CVE-2026-20700 marks the first actively exploited Apple zero-day of 2026. Analysis of patch management obligations under NIS2 and DORA for enterprise Apple device fleets.
Google fixes CVE-2026-5281, a use-after-free in Dawn (WebGPU implementation) actively exploited in the wild. Chrome's 4th zero-day of 2026. All Chromium browsers affected.
CVE-2026-0625 (CVSS 9.8) affects end-of-life D-Link DSL routers. No patch will ever be released. Learn how to detect if you are exposed and what actions to take immediately.
UNC6201 (China) exploited CVE-2026-22769 (CVSS 10.0) in Dell RecoverPoint since mid-2024 without detection. Three malware strains deployed, root persistence achieved.
Analysis of CVE-2026-20131, a deserialization flaw in Cisco Secure Firewall Management Center. Maximum CVSS score, exploited by Interlock group since January 2026.
Technical analysis of CVE-2026-33017, a critical Langflow vulnerability allowing unauthenticated remote code execution. Exploited within 20 hours of disclosure.
Analysis of the March 2026 Patch Tuesday: 84 vulnerabilities patched by Microsoft, including 2 publicly disclosed zero-days, plus critical Chrome and Android fixes.