Tag

Zero Day

All articles tagged with #zero day

Microsoft patches RoguePlanet zero-day in Defender with engine update
technology1 day ago

Microsoft patches RoguePlanet zero-day in Defender with engine update

Microsoft released a fix for the RoguePlanet Defender zero-day (CVE-2026-50656) via the Malware Protection Engine update 1.1.26060.3008, following disclosure by Nightmare Eclipse. The race-condition flaw could spawn a SYSTEM-level command prompt on fully patched Windows 10/11, with a PoC claiming success regardless of real-time protection. Microsoft began patching on June 16 and has previously warned of legal action against researchers; this resolution follows a pattern of addressing multiple Windows zero-days disclosed by Nightmare Eclipse, including GreenPlasma, MiniPlasma, and YellowKey.

Defender Patch Sparks Disk-Destroying Attack Scenario
security1 day ago

Defender Patch Sparks Disk-Destroying Attack Scenario

Microsoft patched a Windows Defender zero-day (CVE-2026-50656), but researchers warn that new defense-in-depth changes connected to the Microsoft Malware Protection Engine and SpyNet could let an attacker exhaust disk space by writing massive data via a crafted SMB interaction. Exploitation would require a specialized SMB setup and a malicious file sequence; the fix is auto-installed, and the risk is currently described as a theoretical scenario amid tension between the researcher and Microsoft.

Chrome 0-Day in the Wild Dominates a Week of Exploits, Phishing, and Malware
cybersecurity25 days ago

Chrome 0-Day in the Wild Dominates a Week of Exploits, Phishing, and Malware

Chrome’s active exploitation of CVE-2026-11645 headlines a week of widespread security news, from UniFi OS flaws and an Oracle PeopleSoft compromise to a large Arch Linux AUR package taint, npm/PyPI malware campaigns, and phishing kits. The roundup also covers the Outsider phishing-as-a-service takedown, VPN/auth-bypass flaws, cloud-logging abuse, and ransomware campaigns (Gentlemen, Akira), illustrating attackers’ reliance on old code, weak defaults, and misconfigurations. Patch quickly, watch for unusual login activity, and strengthen defense-in-depth.

Microsoft Patches Trio of Windows Zero-Days Exploited by Nightmare Eclipse
security1 month ago

Microsoft Patches Trio of Windows Zero-Days Exploited by Nightmare Eclipse

Microsoft released June 2026 Patch Tuesday fixes for three Windows zero-days—GreenPlasma and MiniPlasma privilege-escalation flaws in the Collaborative Translation Framework and Cloud Files Mini Filter Driver, and YellowKey in WinRE—that could allow attackers to gain SYSTEM-level access or bypass BitLocker on patched Windows 11 and Windows Server 2022/2025 systems. The flaws were disclosed by Nightmare Eclipse in protest of MSRC handling, continuing a series of leaks and PoCs (BlueHammer, RedSun, UnDefend, RoguePlanet). Microsoft provided mitigations and warned about PoC disclosures, while saying it would coordinate with law enforcement if needed.

Emergency Chrome Patch Closes In-the-Wild Zero-Day Exploit
cyber-security1 month ago

Emergency Chrome Patch Closes In-the-Wild Zero-Day Exploit

Google issued an emergency Chrome security update (Windows/macOS: 149.0.7827.102/103; Linux: 149.0.7827.102) patching 74 vulnerabilities, including a critical zero-day in the V8 engine that was observed exploited in the wild (CVE-2026-11645). The release also fixes 17 Critical flaws across core subsystems after a broad security audit, with many use-after-free memory issues that could enable remote code execution. An external researcher “303f06e3” discovered the zero-day, for which Google awarded $55,000; update guidance is to manually install the patch now via Help → About Google Chrome and relaunch, with enterprise admins urged to push the update to endpoints promptly as automatic rollout continues.

Microsoft Deploys Record Patch Tuesday: 206 Flaws, Three Zero-Days, and High-Impact RCEs
security1 month ago

Microsoft Deploys Record Patch Tuesday: 206 Flaws, Three Zero-Days, and High-Impact RCEs

Microsoft released its largest patch batch to date, fixing 206 vulnerabilities across its software, including three publicly disclosed zero-days and multiple critical remote-code-execution flaws in Windows kernel, HTTP.sys, DHCP Client, and BitLocker. The update also addresses two non-Microsoft CVEs and introduces mitigations such as MaxHeadersCount to curb HTTP/2/3 abuse. The release follows AI-driven vulnerability discovery and recent PoCs like RoguePlanet and MiniPlasma, underscoring increasing exploitation risk and the ongoing need to apply patches promptly.

