Security news aggregator

Latest coverage for 0-Day

Explore the latest 0-Day vulnerabilities news, expert insights, and cyber threat updates to stay ahead in information security.

138 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

0-Day, also spelled as Zero-Day, is a term used in information security to describe a software vulnerability that is unknown to the party or parties responsible for patching or fixing the vulnerability. The "zero" in the term denotes that the developers have zero days to address the flaw because it has already been discovered by attackers who can exploit it to cause harm before a fix is made available.

In the context of information security, a 0-Day vulnerability is particularly dangerous because it can be actively exploited by cybercriminals to gain unauthorized access, steal sensitive data, execute malicious code, or cause service disruptions. Because the vulnerability is not widely known, protective measures and patches are typically not yet in place, leaving systems and users vulnerable until the software developer releases an update to patch the security hole.

0-Day exploits are often sold or shared on the black market among hackers and are considered valuable because they are effective against systems that are considered to be secure. Information security professionals actively work to discover and mitigate these vulnerabilities before they can be exploited, and users are encouraged to apply software updates regularly to protect themselves against known 0-Day vulnerabilities that have been patched.

Volume over time

Weekly headline count for the current query.

Showing 20 most recent headlines of 138 Filtered view

Threat actors are exploiting a critical FortiClient EMS flaw, tracked as CVE-2026-35616, to deploy malware on unpatched systems. Threat actors are exploiting a critical FortiClient EMS vulnerability, tracked as CVE-2026-35616 (CVSS score of 9.1), that allows remote code execution without authentication. Fortinet released fixes in April after confirming zero-day attacks in the wild and urged […]

More from Security Affairs 29 May 2026, 4:05 a.m. Incident · 10 stories Actively exploited CVE-2026-35616 0-Day Authentication CVE Critical Flaw Fortinet Malware Patch Remote Code Execution Theft Threat Actor Vulnerability

Cisco is warning that a critical Catalyst SD-WAN Controller authentication bypass flaw, tracked as CVE-2026-20182, was actively exploited in zero-day attacks that allowed attackers to gain administrative privileges on compromised devices. [...]

More from Bleeping Computer 15 May 2026, 8:09 a.m. Incident · 4 stories Actively exploited CVE-2026-20182 0-Day Authentication Bypass CVE Cisco Compromise Critical Flaw Warning

Interlock's post-exploit toolkit exposed Ransomware criminals exploited CVE-2026-20131, a maximum-severity bug in Cisco Secure Firewall Management Center software, as a zero-day vulnerability more than a month before Cisco patched the hole, according to Amazon security boss CJ Moses.…

More from The Register 19 Mar 2026, 6:40 a.m. Actively exploited CVE-2026-20131 0-Day Amazon CVE Cisco Disclosure Exploit Exposure Firewalls Flaw Patch Ransomware Vulnerability

Amazon Threat Intelligence is warning of an active Interlock ransomware campaign that's exploiting a recently disclosed critical security flaw in Cisco Secure Firewall Management Center (FMC) Software

More from The Hacker News 19 Mar 2026, 5:00 a.m. Actively exploited CVE-2026-20131 0-Day Amazon CVE Cisco Critical Disclosure Exploit Firewalls Flaw Java Ransomware Root Unauthenticated Vulnerability Warning

A newly disclosed maximum-severity security flaw in Cisco Catalyst SD-WAN Controller (formerly vSmart) and Catalyst SD-WAN Manager (formerly vManage) has come under active exploitation in the wild as part of malicious activity that dates back to 2023

More from The Hacker News 26 Feb 2026, 7:13 p.m. Actively exploited CVE-2026-20127 0-Day Authentication Bypass CVE Cisco Disclosure Flaw Unauthenticated Vulnerability

Cisco is warning that a critical authentication bypass vulnerability in Cisco Catalyst SD-WAN, tracked as CVE-2026-20127, was actively exploited in zero-day attacks that allowed remote attackers to compromise controllers and add malicious rogue peers to targeted networks. [...]

More from Bleeping Computer 26 Feb 2026, 7:01 a.m. Actively exploited CVE-2026-20127 0-Day Authentication Bypass CVE Cisco Compromise Critical Vulnerability Warning

A maximum severity security vulnerability in Dell RecoverPoint for Virtual Machines has been exploited as a zero-day by a suspected China-nexus threat cluster dubbed UNC6201 since mid-2024, according to a new report from Google Mandiant and Google Threat Intelligence Group (GTIG)

More from The Hacker News 18 Feb 2026, 11:32 p.m. Actively exploited CVE-2026-22769 0-Day CVE China Credentials Dell Google Report Vulnerability

Fortinet has confirmed a new, actively exploited critical FortiCloud single sign-on (SSO) authentication bypass vulnerability, tracked as CVE-2026-24858, and says it has mitigated the zero-day attacks by blocking FortiCloud SSO connections from devices running vulnerable firmware versions. [...]

More from Bleeping Computer 28 Jan 2026, 12:19 p.m. Actively exploited CVE-2026-24858 0-Day Authentication Blocked Bypass CVE Critical Firmware Fortinet Patch SSO Vulnerability