Latest news

Linux Kernel Zero-Day “Copy Fail” (CVE-2026-31431) Grants Root Access on Every Major Distro Since 2017
Vulnerability

Linux Kernel Zero-Day “Copy Fail” (CVE-2026-31431) Grants Root Access on Every Major Distro Since 2017

30 April 2026 dark6

A newly disclosed Linux kernel zero-day dubbed "Copy Fail" (CVE-2026-31431) allows any unprivileged local user to obtain root access on...
Read more 0
APT28 Exploits Windows 0-Click Flaw CVE-2026-32202 to Steal NTLM Hashes via Defender SmartScreen Bypass
Vulnerability

APT28 Exploits Windows 0-Click Flaw CVE-2026-32202 to Steal NTLM Hashes via Defender SmartScreen Bypass

29 April 2026 dark6

Russian state-sponsored APT28 is actively exploiting CVE-2026-32202, a zero-click Windows Shell vulnerability that bypasses Defender SmartScreen and silently exfiltrates Net-NTLMv2...
Read more 0
Microsoft Defender “RedSun” Zero-Day (CVE-2026-33825): Unpatched Exploit Grants Full SYSTEM Access
Vulnerability

Microsoft Defender “RedSun” Zero-Day (CVE-2026-33825): Unpatched Exploit Grants Full SYSTEM Access

28 April 2026 dark6

An unpatched zero-day dubbed RedSun (CVE-2026-33825) actively exploits a flaw in Windows Defender's cloud file rollback mechanism to grant attackers...
Read more 0
Microsoft Patch Tuesday April 2026: 168 Vulnerabilities Fixed Including Actively Exploited SharePoint Zero-Day
Vulnerability

Microsoft Patch Tuesday April 2026: 168 Vulnerabilities Fixed Including Actively Exploited SharePoint Zero-Day

25 April 2026 dark6

Microsoft's April 2026 Patch Tuesday fixes a record 168 vulnerabilities, including an actively exploited SharePoint zero-day (CVE-2026-32201) and a publicly...
Read more 0
Critical Fortinet FortiClient EMS Zero-Day CVE-2026-35616 Exploited Before Official Patch Was Released
Vulnerability

Critical Fortinet FortiClient EMS Zero-Day CVE-2026-35616 Exploited Before Official Patch Was Released

22 April 2026 dark6

A critical SQL injection zero-day in Fortinet's FortiClient EMS (CVE-2026-35616) is being actively exploited in the wild. WatchTowr sensors detected...
Read more 0
Windows Defender Triple Zero-Day: BlueHammer, RedSun, and UnDefend Actively Exploited in the Wild
Vulnerability

Windows Defender Triple Zero-Day: BlueHammer, RedSun, and UnDefend Actively Exploited in the Wild

22 April 2026 dark6

Three critical zero-day vulnerabilities — BlueHammer (CVE-2026-33825), RedSun, and UnDefend — have been discovered in Windows Defender's remediation engine. All...
Read more 0
Three Windows Defender Zero-Days Exploited in the Wild: BlueHammer Patched, RedSun and UnDefend Still Unpatched
Vulnerability

Three Windows Defender Zero-Days Exploited in the Wild: BlueHammer Patched, RedSun and UnDefend Still Unpatched

19 April 2026 dark6

A security researcher dropped three Windows Defender zero-day exploits in 13 days — BlueHammer (CVE-2026-33825), RedSun, and UnDefend. All three...
Read more 0
Microsoft April 2026 Patch Tuesday: Actively Exploited SharePoint Zero-Day Among 167 Fixes
Vulnerability

Microsoft April 2026 Patch Tuesday: Actively Exploited SharePoint Zero-Day Among 167 Fixes

18 April 2026 dark6

Microsoft's April 2026 Patch Tuesday patches 167 vulnerabilities including an actively exploited SharePoint Server zero-day (CVE-2026-32201) and a publicly disclosed...
Read more 0
CVE-2026-39987: Marimo RCE Zero-Day Exploited Within 10 Hours of Disclosure — 662 Attacks Recorded
Vulnerability

CVE-2026-39987: Marimo RCE Zero-Day Exploited Within 10 Hours of Disclosure — 662 Attacks Recorded

17 April 2026 dark6

A critical unauthenticated RCE vulnerability in the Marimo Python notebook framework (CVE-2026-39987) was actively exploited just 10 hours after public...
Read more 0
Google Patches Actively Exploited Chrome Zero-Day CVE-2026-5281 — CISA Deadline Hits Today
Vulnerability

Google Patches Actively Exploited Chrome Zero-Day CVE-2026-5281 — CISA Deadline Hits Today

15 April 2026 dark6

Google has patched a high-severity use-after-free zero-day in Chrome's WebGPU implementation (CVE-2026-5281) that is actively exploited in the wild. CISA...
Read more 0
Critical Marimo Python Notebook Zero-Day (CVE-2026-39987) Exploited Within 10 Hours of Disclosure
Vulnerability

Critical Marimo Python Notebook Zero-Day (CVE-2026-39987) Exploited Within 10 Hours of Disclosure

14 April 2026 dark6

A critical pre-authentication RCE vulnerability (CVE-2026-39987, CVSS 9.3) in the popular Marimo Python notebook platform was weaponised within 10 hours...
Read more 0
Fortinet Issues Emergency Patch for Actively Exploited FortiClient EMS Zero-Day CVE-2026-35616
Vulnerability

Fortinet Issues Emergency Patch for Actively Exploited FortiClient EMS Zero-Day CVE-2026-35616

13 April 2026 dark6

A critical zero-day vulnerability (CVE-2026-35616, CVSS 9.1) in Fortinet FortiClient EMS was exploited in the wild before Fortinet published its...
Read more 0