Security

A critical zero-day in Cisco IOS XE is being actively exploited in the wild, allowing attackers full remote control of vulnerable switches and routers.

CISA adds a critical Linux kernel privilege escalation flaw to its Known Exploited Vulnerabilities catalog following active attacks.

Fortinet zero-day exploit leads to remote code execution in SSL VPN appliances, with active exploitation reported by CISA.

Mitel MiCollab zero-day CVE-2024-41713 actively exploited in March 2025. CISA adds to catalog. Urgent patch.

Apple released emergency fixes for a WebKit zero-day (CVE-2025-24201) exploited in the wild. Update iOS, macOS, and Safari immediately.

Apple's latest kernel zero-day exploit (CVE-2025-24201) is being exploited in the wild, targeting iOS and macOS devices. Urgent patching required.

Cisco warns of active exploitation of a critical zero-day vulnerability in its IOS XE software, allowing remote attackers full control.

A critical zero-day in Palo Alto Networks PAN-OS is being actively exploited to breach enterprise firewalls—and the full scale of the attack remains unknown.

Active exploitation of two new Ivanti zero-days threatens government and enterprise networks worldwide. Patch urgently.

OpenSSH remote code execution vulnerability allows unauthenticated attackers to gain root access on Unix servers. Patch now.

Chrome zero-day exploit used in targeted attacks. Google issues emergency patch. Update now to prevent theft.

Cisco warns of active exploitation of a critical zero-day vulnerability in its IOS XE software, allowing remote attackers to gain root access and deploy implants.