Day Two of Pwn2Own Automotive 2026 kicked off with high intensity, as security researchers targeted automotive infotainment systems, EV chargers, and gateways. Building on Day One’s momentum, teams demonstrated 37 unique zero-day vulnerabilities, earning over $516,500 in bounties. The Zero Day Initiative (ZDI) event highlights critical flaws in vehicle tech, from command injections to buffer […]

The post Pwn2Own Automotive 2026: Researchers Score $516,500 For 37 Unique Zero-Days appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

CISA has added CVE-2026-20045, a critical zero-day remote code execution (RCE) vulnerability in Cisco Unified Communications Manager (Unified CM), to its Known Exploited Vulnerabilities (KEV) catalog. Added on January 21, 2026, this flaw affects multiple Cisco Unified Communications products, including Unified CM, Unified CM Session Management Edition (SME), Unified CM IM & Presence Service, Cisco […]

The post Cisco Unified CM Zero-Day RCE Under Attack, CISA Issues Warning appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Cisco has warned customers of a critical zero-day vulnerability affecting several of its Unified Communications products, including Cisco Unified Communications Manager (Unified CM), Unified Communications Manager Session Management Edition (Unified CM SME), Unified Communications Manager IM & Presence Service (IM&P), Cisco Unity Connection, and Cisco Webex Calling Dedicated Instance. Tracked as CVE-2026-20045, the vulnerability carries […]

The post Cisco Unified Communications Zero-Day RCE Flaw Actively Exploited For Root Shell Access appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Cisco has released patches for CVE-2026-20045, a critical vulnerability that can be exploited for unauthenticated remote code execution.

The post Hackers Targeting Cisco Unified CM Zero-Day  appeared first on SecurityWeek.

Microsoft has released its January 2026 Patch Tuesday security updates, addressing 114 vulnerabilities across Windows, Office, and other products. The update includes three actively exploited zero-day vulnerabilities and 12 critical-severity flaws that require immediate attention from system administrators. The January 2026 release addresses a diverse range of security issues, with elevation of privilege vulnerabilities representing […]

The post Microsoft January 2026 Patch Tuesday Fixes 114 Flaws, Including 3 Zero-Days appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Two vulnerabilities patched this month by Microsoft were disclosed publicly before fixes were released.

The post Microsoft Patches Exploited Windows Zero-Day, 111 Other Vulnerabilities appeared first on SecurityWeek.

Fresh attacks targeted three VMware ESXi vulnerabilities that were disclosed in March 2025 as zero-days.

The post Exploit for VMware Zero-Day Flaws Likely Built a Year Before Public Disclosure appeared first on SecurityWeek.

The critical-severity vulnerability allows unauthenticated, remote attackers to execute arbitrary shell commands.

The post Hackers Exploit Zero-Day in Discontinued D-Link Devices appeared first on SecurityWeek.

The critical-severity bug in the Fireware OS’s iked process leads to unauthenticated remote code execution.

The post WatchGuard Patches Firebox Zero-Day Exploited in the Wild appeared first on SecurityWeek.

The medium-severity flaw has been exploited in combination with a critical bug for remote code execution.

The post SonicWall Patches Exploited SMA 1000 Zero-Day appeared first on SecurityWeek.

The critical zero-day is tracked as CVE-2025-20393 and it impacts Secure Email Gateway and Secure Email and Web Manager appliances.

The post China-Linked Hackers Exploiting Zero-Day in Cisco Security Gear appeared first on SecurityWeek.

Apple has released macOS and iOS updates to patch two WebKit zero-days exploited in an “extremely sophisticated” attack.

The post Apple Patches Two Zero-Days Tied to Mysterious Exploited Chrome Flaw appeared first on SecurityWeek.

Heads up, WhatsApp users. A serious zero-day vulnerability existed in WhatsApp that was already exploited…

WhatsApp Addressed An Actively Exploited Zero-Day Vulnerability on Latest Hacking News | Cyber Security News, Hacking Tools and Penetration Testing Courses.

The popular file archiving tool WinRAR had a serious zero-day vulnerability threatening systems with code…

WinRAR Fixed A Zero-Day Flaw Exploited By RomCom on Latest Hacking News | Cyber Security News, Hacking Tools and Penetration Testing Courses.

The post Press information: Crowdsource hacker first to find Zero-Day CVE-2021-43798 in Grafana appeared first on Detectify Blog.

