#Zero-Day
CVE-2026-48172 puts LiteSpeed cPanel deployments on a KEV deadline
CVE-2026-48172 puts LiteSpeed cPanel deployments on a KEV deadline CVE-2026-48172 has escalated from vendor emergency to federal patching priority. On May 26, 2...
Lucas Oliveira
Research
CVE-2026-42897 makes on-prem Exchange an immediate mitigation priority
CVE-2026-42897 makes on-prem Exchange an immediate mitigation priority CVE-2026-42897 is the kind of [zero-day](https://invaders.ie/resources/glossary/zero-day)...
Lucas Oliveira
Research
Dirty Frag Linux kernel zero-day gives local users a fast path to root
Dirty Frag Linux kernel zero-day gives local users a fast path to root Dirty Frag is the kind of Linux bug defenders worry about because it turns a limited foot...
Lucas Oliveira
Research
Dirty Frag Linux kernel zero-day gives local users a fast path to root
Dirty Frag Linux kernel zero-day gives local users a fast path to root Dirty Frag deserves attention because it is not a theoretical Linux bug waiting for slow...
Lucas Oliveira
Research
CVE-2026-0300 puts exposed PAN-OS User-ID portals on a zero-day attack path
CVE-2026-0300 puts exposed PAN-OS User-ID portals on a zero-day attack path A critical point in the new PAN-OS warning is that defenders are not looking at a ro...
Lucas Oliveira
Research
Leaked Windows Defender zero-days are already being used to gain SYSTEM access
Leaked Windows Defender zero-days are already being used to gain SYSTEM access A fast-moving Windows story matters to defenders this week for a simple reason: p...
Lucas Oliveira
Research
Storm-1175 turns patch gaps into rapid Medusa ransomware intrusions
Storm-1175 turns patch gaps into rapid Medusa ransomware intrusions Storm-1175 is a financially motivated threat actor that Microsoft says has been using newly...
Lucas Oliveira
Research
CVE-2026-3502 turns TrueConf updates into a KEV-listed malware channel
CVE-2026-3502 turns TrueConf updates into a KEV-listed malware channel CVE-2026-3502 is the kind of vulnerability defenders should pay attention to even if True...
Lucas Oliveira
Research
Telegram zero-click flaw ZDI-CAN-30207 raises 9.8 risk
Telegram zero-click flaw ZDI-CAN-30207 raises 9.8 risk | 2026 ZDI-CAN-30207 is now listed on the Zero Day Initiative's upcoming advisory page as a Telegram issu...
Lucas Oliveira
Research
CVE-2026-4681: PTC warns of imminent Windchill and FlexPLM RCE risk
CVE-2026-4681: PTC warns of imminent Windchill and FlexPLM RCE risk CVE-2026-4681 deserves immediate attention because PTC is signaling urgency before full patc...
Lucas Oliveira
Research
DarkSword iOS Exploit Chain Hits Multiple Threat Actors
DarkSword iOS Exploit Chain Hits Multiple Threat Actors Executive Summary Google Threat Intelligence Group says DarkSword is a full-chain iOS [exploit](https://...
Lucas Oliveira
Research
DarkSword iOS Exploit Chain Hits Multiple Threat Actors
DarkSword shows how iPhone zero-days spread far beyond a single operator Executive Summary Google Threat Intelligence Group says DarkSword is a full-chain iOS [...
Lucas Oliveira
Research