S.v. N.SönmezPwn2Own 2026'da Windows 11, Microsoft Exchange ve yapay zeka araçlarında 39 sıfır gün açığı keşfedildi! Siber güvenlikte sıcak gelişmeler. Dijital savunma her zamankinden kritik. Güncel kalmak ve önlem almak şart!
jbz🔓 Mystery Microsoft bug leaker keeps the zero-days coming
「 Nightmare-Eclipse described YellowKey as "one of the most insane discoveries I ever found." They provided the files, which have to be loaded onto a USB drive, and if the attacker completes the key sequence correctly, they are granted unrestricted shell access to a BitLocker-protected machine 」
Analyst207Cisco SD-WAN Zero-Day Exploited for Admin Access
A critical zero-day vulnerability, CVE-2026-20182, has been exploited in Cisco SD-WAN, allowing hackers to gain unrestricted administrative control with a severity score of 10 on the CVSS scale. This flaw enables unauthenticated attackers to manipulate network configurations and take control of Cisco Catalyst SD-WAN Controller with ease.
Cisco Zero-Day Exploited in Ongoing Attacks by Persistent Threat Group
A newly discovered Cisco zero-day vulnerability, CVE-2026-20182, is being exploited in ongoing attacks, allowing threat actors to gain the highest administrative access to a network controller, essentially handing them a master key to wreak havoc. This max-severity flaw has sparked a race against time for Cisco customers and national cyber…
CyberNetsecIO📰 Researcher Leaks Two Windows Zero-Day Exploits, 'YellowKey' and 'GreenPlasma', Amid Dispute with Microsoft
⚠️ ZERO-DAY ALERT ⚠️ A researcher has publicly dropped two new Windows exploits, 'YellowKey' (BitLocker bypass) & 'GreenPlasma' (EoP), after a dispute with Microsoft. Active exploitation reported. No patches available. #ZeroDay #Windows #CyberSecurity
🌐 cyber[.]netsecops[.]io
🔗 https://cyber.netsecops.io/articles/researcher-leaks-two-windows-zero-day-exploits…
📰 Microsoft Exchange Zero-Day Under Active Attack, Mitigations Deployed Automatically
📢 Microsoft confirms a new Exchange Server zero-day (CVE-2026-42897) is actively exploited! The XSS flaw in OWA affects on-prem servers. Mitigations are being deployed automatically via the EM service. Check your systems! 🛡️ #Exchange #Zeroday
🌐 cyber[.]netsecops[.]io
📰 Cisco Scrambles to Patch Critical 10.0 CVSS Zero-Day in SD-WAN Under Active Attack
🚨 CRITICAL ZERO-DAY: Cisco warns of active exploitation of a 10.0 CVSS auth bypass flaw (CVE-2026-20182) in Catalyst SD-WAN. Attackers can gain full admin access. CISA has issued a directive to patch immediately! ⚠️ #CyberSecurity #ZeroDay #Cisco
🌐 cyber[.]netsecops[.]io
Hackers Disrupt Microsoft Exchange, Windows 11 at Pwn2Own Contest
Security researchers just scored big at Pwn2Own Berlin 2026, raking in $385,750 for exploiting 15 zero-day vulnerabilities in top tech targets like Microsoft Exchange and Windows 11. The contest, running from May 14-16, offers up to $1 million in prizes for hacking the latest enterprise technologies.
#Pwn2ownContest #ZeroDay #MicrosoftExchange #Windows11 #EnterpriseApplications
AACISA has updated the KEV catalogue.
- CVE-2026-4289: Microsoft Exchange Server Cross-Site Scripting Vulnerability https://www.cve.org/CVERecord?id=CVE-2026-42897 #Microsoft #CISA #zeroday #infosec #vulnerability
𝕂𝚞𝚋𝚒𝚔ℙ𝚒𝚡𝚎𝚕«„Fragnesia“ — Nächste Rechteausweitungslücke im Linux-Kernel:
Microsoft warnt vor einer weiteren Variante der CopyFail-Lücke namens „Fragnesia“ im Linux-Kernel. Sie verschafft root-Rechte.»
Mist, die nächste Linux-Lücke heute und dies noch von Microsoft entdeckt. Moment mal, könnte es sein dass es…, oder doch nicht…, ach komm…, ne es ist…?!??
#linux #fragnesia #microsoft #itsicherheit #lucke #copyfail #root #kernel #itsec #it #linuxkernel #opensource #0day #zeroday