The post How attackers exploit the WordPress Easy-WP-SMTP zero-day appeared first on Detectify Blog.

The post How Detectify handles Zero-Day submissions  appeared first on Detectify Blog.

By Kim Crawley

The latest research from zero-day hunters at Google shows that reporting and detection tools are improving. 

Google researchers uncovered more than double the number in-the-wild zero-days last year than any other period since it started tracking these dangerous software vulnerabilities in 2014. 

“Is it that software security is getting worse? Or is it that attackers are using 0-day exploits more? Or has our ability to detect and disclose 0-days increased? When looking at the significant uptick from 2020 to 2021, we think it’s mostly explained by the latter,” according to Maddie Stone, a security researcher at Google Project Zero, the company’s team that tracks zero-days.

In a recent blog post detailing the 2021 findings, the group detailed the 58 zero-days that it detected as well as trends, attack patterns and techniques they were able to identify last year, too. Even though the group uncovered more than double the number of the previous high in 2015 (28 found), attacker techniques haven’t significantly evolved.

“With this record number of in-the-wild 0-days to analyze, we saw that attacker methodology hasn’t actually had to change much from previous years. Attackers are having success using the same bug patterns and exploitation techniques and going after the same attack surfaces,” wrote Stone.

It’s tough enough for organizations to manage and mitigate known vulnerabilities, but zero-day exploits pose a unique challenge to all organizations. They are often the attackers’ most powerful tool and when executed against businesses, organizations and individuals can have devastating consequences. As Google noted, there were many reports of zero-day exploits used against journalists, human rights groups and government officials last year.

Key findings from Google’s Project Zero report:

• The exploits detected in 2021 are very similar to the exploits Google Project Zero detected in previous years. There are new CVE records, but the nature of the vulnerabilities and how they’re exploited are all fairly typical relative to previous trends.
• Sixty-seven percent (or 39) of the zero-days found in 2021 were memory corruption vulnerabilities. How memory is being used is the main vector for zero-day exploits. They include four buffer overflows, four integer overflows, six out-of-bounds read and writes, and 17 use-after-frees. Maybe the Project is getting better at monitoring memory, or maybe volatile data is more ripe for zero-day exploitation than data in storage.
• Nearly all of the 58 zero-days detected in 2021 follow familiar patterns. But there’s one outlier, CVE-2021-30860, which is an integer overflow vulnerability in the CoreGraphics PDF decoder in iOS 14.8 and iPadOS 14.8, macOS Big Sur 11.6 and watchOS 7.6.2. Security researchers Samuel Groß and Ian Beer noted how unusual the exploit is: “The bootstrapping operations for the sandbox escape exploit are written to run on this logic circuit and the whole thing runs in this weird, emulated environment created out of a single decompression pass through a JBIG2 stream. It’s pretty incredible, and at the same time, pretty terrifying.” Indeed, Google Project Zero said it hopes this is a trend of attackers having to work harder to successfully execute a zero-day exploit.
• Some of the exploits involve classic cyberattack techniques, such as phishing and fingerprinting. CVE-2021-21166 and CVE-2021-30551 are great examples. Google Project Zero’s Maddie Stone and Clement Lecigne wrote: “Both of these 0-days were delivered as one-time links sent by email to the targets, all of whom we believe were in Armenia. The links led to attacker-controlled domains that mimicked legitimate websites related to the targeted users. When a target clicked the link, they were redirected to a webpage that would fingerprint their device, collect system information about the client and generate ECDH keys to encrypt the exploits, and then send this data back to the exploit server. The information collected from the fingerprinting phase included screen resolution, timezone, languages, browser plugins and available MIME types.”

Essentially, Google wants to make it harder for attackers to carry out zero-days. And there’s some evidence in its research that might be happening. While there’s progress in terms of discovering and disclosing zero-days, Project Zero does say there is still a lot of room for improvement. Specifically, they call on companies to disclose more, share more exploit samples and details of attacker techniques and to work harder to reduce memory corruption vulnerabilities. 

It’s also important that once organizations know about a zero-day, they act quickly to find and fix that vulnerability. That requires vigilance and the right approach to testing with an offensive mindset to ensure an organization’s entire attack surface is hardened against the most sophisticated attackers. 

Get in touch today to learn how Synack can help.

The post Researchers Uncover Record Number of Zero-Days. That’s Actually Good News. appeared first on Synack.