Chrome Patches Wildly Exploited V8 Zero-Day CVE-2026-11645
security1 month ago

Chrome Patches Wildly Exploited V8 Zero-Day CVE-2026-11645

Google rolled out updates to fix 74 Chrome vulnerabilities, including CVE-2026-11645—a critical out-of-bounds read/write in V8 that is being exploited in the wild to execute arbitrary code via a crafted HTML page. Users should update to Chrome 149.0.7827.102/103 on Windows/macOS and 149.0.7827.102 on Linux, and apply fixes in other Chromium-based browsers as available. Google notes this is the fifth actively exploited Chrome zero-day addressed this year, alongside CVE-2026-2441, 2026-3909, 2026-3910, and 2026-5281.

Chrome’s Fifth Zero-Day Patch This Year Targets In-the-Wild Exploits
technology1 month ago

Chrome’s Fifth Zero-Day Patch This Year Targets In-the-Wild Exploits

Google issued emergency Chrome updates to fix CVE-2026-11645, a high-severity out-of-bounds read/write in the V8 engine that’s been exploited in the wild, marking the fifth Chrome zero-day patched this year. The fix covers Windows, Mac, and Linux builds; attackers could achieve remote code execution and bypass ASLR via crafted HTML, with Google restricting bug detail disclosures until most users are updated. Earlier this year Chrome also addressed four other zero-days (CVE-2026-2441, CVE-2026-3909, CVE-2026-3910, CVE-2026-5281), and last year fixed eight exploited flaws.

Microsoft’s Digital Crimes Unit at Center of Z-day Disclosure Controversy
cybersecurity1 month ago

Microsoft’s Digital Crimes Unit at Center of Z-day Disclosure Controversy

Microsoft is facing backlash from security researchers after signaling that its Digital Crimes Unit will pursue cases against individuals who publicly disclose Windows zero-day vulnerabilities, arguing such disclosures endanger customers. The controversy centers on Nightmare Eclipse’s six disclosed exploits; Microsoft contends coordinated disclosure is essential, while critics warn the stance could chill research and highlight First Amendment and CFAA debates. The piece situates the dispute within broader tensions over vulnerability disclosure, state-backed hacking, and how security researchers should responsibly report flaws.

Microsoft's crackdown on public zero-days fuels security researcher feud
tech1 month ago

Microsoft's crackdown on public zero-days fuels security researcher feud

Microsoft is facing backlash over its handling of zero-day exploits after a security researcher going by Nightmare Eclipse publicly posted exploit code. Microsoft says it plans to file a criminal case for failing to coordinate disclosure and has disabled Nightmare Eclipse's GitHub, GitLab, and MSRC accounts. Security researcher Kevin Beaumont notes that Microsoft has hired people with public zero-day histories and even buys exploits, raising questions about the company’s stance on “responsible disclosure” and highlighting a broader clash between vendors and researchers over vulnerability reporting.

Microsoft Faces Backlash After Threatening Legal Action Over Windows Bugs
technology1 month ago

Microsoft Faces Backlash After Threatening Legal Action Over Windows Bugs

Microsoft drew sharp criticism from the cybersecurity community after threatening legal action against Nightmare Eclipse, a researcher who published six unpatched Windows zero-days outside the MSRC disclosure process, including a BlueHammer privilege-escalation proof-of-concept. Microsoft says coordinated disclosure protects customers, while researchers argue it stifles bug reporting; the dispute has led to the takedown of the researcher’s GitHub/GitLab pages and MSRC accounts, with promises of further disclosures and a broader debate over disclosure policies.

Gogs zero-day opens door to remote code execution on default-config servers
security1 month ago

Gogs zero-day opens door to remote code execution on default-config servers

Security researchers warn of a critical zero-day in the Gogs self-hosted Git service that enables remote code execution on internet-facing instances via an argument-injection chain in the Merge() path. The flaw affects current releases (0.14.2, 0.15.0+dev) and can be exploited starting from a registered account on servers with open registration and unlimited repository creation, potentially allowing an attacker to run arbitrary code, access private data, and pivot to other systems. There is no patch or CVE assigned yet; thousands of Gogs servers are exposed online, highlighting the risk. This follows a prior Gogs RCE patch for CVE-2025-8110 and has prompted caution from security agencies.

Microsoft backs coordinated vulnerability disclosure after researcher’s zero-day spill
security1 month ago

Microsoft backs coordinated vulnerability disclosure after researcher’s zero-day spill

Microsoft pressed for Coordinated Vulnerability Disclosure after Chaotic Eclipse exposed multiple Windows zero-days (BlueHammer, RedSun, UnDefend, YellowKey, among others), with several exploits already in the wild. The company says uncoordinated disclosures risk customers and impeded timely fixes, while promoting dialogue within the security community. GitHub reportedly removed the researcher’s account amid the flare-up, and exploit code briefly appeared on GitLab before the account was blocked. The researcher has warned of a July 14, 2026 release, signaling ongoing tensions between researchers and vendors over disclosure practices.