Google Patches Actively Exploited Chrome Zero-Day CVE-2026-5281 — CISA Deadline Hits Today
Google has patched a high-severity use-after-free zero-day in Chrome's WebGPU implementation (CVE-2026-5281) that is actively exploited in the wild. CISA set a mandatory federal remediation deadline of April...
Critical Marimo Python Notebook Zero-Day (CVE-2026-39987) Exploited Within 10 Hours of Disclosure
A critical pre-authentication RCE vulnerability (CVE-2026-39987, CVSS 9.3) in the popular Marimo Python notebook platform was weaponised within 10 hours of public disclosure. Attackers are actively harvesting credentials,...
Fortinet Issues Emergency Patch for Actively Exploited FortiClient EMS Zero-Day CVE-2026-35616
A critical zero-day vulnerability (CVE-2026-35616, CVSS 9.1) in Fortinet FortiClient EMS was exploited in the wild before Fortinet published its advisory. The pre-authentication flaw allows remote code execution...
PoC Exploit Leaked for Unpatched Windows Privilege Escalation Zero-Day ‘BlueHammer’
A disgruntled researcher has published a working exploit for BlueHammer, an unpatched Windows local privilege escalation zero-day that abuses Windows Defender's update mechanism. Fully patched Windows 10, 11,...
Adobe Patches Actively Exploited Acrobat Reader Zero-Day CVE-2026-34621 — Exploited Since December 2025
Adobe has issued an emergency patch for CVE-2026-34621 (CVSS 8.6), a prototype pollution zero-day in Acrobat Reader actively exploited since December 2025. Attackers can achieve code execution by...
Google Patches Actively Exploited Chrome Zero-Day CVE-2026-5281 — Update Now
Google has confirmed that CVE-2026-5281, a high-severity use-after-free vulnerability in Chrome's Dawn WebGPU implementation, is being actively exploited in the wild. CISA has added the flaw to its...
CVE-2026-39987: Critical Marimo Python Notebook RCE Exploited Within 10 Hours of Disclosure
A pre-authentication remote code execution flaw (CVSS 9.3) in the Marimo Python notebook framework was weaponized by attackers within just 10 hours of public disclosure. The vulnerability allows...
Windows Zero-Day “BlueHammer” Exploit Code Released — SYSTEM Privileges at Risk
Exploit code has been publicly released for BlueHammer, a Windows zero-day privilege escalation vulnerability that allows attackers to gain full SYSTEM or administrator access. The availability of working...