Latest news

Critical SAP SQL Injection CVE-2026-27681 (CVSS 9.9) Exposes Financial Data in Business Planning and Warehouse Systems
Vulnerability

Critical SAP SQL Injection CVE-2026-27681 (CVSS 9.9) Exposes Financial Data in Business Planning and Warehouse Systems

19 April 2026 dark6

SAP's April 2026 Patch Day addresses CVE-2026-27681, a near-perfect CVSS 9.9 SQL injection flaw in SAP Business Planning and Consolidation...
Read more 0
Three Windows Defender Zero-Days Exploited in the Wild: BlueHammer Patched, RedSun and UnDefend Still Unpatched
Vulnerability

Three Windows Defender Zero-Days Exploited in the Wild: BlueHammer Patched, RedSun and UnDefend Still Unpatched

19 April 2026 dark6

A security researcher dropped three Windows Defender zero-day exploits in 13 days — BlueHammer (CVE-2026-33825), RedSun, and UnDefend. All three...
Read more 0
CISA Adds Apache ActiveMQ CVE-2026-34197 to KEV Catalog as Active Exploitation Surges
Vulnerability

CISA Adds Apache ActiveMQ CVE-2026-34197 to KEV Catalog as Active Exploitation Surges

18 April 2026 dark6

CISA has added CVE-2026-34197, a high-severity (CVSS 8.8) deserialization flaw in Apache ActiveMQ Classic, to its Known Exploited Vulnerabilities catalog...
Read more 0
Microsoft April 2026 Patch Tuesday: Actively Exploited SharePoint Zero-Day Among 167 Fixes
Vulnerability

Microsoft April 2026 Patch Tuesday: Actively Exploited SharePoint Zero-Day Among 167 Fixes

18 April 2026 dark6

Microsoft's April 2026 Patch Tuesday patches 167 vulnerabilities including an actively exploited SharePoint Server zero-day (CVE-2026-32201) and a publicly disclosed...
Read more 0
CVE-2026-39987: Marimo RCE Zero-Day Exploited Within 10 Hours of Disclosure — 662 Attacks Recorded
Vulnerability

CVE-2026-39987: Marimo RCE Zero-Day Exploited Within 10 Hours of Disclosure — 662 Attacks Recorded

17 April 2026 dark6

A critical unauthenticated RCE vulnerability in the Marimo Python notebook framework (CVE-2026-39987) was actively exploited just 10 hours after public...
Read more 0
Critical Fortinet FortiClient EMS Vulnerability CVE-2026-21643 Actively Exploited — CISA Demands Patch Today
Vulnerability

Critical Fortinet FortiClient EMS Vulnerability CVE-2026-21643 Actively Exploited — CISA Demands Patch Today

16 April 2026 dark6

CISA has added CVE-2026-21643, a critical pre-authentication SQL injection flaw in Fortinet FortiClient EMS (CVSS 9.1), to its Known Exploited...
Read more 0
Adobe Acrobat Zero-Day CVE-2026-34621: Four Months of Targeted Espionage via Prototype Pollution Exploit
Vulnerability

Adobe Acrobat Zero-Day CVE-2026-34621: Four Months of Targeted Espionage via Prototype Pollution Exploit

15 April 2026 dark6

Adobe patched a critical zero-day in Acrobat Reader (CVE-2026-34621) that was exploited for at least four months via a sophisticated...
Read more 0
Microsoft April 2026 Patch Tuesday: 163 CVEs Including Two Zero-Days and a Public “BlueHammer” Exploit
Vulnerability

Microsoft April 2026 Patch Tuesday: 163 CVEs Including Two Zero-Days and a Public “BlueHammer” Exploit

15 April 2026 dark6

Microsoft's April 2026 Patch Tuesday addresses 163 CVEs, including an actively exploited SharePoint spoofing zero-day (CVE-2026-32201) and a publicly leaked...
Read more 0
Google Patches Actively Exploited Chrome Zero-Day CVE-2026-5281 — CISA Deadline Hits Today
Vulnerability

Google Patches Actively Exploited Chrome Zero-Day CVE-2026-5281 — CISA Deadline Hits Today

15 April 2026 dark6

Google has patched a high-severity use-after-free zero-day in Chrome's WebGPU implementation (CVE-2026-5281) that is actively exploited in the wild. CISA...
Read more 0
Critical Marimo Python Notebook Zero-Day (CVE-2026-39987) Exploited Within 10 Hours of Disclosure
Vulnerability

Critical Marimo Python Notebook Zero-Day (CVE-2026-39987) Exploited Within 10 Hours of Disclosure

14 April 2026 dark6

A critical pre-authentication RCE vulnerability (CVE-2026-39987, CVSS 9.3) in the popular Marimo Python notebook platform was weaponised within 10 hours...
Read more 0
Fortinet Issues Emergency Patch for Actively Exploited FortiClient EMS Zero-Day CVE-2026-35616
Vulnerability

Fortinet Issues Emergency Patch for Actively Exploited FortiClient EMS Zero-Day CVE-2026-35616

13 April 2026 dark6

A critical zero-day vulnerability (CVE-2026-35616, CVSS 9.1) in Fortinet FortiClient EMS was exploited in the wild before Fortinet published its...
Read more 0
PoC Exploit Leaked for Unpatched Windows Privilege Escalation Zero-Day ‘BlueHammer’
Vulnerability

PoC Exploit Leaked for Unpatched Windows Privilege Escalation Zero-Day ‘BlueHammer’

13 April 2026 dark6

A disgruntled researcher has published a working exploit for BlueHammer, an unpatched Windows local privilege escalation zero-day that abuses Windows...
Read more 0