Zero-Day on Tenu Tech Brief

Zero-Day on Tenu Tech Brief https://cluster-site.onrender.com/tags/zero-day/ Recent content in Zero-Day on Tenu Tech Brief Hugo -- 0.146.0 en-us Wed, 25 Feb 2026 11:33:08 +0000 US sanctions Russian broker for buying stolen zero-day exploits https://cluster-site.onrender.com/posts/us-sanctions-russian-broker-for-buying-stolen-zero-day-exploits/ Wed, 25 Feb 2026 10:31:13 +0000 https://cluster-site.onrender.com/posts/us-sanctions-russian-broker-for-buying-stolen-zero-day-exploits/ • US sanctions Russian broker for buying stolen zero-day exploits February 25, 2026 05:31 AM 0 The U.S. • Treasury Department has sanctioned a Russian exploit broker who bought sto ZDI-26-120: GIMP ICNS File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability https://cluster-site.onrender.com/posts/zdi-26-120-gimp-icns-file-parsing-heap-based-buffer-overflow-remote-code-execution-vulnerability/ Thu, 19 Feb 2026 06:00:00 +0000 https://cluster-site.onrender.com/posts/zdi-26-120-gimp-icns-file-parsing-heap-based-buffer-overflow-remote-code-execution-vulnerability/ • Remote attackers can execute arbitrary code via GIMP ICNS file parsing. • Exploit requires user interaction: opening malicious file or visiting malicious page. • Vulnerability du ZDI-26-107: Autodesk AutoCAD MODEL File Out-Of-Bounds Write Remote Code Execution Vulnerability https://cluster-site.onrender.com/posts/zdi-26-107-autodesk-autocad-model-file-out-of-bounds-write-remote-code-execution-vulnerability/ Wed, 18 Feb 2026 06:00:00 +0000 https://cluster-site.onrender.com/posts/zdi-26-107-autodesk-autocad-model-file-out-of-bounds-write-remote-code-execution-vulnerability/ • Remote code execution via out-of-bounds write in AutoCAD MODEL file parsing. • Requires user to open malicious file or visit malicious page. • Exploit writes past allocated buffe Singapore & Its 4 Major Telcos Fend Off Chinese Hackers https://cluster-site.onrender.com/posts/singapore-amp-its-4-major-telcos-fend-off-chinese-hackers/ Wed, 18 Feb 2026 01:00:00 +0000 https://cluster-site.onrender.com/posts/singapore-amp-its-4-major-telcos-fend-off-chinese-hackers/ • Singapore’s CSA and four telcos launched ‘Cyber Guardian’ to counter China-linked UNC3886.\n• 100+ incident responders coordinated across government and M1, Singtel, StarHub, Sim Update Chrome now: Zero-day bug allows code execution via malicious webpages https://cluster-site.onrender.com/posts/update-chrome-now-zero-day-bug-allows-code-execution-via-malicious-webpages/ Tue, 17 Feb 2026 12:33:13 +0000 https://cluster-site.onrender.com/posts/update-chrome-now-zero-day-bug-allows-code-execution-via-malicious-webpages/ • Update Chrome now: Zero-day bug allows code execution via malicious webpages Google hasissueda patch for a high‑severity Chrome zero‑day, tracked asCVE‑2026‑2441, a memory bug in New Chrome Zero-Day (CVE-2026-2441) Under Active Attack - Patch Released https://cluster-site.onrender.com/posts/new-chrome-zero-day-cve-2026-2441-under-active-attack-patch-released/ Mon, 16 Feb 2026 06:38:00 +0000 https://cluster-site.onrender.com/posts/new-chrome-zero-day-cve-2026-2441-under-active-attack-patch-released/ • New Chrome Zero-Day (CVE-2026-2441) Under Active Attack - Patch Released Google on Friday released security updates for its Chrome browser to address a security flaw that it said Ivanti EPMM Zero-Day Bugs Spark Exploit Frenzy - Again https://cluster-site.onrender.com/posts/ivanti-epmm-zero-day-bugs-spark-exploit-frenzy-again/ Thu, 12 Feb 2026 22:05:32 +0000 https://cluster-site.onrender.com/posts/ivanti-epmm-zero-day-bugs-spark-exploit-frenzy-again/ • Endpoint Security Cyberattacks & Data Breaches Vulnerabilities & Threats Perimeter News Ivanti EPMM Zero-Day Bugs Spark Exploit Frenzy - Again It’s time to phase out the ‘patch a CVE-2025-6978: Arbitrary Code Execution in the Arista NG Firewall https://cluster-site.onrender.com/posts/cve-2025-6978-arbitrary-code-execution-in-the-arista-ng-firewall/ Thu, 05 Feb 2026 16:45:49 +0000 https://cluster-site.onrender.com/posts/cve-2025-6978-arbitrary-code-execution-in-the-arista-ng-firewall/ • CVE-2025-6978 exposes command injection in Arista NG Firewall’s diagnostics component. • Remote authenticated attackers can craft HTTP requests to execute arbitrary commands as r Microsoft releases update to address zero-day vulnerability in Microsoft Office https://cluster-site.onrender.com/posts/microsoft-releases-update-to-address-zero-day-vulnerability-in-microsoft-office/ Thu, 29 Jan 2026 14:43:54 +0000 https://cluster-site.onrender.com/posts/microsoft-releases-update-to-address-zero-day-vulnerability-in-microsoft-office/ • Microsoft releases update to address zero-day vulnerability in Microsoft Office Microsoft has published three out-of-band (OOB) updates so far in January 2026. • One of these upd Pwn2Own Automotive 2026 - Day One Results https://cluster-site.onrender.com/posts/pwn2own-automotive-2026-day-one-results/ Wed, 21 Jan 2026 04:03:33 +0000 https://cluster-site.onrender.com/posts/pwn2own-automotive-2026-day-one-results/ • 76 unique 0‑day vulnerabilities discovered across three days, totaling $1,047,000 in rewards. • Fuzzware.io clinched Master of Pwn with 28 points, outperforming rivals like Team Sanctioned but Still Spying: Intellexa's Prolific Zero-Day Exploits Continue https://cluster-site.onrender.com/posts/sanctioned-but-still-spying-intellexas-prolific-zero-day-exploits-continue/ Wed, 03 Dec 2025 14:00:00 +0000 https://cluster-site.onrender.com/posts/sanctioned-but-still-spying-intellexas-prolific-zero-day-exploits-continue/ • Sanctioned but Still Spying: Intellexa’s Prolific Zero-Day Exploits Continue Google Threat Intelligence Group Google Threat Intelligence Visibility and context on the threats tha