SecurityWeek

Microsoft Patches Office Zero-Day Likely Exploited in Targeted Attacks

Microsoft released patches for CVE-2026-21509, a new Office zero-day vulnerability that can be exploited to bypass security features.
HHS

Windows Warning: Zero-Day Attack

Microsoft is warning Windows users that they're vulnerable to a new zero-day flaw that attackers have been exploiting to remotely execute arbitrary code. "At this time, we are aware of limited, ...

Microsoft patches actively exploited Office zero-day vulnerability

Microsoft has released emergency security updates to patch a high-severity Office zero-day vulnerability exploited in attacks ...
Fox News

Apple patches two zero-day flaws used in targeted attacks

Apple has released emergency security updates to fix two zero-day vulnerabilities that attackers actively exploited in highly targeted attacks. The company described the activity as an "extremely ...
Dark Reading

SonicWall Edge Access Devices Hit by Zero-Day Attacks

SonicWall Wednesday disclosed a zero-day vulnerability impacting its SMA1000 access platform that is under active exploitation via chained attacks. CVE-2025-40602 is a medium-severity local privilege ...

China-linked hackers exploited Sitecore zero-day for initial access

An advanced threat actor tracked as UAT-8837 and believed to be linked to China has been focusing on critical infrastructure ...
New York Post

Apple patches two zero-day flaws used in targeted attacks

The company described the activity as an “extremely sophisticated attack” aimed at specific individuals. Although Apple did not identify the attackers or victims, the limited scope strongly suggests ...