Security news aggregator

Latest coverage for 0-Day

Explore the latest 0-Day vulnerabilities news, expert insights, and cyber threat updates to stay ahead in information security.

6 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

0-Day, also spelled as Zero-Day, is a term used in information security to describe a software vulnerability that is unknown to the party or parties responsible for patching or fixing the vulnerability. The "zero" in the term denotes that the developers have zero days to address the flaw because it has already been discovered by attackers who can exploit it to cause harm before a fix is made available.

In the context of information security, a 0-Day vulnerability is particularly dangerous because it can be actively exploited by cybercriminals to gain unauthorized access, steal sensitive data, execute malicious code, or cause service disruptions. Because the vulnerability is not widely known, protective measures and patches are typically not yet in place, leaving systems and users vulnerable until the software developer releases an update to patch the security hole.

0-Day exploits are often sold or shared on the black market among hackers and are considered valuable because they are effective against systems that are considered to be secure. Information security professionals actively work to discover and mitigate these vulnerabilities before they can be exploited, and users are encouraged to apply software updates regularly to protect themselves against known 0-Day vulnerabilities that have been patched.

Volume over time

Weekly headline count for the current query.

Showing 6 most recent headlines Filtered view

Threat actors are exploiting a critical FortiClient EMS flaw, tracked as CVE-2026-35616, to deploy malware on unpatched systems. Threat actors are exploiting a critical FortiClient EMS vulnerability, tracked as CVE-2026-35616 (CVSS score of 9.1), that allows remote code execution without authentication. Fortinet released fixes in April after confirming zero-day attacks in the wild and urged […]

More from Security Affairs 29 May 2026, 4:05 a.m. Incident · 10 stories Actively exploited CVE-2026-35616 0-Day Authentication CVE Critical Flaw Fortinet Malware Patch Remote Code Execution Theft Threat Actor Vulnerability
Bank Info Security 1 month, 4 weeks ago

Attackers Target Zero-Day Flaw in Fortinet Security Software

Vendor Issues Hotfix for Critical Flaw in FortiClient Endpoint Management ServerFortinet's endpoint management security server software is under fire from attackers, who are actively targeting two critical flaws, including a fresh zero-day that facilitates unauthenticated remote code or command execution. The vendor has issued a hotfix and promised a full patch.

More from Bank Info Security 7 Apr 2026, 5:00 a.m. Incident · 10 stories 0-Day Critical Flaw Fortinet Patch Unauthenticated Vendor