YellowKey, GreenPlasma, and MiniPlasma add to the growing list of vulnerabilities a security researcher disclosed over the past six weeks.
CVE-2026-Adresse geschuetzt(XSS) vulnerability and can allow an attacker to compromise Outlook Web Access (OWA) mailboxes.
A cybersecurity researcher has released a proof-of-concept exploit for a Windows privilege escalation zero-day dubbed „MiniPlasma“ that lets attackers gain SYSTEM privileges on fully patched Windows systems. […]
Microsoft Exchange: Zero-Day-Lücke wird angegriffenAlert21heise Security Quelle: Heise Security Ticker
The zero-day, tracked as CVE-2026-20182, has been exploited in targeted attacks by a sophisticated threat actor identified as UAT-8616. The post Cisco Patches Another SD-WAN Zero-Day, the Sixth Exploited in 2026 appeared first on SecurityWeek.
A cybersecurity researcher has published proof-of-concept (PoC) exploits for two unpatched Microsoft Windows vulnerabilities named YellowKey and GreenPlasma, which are a BitLocker bypass and a privilege-escalation flaw. […]
Von KI gefundene Zero-Day-Lücke: Google verhindert angeblich Cyberangriff55heise Security Quelle: Heise Security Ticker
The zero-day was designed to bypass 2FA and it was developed by a prominent cybercrime group. The post Google Detects First AI-Generated Zero-Day Exploit appeared first on SecurityWeek.
A new Linux zero-day exploit, named Dirty Frag, allows local attackers to gain root privileges on most major Linux distributions with a single command. […]
The cybersecurity firm has not explicitly accused China of being behind the attack, but the evidence suggests it was. The post Palo Alto Zero-Day Exploited in Campaign Bearing Hallmarks of Chinese State Hacking appeared first on SecurityWeek.