tldrdailynews.com logo
Tag

Zero Day

All articles tagged with #zero day

DarkSword: High-End iOS Exploit Kit Uses Zero-Days for Rapid Device Takeover
security23 days ago

DarkSword: High-End iOS Exploit Kit Uses Zero-Days for Rapid Device Takeover

DarkSword is a JavaScript-based iOS exploit kit targeting iPhones on iOS 18.4–18.7 via watering-hole campaigns, chaining six vulnerabilities to achieve remote code execution, escaping the WebContent sandbox through the GPU into mediaplaybackd, escalating to kernel privileges, and then loading a data-collection module to exfiltrate a wide range of information (including emails, iCloud data, messages, wallet data, photos, contacts, and more) before cleaning up. Used by UNC6353 and linked groups such as UNC6748 and PARS Defense, the kit underscores a growing market for high-end iOS exploits and rapid, non-persistent data theft.

via The Hacker News|
#data-exfiltration#exploit-kit#ios
Interlock ransomware weaponizes Cisco FMC zero-day in pre-patch campaign
technology23 days ago

Interlock ransomware weaponizes Cisco FMC zero-day in pre-patch campaign

Interlock has exploited a maximum-severity remote-code-execution zero-day in Cisco Secure Firewall Management Center (CVE-2026-20131) since Jan 26, 2026, gaining unauthenticated root access on unpatched devices; Cisco issued a patch on March 4, and Amazon’s threat intel says the attacks ran about 36 days before disclosure. The group has a history of high-profile attacks (including NodeSnake on UK universities) and researchers note a new Slopoly malware strain associated with the operation.

via BleepingComputer|
#cisco-fmc#cve-2026-20131#enterprise-security
Chrome patches two in-the-wild zero-days hit Skia and V8
technology29 days ago

Chrome patches two in-the-wild zero-days hit Skia and V8

Google released Chrome security updates to fix two high-severity zero-days exploited in the wild: CVE-2026-3909 (out-of-bounds write in Skia) and CVE-2026-3910 (V8 sandbox escape). Users should update to Chrome 146.0.7680.75/76 on Windows/macOS and 146.0.7680.75 on Linux; CISA added these flaws to the KEV catalog with a March 27, 2026 deadline for federal agencies.

via The Hacker News|
#chrome#exploit#security
Older Apple Devices Urgently Need This Security Patch
technology29 days ago

Older Apple Devices Urgently Need This Security Patch

Apple released a March security update for older iPhones, iPads, and iPod touches to fix Coruna-exploit zero-day vulnerabilities that could allow remote code execution or kernel privilege escalation. The patch targets devices able to run only older OS versions (iOS 15.8.7/16.7.15 and iPadOS 15.8.7/16.7.15) and covers models from iPhone 6s through iPhone X and various iPad generations; users with affected devices should update to the latest compatible OS ASAP to stay protected.

via Lifehacker|
#apple#ios#patch
Chrome Gets Urgent Patch for Two In-The-Wild Zero-Days
technology29 days ago

Chrome Gets Urgent Patch for Two In-The-Wild Zero-Days

Google released emergency Chrome updates to fix two high-severity zero-days actively exploited in the wild: CVE-2026-3909 (an out-of-bounds write in Skia) and CVE-2026-3910 (an issue in the V8 engine). Patches rolled out to Windows (146.0.7680.75), macOS (146.0.7680.76), and Linux (146.0.7680.75) in the Stable channel, with automatic updates available. Google says exploits exist in the wild but will keep bug details restricted until most users are updated. These are the second and third Chrome zero-days exploited in 2026; Google previously fixed CVE-2026-2441 in February, and it paid over $17 million to 747 researchers through its VRP in 2025.

via BleepingComputer|
#chrome#skia#technology
Critical SQL Server zero-day lets attackers escalate to full admin control
cybersecurity1 month ago

Critical SQL Server zero-day lets attackers escalate to full admin control

Microsoft disclosed a critical zero-day in SQL Server (CVE-2026-21262) that enables an authenticated attacker to escalate to the sysadmin role via improper access control. The flaw has a CVSS v3.1 base score of 8.8 (Important) and is exploitable over the network with low complexity and no user interaction. While not yet observed in the wild, the disclosure lowers the barrier for exploits. Microsoft has released patches for SQL Server 2016–2025; administrators should urgently apply updates, audit permissions, restrict privileged access, and upgrade unsupported versions to receive future fixes.

via CyberSecurityNews|
#cve-2026-21262#cybersecurity#patching
Microsoft Patch Tuesday: 84 Fixes, Two Public Zero-Days, and Faster Hotpatching
security1 month ago

Microsoft Patch Tuesday: 84 Fixes, Two Public Zero-Days, and Faster Hotpatching

Microsoft released 84 patches in March Patch Tuesday across its software stack, including two publicly disclosed zero-days: CVE-2026-21262 in SQL Server and CVE-2026-26127 in .NET. Eight flaws are critical and 76 are important, with privilege escalation accounting for 46 fixes. Notable issues include a Winlogon privilege escalation (CVE-2026-25187, 7.8), an Azure MCP server-side request-forgery (CVE-2026-26118, 8.8) that could abuse the server’s identity, and a high-severity RCE in the Microsoft Devices Pricing Program (CVE-2026-21536, 9.8) that Microsoft says is fully mitigated. An Excel information-disclosure flaw (CVE-2026-26144, 7.5) could enable data exfiltration via Copilot Agent in a zero-click attack. Microsoft is also moving toward hotpatch security updates via Windows Autopatch by May 2026 to speed fixes, with XBOW credited for vulnerability discovery and researchers noting such bugs often enable post-compromise activity.

