Latest news

Five OpenClaw Zero-Days Let Attackers Silently Hijack AI Agent Access on Slack, Teams, and Discord
Vulnerability

Five OpenClaw Zero-Days Let Attackers Silently Hijack AI Agent Access on Slack, Teams, and Discord

4 June 2026 dark6

Researcher Philip Garabandic disclosed five zero-day vulnerabilities in OpenClaw allowing identity spoofing to hijack trusted AI agent access across Slack,...
Read more 0
CVE-2025-48595: Android 0-Day Actively Exploited — Patch Your Devices Now
Vulnerability

CVE-2025-48595: Android 0-Day Actively Exploited — Patch Your Devices Now

4 June 2026 dark6

Google has confirmed active exploitation of CVE-2025-48595, a zero-click Android Framework privilege escalation flaw affecting Android 14-16. Devices without the...
Read more 0
CVE-2026-41089: Windows Netlogon 0-Click RCE Now Actively Exploited — Patch Domain Controllers Immediately
Vulnerability

CVE-2026-41089: Windows Netlogon 0-Click RCE Now Actively Exploited — Patch Domain Controllers Immediately

1 June 2026 dark6

Microsoft’s May 2026 Patch Tuesday addressed CVE-2026-41089, a critical Windows Netlogon 0-click RCE — now actively exploited in the wild....
Read more 0
AI Discovers 10,000+ Zero-Days: Anthropic’s Claude Mythos Preview Transforms Cybersecurity Defense
AI

AI Discovers 10,000+ Zero-Days: Anthropic’s Claude Mythos Preview Transforms Cybersecurity Defense

24 May 2026 dark6

Anthropic's Claude Mythos Preview AI model has autonomously discovered over 10,000 critical zero-day vulnerabilities across major software systems as part...
Read more 0
CISA Adds Two Actively Exploited Microsoft Defender Zero-Days to KEV Catalog — Patch by June 3
Vulnerability

CISA Adds Two Actively Exploited Microsoft Defender Zero-Days to KEV Catalog — Patch by June 3

23 May 2026 dark6

CISA has added two critical Microsoft Defender vulnerabilities — CVE-2026-45498 and CVE-2026-41091 — to its Known Exploited Vulnerabilities catalog following...
Read more 0
LiteSpeed cPanel Plugin Zero-Day (CVE-2026-48172) Actively Exploited to Gain Server Root Access
Vulnerability

LiteSpeed cPanel Plugin Zero-Day (CVE-2026-48172) Actively Exploited to Gain Server Root Access

23 May 2026 dark6

LiteSpeed has disclosed and patched a critical zero-day privilege escalation flaw (CVE-2026-48172) in its cPanel user-end plugin that is already...
Read more 0
Windows ‘MiniPlasma’ Zero-Day Grants SYSTEM Privileges on Fully Patched Systems — Public PoC Released
Vulnerability

Windows ‘MiniPlasma’ Zero-Day Grants SYSTEM Privileges on Fully Patched Systems — Public PoC Released

19 May 2026 dark6

A critical Windows zero-day dubbed 'MiniPlasma' has surfaced with a public proof-of-concept exploit, allowing unprivileged attackers to achieve full SYSTEM-level...
Read more 0
Pwn2Own Berlin 2026 Day 2: Exchange, Windows 11, and AI Coding Tools Fall to Zero-Days — $908,750 in Total Prizes
Vulnerability

Pwn2Own Berlin 2026 Day 2: Exchange, Windows 11, and AI Coding Tools Fall to Zero-Days — $908,750 in Total Prizes

18 May 2026 dark6

Day Two of Pwn2Own Berlin 2026 saw 15 new zero-day exploits demonstrated against Microsoft Exchange (full RCE chain worth $200,000),...
Read more 0
First Public macOS Kernel Exploit on Apple M5 Bypasses Hardware Memory Protection — Developed in Just Five Days With AI Assistance
Vulnerability

First Public macOS Kernel Exploit on Apple M5 Bypasses Hardware Memory Protection — Developed in Just Five Days With AI Assistance

18 May 2026 dark6

Security researchers have developed the first known public macOS kernel exploit targeting Apple M5 hardware, bypassing Memory Integrity Enforcement (MIE)...
Read more 0
CISA Adds CVE-2026-32202 to KEV Catalog as APT28 Actively Exploits Zero-Click Windows Shell Flaw
Vulnerability

CISA Adds CVE-2026-32202 to KEV Catalog as APT28 Actively Exploits Zero-Click Windows Shell Flaw

13 May 2026 dark6

CISA has added CVE-2026-32202, a zero-click Windows Shell authentication coercion flaw, to its KEV catalog following confirmed active exploitation by...
Read more 0
PoC Exploit Released for Android Zero-Click CVE-2026-0073 — Silent ADB Shell Access on Android 14–16
Vulnerability

PoC Exploit Released for Android Zero-Click CVE-2026-0073 — Silent ADB Shell Access on Android 14–16

13 May 2026 dark6

A public PoC exploit for CVE-2026-0073 enables any network-local attacker to gain a full ADB shell on unpatched Android 14–16...
Read more 0
Critical Palo Alto PAN-OS Vulnerability CVE-2026-0300 Actively Exploited — Unauthenticated Root RCE on Firewalls
Vulnerability

Critical Palo Alto PAN-OS Vulnerability CVE-2026-0300 Actively Exploited — Unauthenticated Root RCE on Firewalls

13 May 2026 dark6

Palo Alto Networks is warning of a critical CVE-2026-0300 buffer overflow in PAN-OS Captive Portal that enables unauthenticated root-level remote...
Read more 0