Acer Confirms Patch in Progress for Wave 7 Router 0-Day Flaw
Acer has confirmed that it is actively developing a firmware patch to address critical zero-day vulnerabilities affecting its Wave 7 routers, following respo...
20 articles
Acer has confirmed that it is actively developing a firmware patch to address critical zero-day vulnerabilities affecting its Wave 7 routers, following respo...
The first vulnerability, CVE-2026-49200, is a broken access control flaw that allows unauthenticated attackers to access plaintext credentials from log archi...
Acer is working to address two maximum-severity zero-day vulnerabilities affecting its Wave 7 mesh routers. [.
Microsoft has responded to backlash over its initial threats of legal action against researchers who publicly disclose zero-day vulnerabilities without coord...
A security researcher has released exploit code for a Visual Studio Code (VS Code) zero-day vulnerability that allows attackers to steal GitHub authenticatio...
The actively exploited vulnerability, identified as CVE-2025-48595, is a high-severity flaw in the Android Framework that allows local attackers to gain code...
Google says the Android vulnerability CVE-2025-48595 has been exploited in limited, targeted attacks. The post Android Update Patches Exploited Zero-Day, 123...
Google has released the June 2026 Android security patches to address 124 vulnerabilities, including one zero-day flaw exploited in targeted attacks. [.
Google has disclosed a critical Android zero-day vulnerability that is reportedly being actively exploited in targeted attacks, raising serious concerns abou...
Overview Rapid7 Labs conducted a zero-day research project against an HP Poly VVX 450 Voice over Internet Protocol (VoIP) phone. This research resulted in th...
Microsoft said it is taking the feedback seriously, adding: “To be clear about our approach to legal matters, we have no intention to pursue action against i...
Each vulnerability was published with working proof-of-concept code to the Microsoft-owned code repository GitHub, making them immediately available to both ...
The critical-severity issue, assigned a CVSS score of 9.4, is an argument injection flaw that can be exploited by authenticated attackers via pull requests w...
A researcher dropped 6 Windows zero-days with no warning. Three are now exploited in the wild.
In this roundup, Tony looks at attacks against Polish water treatment facilities, how AI-directed attacks failed in Mexico, and what Google believes is the f...
An unpatched zero-day vulnerability in the Gogs self-hosted Git service can allow attackers to gain remote code execution (RCE) on Internet-facing instances. [.
Microsoft has come out strongly in favor of Coordinated Vulnerability Disclosure (CVD), urging the research community to share their findings and give affect...
Fortinet rolled out hotfixes for the security defect in April, warning that it had been exploited in the wild as a zero-day and urging immediate patching. Th...
Qumulo has unveiled Qumulo NeuralProtect, a ransomware resilience solution built to protect data at the storage layer by detecting and stopping threats befor...
Qevlar has announced a new set of AI agents designed to bridge the disconnect between Security Operations Centers (SOCs) and vulnerability management teams. ...