via The Hacker News|
#cve-2026-21262#microsoft#patch-tuesday
Microsoft Patch Tuesday March 2026: 79 Flaws Fixed, Two Public Zero-Days
security1 month ago

Microsoft Patch Tuesday March 2026: 79 Flaws Fixed, Two Public Zero-Days

Microsoft's March 2026 Patch Tuesday closes 79 vulnerabilities, including two publicly disclosed zero-days: a SQL Server elevation-of-privilege flaw (CVE-2026-21262) and a .NET denial-of-service flaw (CVE-2026-26127). The update also patches two Office remote-code-execution flaws via the Preview Pane (CVE-2026-26110, CVE-2026-26113) and an Excel information-disclosure flaw potentially exposing Copilot data (CVE-2026-26144). Fixes span Windows, Edge, Azure, and more, with several critical bugs; users should update promptly.

via BleepingComputer|
#cve-2026-21262#cve-2026-26127#office
Android’s March patch fixes 129 flaws, including a targeted zero-day in Qualcomm GPUs
technology1 month ago

Android’s March patch fixes 129 flaws, including a targeted zero-day in Qualcomm GPUs

Google’s March Android security update closes 129 vulnerabilities, several high severity, including a zero-day in Qualcomm graphics hardware (CVE-2026-21385) already seen in targeted attacks. Patches arrive in two levels (2026-03-01 and 2026-03-05); Pixel devices typically update first, while other OEMs and carriers may delay. Users should install the update promptly, keep Google Play Protect enabled, and practice standard defenses (avoid unknown apps, use strong device security) to mitigate risk from remote code execution and privilege-escalation flaws.

via Kurt the CyberGuy|
#android#patch#qualcomm
Cisco SD-WAN auth flaw fuels years-long zero-day campaigns, urgent patch urged
technology1 month ago

Cisco SD-WAN auth flaw fuels years-long zero-day campaigns, urgent patch urged

Cisco warns of a critical authentication-bypass vulnerability in Catalyst SD-WAN (CVE-2026-20127) that attackers actively exploited since 2023 to log in as a high-privilege user, insert rogue peers, and potentially gain root access. Government advisories (CISA and UK NCSC) issued urgent directives; Cisco released updates but says no workaround fully mitigates the issue. Organizations should harden exposed interfaces, review logs for anomalous peering, and patch promptly.

via BleepingComputer|
#cisco#cve-2026-20127#cybersecurity
Apple issues urgent patch for actively exploited zero-day across iPhone, iPad, Macs and more
technology1 month ago

Apple issues urgent patch for actively exploited zero-day across iPhone, iPad, Macs and more

Apple has released emergency security updates to fix CVE-2026-20700, a zero-day vulnerability that was actively exploited in targeted attacks across iPhone, iPad, Mac, Apple Watch, Apple TV, Safari and related OS components. The flaw could allow arbitrary code execution, and attackers had already used it in the wild. Apple urges users to update to the latest versions (iOS 26.3, iPadOS 26.3, macOS Tahoe 26.3, watchOS 26.3, tvOS 26.3, visionOS 26.3, and Safari 26.3) immediately and enable automatic updates. Updating closes the attackers’ window of opportunity, so keep devices plugged in and connected during install.

via Fox News|
#apple#cve-2026-20700#security
Chrome gets emergency fix for the first 2026 zero-day exploited in the wild
technology1 month ago

Chrome gets emergency fix for the first 2026 zero-day exploited in the wild

Google released emergency Chrome updates to fix CVE-2026-2441—a use-after-free in CSSFontFeatureValuesMap exploited in the wild—marking Chrome’s first zero-day patch of 2026; the fix has been backported across commits and is rolling out to Windows, macOS (145.0.7632.75/76), and Linux (144.0.7559.75), with a note that related issues remain addressed in bug 48393607. Users should update Chrome or enable auto-update.

via BleepingComputer|
#chrome#cve-2026-2441#cybersecurity
Chrome patch blocks actively exploited CSS zero-day with CVE-2026-2441
security1 month ago

Chrome patch blocks actively exploited CSS zero-day with CVE-2026-2441

Google released security updates for Chrome to fix a high-severity use-after-free in CSS (CVE-2026-2441) that was being exploited in the wild. Updates are available for Windows/macOS (145.0.7632.75/76) and Linux (144.0.7559.75); users should relaunch Chrome after updating. The vulnerability’s exploit exists in the wild, and the article notes Apple also patched related zero-days. Users of other Chromium-based browsers should apply fixes when available.

via The Hacker News|
#chrome#cve-2026-2441#patch
Claude Opus 4.6 Unmasks 500 Open-Source Flaws, Redefining Cyber Defense
cybersecurity2 months ago

Claude Opus 4.6 Unmasks 500 Open-Source Flaws, Redefining Cyber Defense

Anthropic’s Claude Opus 4.6, tested in a sandbox, autonomously found over 500 previously unknown high-severity zero-day vulnerabilities in open-source libraries—ranging from crashes to memory corruption—in projects like GhostScript, OpenSC, and CGIF; it used out-of-the-box analysis and even wrote its own proof-of-concepts in some cases. Anthropic says these capabilities could greatly aid defenders, plans to broaden access to the security community, and has added safeguards to prevent abuse.

via Axios|
#ai-security#cybersecurity#open-source