Zero-Day

• US sanctions Russian broker for buying stolen zero-day exploits February 25, 2026 05:31 AM 0 The U.S. • Treasury Department has sanctioned a Russian exploit broker who bought sto

• Remote attackers can execute arbitrary code via GIMP ICNS file parsing. • Exploit requires user interaction: opening malicious file or visiting malicious page. • Vulnerability du

• Remote code execution via out-of-bounds write in AutoCAD MODEL file parsing. • Requires user to open malicious file or visit malicious page. • Exploit writes past allocated buffe

• Singapore’s CSA and four telcos launched ‘Cyber Guardian’ to counter China-linked UNC3886.\n• 100+ incident responders coordinated across government and M1, Singtel, StarHub, Sim

• Update Chrome now: Zero-day bug allows code execution via malicious webpages Google hasissueda patch for a high‑severity Chrome zero‑day, tracked asCVE‑2026‑2441, a memory bug in

• New Chrome Zero-Day (CVE-2026-2441) Under Active Attack - Patch Released Google on Friday released security updates for its Chrome browser to address a security flaw that it said

• Endpoint Security Cyberattacks & Data Breaches Vulnerabilities & Threats Perimeter News Ivanti EPMM Zero-Day Bugs Spark Exploit Frenzy - Again It’s time to phase out the ‘patch a

• CVE-2025-6978 exposes command injection in Arista NG Firewall’s diagnostics component. • Remote authenticated attackers can craft HTTP requests to execute arbitrary commands as r

• Microsoft releases update to address zero-day vulnerability in Microsoft Office Microsoft has published three out-of-band (OOB) updates so far in January 2026. • One of these upd

• 76 unique 0‑day vulnerabilities discovered across three days, totaling $1,047,000 in rewards. • Fuzzware.io clinched Master of Pwn with 28 points, outperforming rivals like Team

• Sanctioned but Still Spying: Intellexa’s Prolific Zero-Day Exploits Continue Google Threat Intelligence Group Google Threat Intelligence Visibility and context on the threats tha