Zero-Day

Cybersecurity 5 min LiteSpeed cPanel Plugin Zero-Day CVE-2026-48172: Maximum-Severity Root Escalation Under Active Exploitation CVE-2026-48172 in the LiteSpeed User-End cPanel Plugin carries a CVSS v4.0 score of 10.0 and was added to CISA... CY Cyber Team 1 Jun Cybersecurity 8 min Pwn2Own Berlin 2026 Pays Out $1.4M Across Three Days — Chrome Sandbox, Tesla Infotainment, Linux Kernel All Fall The OffensiveCon Pwn2Own contest wrapped on Wednesday with $1.4 million paid out across 27 zero-days. A Chrome... CY Cyber Team 19 May Cybersecurity 8 min Google Documents First Observed AI-Developed Zero-Day Exploit Tied to a Planned Mass-Exploitation Campaign Google's Threat Intelligence Group has described what it believes is the first case of an AI-developed zero-da... CY Cyber Team 18 May Cybersecurity 3 min Cisco Patches Sixth SD-WAN Zero-Day of 2026 — UAT-8616 Attribution from Talos Cisco shipped an emergency advisory for CVE-2026-20182 on 15 May 2026, a peering authentication bypass in Cata... CY Cyber Team 18 May Cybersecurity 13 min Exchange Server Zero-Day CVE-2026-42897 — Crafted-Email XSS Spoofs OWA Without User Click Microsoft disclosed CVE-2026-42897 on 14 May 2026 — an XSS spoofing flaw in Exchange OWA exploited via crafted... CY Cyber Team 14 May Cybersecurity 8 min Critical Palo Alto Firewall Zero-Day Actively Exploited by State-Sponsored Hackers — CISA Orders Patch by 9 May CVE-2026-0300, a critical PAN-OS buffer overflow enabling unauthenticated root-level RCE, is being actively ex... CY Cyber Team 8 May Cybersecurity 8 min AI-Assisted Attacks Are the New Normal: Mandiant M-Trends 2026 Shows Exploit Windows Have Inverted Mandiant's M-Trends 2026 report confirms 28.3% of CVEs are now exploited within 24 hours of disclosure — and d... CY Cyber Team 8 May Cybersecurity 5 min Anthropic's Project Glasswing Found a 27-Year-Old Bug in OpenBSD — Before Hackers Could Anthropic's Project Glasswing used an unreleased frontier model to find thousands of zero-day vulnerabilities... CY Cyber Team 20 Apr