d ago·high

A 0-click exploit chain for the Pixel 9 Part 1: Decoding Dolby

Over the past few years, several AI-powered features have been added to mobile phones that allow users to better search and understand their messages. One effect of this change is increased 0-click attack surface, as efficient analysis ofte