Skip to content
The Nexus
DossierENTITY

zero-day

Coverage of zero-day in the Nexus archive.

Earliest in view: Apr 15 · 08:40 UTCMost recent: Jun 13 · 10:30 UTC
Co-mentioned in this coverage
Recent coverage
  • SECURITYJun 13 · 10:30 UTCWIRED
    The FCC Wants to Kill Burner Phones

    The FCC aims to restrict burner phones, Microsoft released a major security update linked to AI bug hunting, and the ShinyHunters ransomware group exploited an Oracle zero-day vulnerability.

  • SECURITYJun 12 · 20:26 UTCDARK READING
    ShinyHunters Uses Oracle Zero-Day to Rampage Higher Ed

    ShinyHunters exploited a zero-day vulnerability in Oracle's ERP software to steal data from American universities. The attack took advantage of a critical bug that disproportionately impacted higher education institutions.

  • SECURITYJun 9 · 12:15 UTCTHE REGISTER
    Chrome's zero-day Whac-A-Mole continues with fifth exploited bug of the year

    Google patched the fifth actively exploited Chrome zero-day of 2026, CVE-2026-11645, an out-of-bounds memory access flaw in the V8 JavaScript engine. The vulnerability was reported by researcher '303f06e3' and earned a $55,000 bounty, with technical details withheld to prevent further exploitation.

  • SECURITYJun 3 · 11:28 UTCTHE HACKER NEWS
    Beyond the Zero-Day: See Your Network Like an Attacker | Webinar with HD Moore

    The webinar 'Beyond the Zero-Day' with HD Moore highlights the inevitability of cyber breaches due to zero-day exploits and AI-driven attacks. It emphasizes shifting focus from patching vulnerabilities to controlling network architecture to limit attack reach.

  • SECURITYJun 1 · 12:11 UTCRECORDED FUTURE NEWS
    Microsoft says it will not pursue security researchers after zero-day backlash

    Microsoft stated it will not take legal action against security researchers conducting or publishing their research, following backlash over a zero-day issue. The company emphasized it takes feedback seriously and clarified its approach to legal matters.

  • SECURITYApr 30 · 11:40 UTCBLEEPING COMPUTER
    Critical cPanel and WHM bug exploited as a zero-day, PoC now available

    A critical authentication bypass vulnerability (CVE-2026-41940) in cPanel, WHM, and WP Squared is being actively exploited in the wild as a zero-day attack, with proof-of-concept (PoC) code now available. The flaw has been leveraged since late February, highlighting urgent security risks for users of these platforms.

  • SECURITYApr 23 · 11:05 UTCBLEEPING COMPUTER
    CISA orders feds to patch BlueHammer flaw exploited as zero-day

    CISA has directed U.S. federal agencies to address a critical privilege escalation vulnerability in Microsoft Defender, known as BlueHammer, which is currently being exploited in zero-day attacks. The flaw allows attackers to escalate privileges, posing a significant security risk.

  • SECURITYApr 22 · 06:53 UTCBLEEPING COMPUTER
    Over 1,300 Microsoft SharePoint servers vulnerable to spoofing attacks

    Over 1,300 Microsoft SharePoint servers remain unpatched against a spoofing vulnerability, which was exploited as a zero-day and is still being used in ongoing attacks. The vulnerability allows attackers to spoof SharePoint servers, exposing sensitive data and systems to potential breaches.

  • SECURITYApr 21 · 11:30 UTCTHE HACKER NEWS
    No Exploit Needed: How Attackers Walk Through the Front Door via Identity-Based Attacks

    The cybersecurity industry has focused on sophisticated threats like zero-days and AI-generated exploits, but stolen credentials remain the most reliable entry point for attackers. Identity-based attacks, particularly through credential stuffing, are a dominant initial access vector in breaches.

  • SECURITYApr 15 · 08:40 UTCTHE HACKER NEWS
    Microsoft Issues Patches for SharePoint Zero-Day and 168 Other New Vulnerabilities

    Microsoft released updates addressing 169 security vulnerabilities, including a SharePoint zero-day actively exploited in the wild. The patches include fixes for 157 Important, eight Critical, three Moderate, and one Low severity flaws.

zero-day · Dossier · The Nexus