Follow Cyber Kendra on Google News! | WhatsApp | Telegram

Add as a preferred source on Google
ZeroDay Bug
BitLocker Bypass GreatXML: Using Defender Offline Scan Against You

BitLocker Bypass GreatXML: Using Defender Offline Scan Against You

If you have ever run Windows Defender's Offline Scan, your BitLocker encryption may already be compromised — before an attacker even logs in. Sec…
Microsoft Defender Zero-Day PoC Gives SYSTEM Access on Fully Patched Windows

Microsoft Defender Zero-Day PoC Gives SYSTEM Access on Fully Patched Windows

A researcher who has turned Microsoft's vulnerability disclosure process into a public battleground has released another working exploit — this t…
Researcher Drops PoC for 1-Click GitHub Token Theft via VSCode Bug — Skips MSRC Entirely

Researcher Drops PoC for 1-Click GitHub Token Theft via VSCode Bug — Skips MSRC Entirely

Security researcher Ammar Askar has publicly released a fully working proof-of-concept (PoC) exploit that can steal a victim's GitHub OAuth token…
Trend Micro's Own Security Tool Turned Against Enterprises — Apex One Zero-Day Actively Exploited

Trend Micro's Own Security Tool Turned Against Enterprises — Apex One Zero-Day Actively Exploited

The endpoint security software meant to protect enterprise networks from attackers has itself become a target. Trend Micro has patched a zero-day vul…
Palo Alto PAN-OS Zero-Day Under Active Attack — No Patch Available Yet

Palo Alto PAN-OS Zero-Day Under Active Attack — No Patch Available Yet

Attackers are already exploiting a critical zero-day vulnerability in Palo Alto Networks' PAN-OS, the operating system powering the company's…
Telegram 0-Day: One Sticker Could Hack You — Telegram Calls It Fake

Telegram 0-Day: One Sticker Could Hack You — Telegram Calls It Fake

[Updated: March 30, 2026 — Score revised from 9.8 to 7.0. Original story below.] On Sunday, Telegram's official account dismissed a newly disclos…
Apple Rushes Patch for Actively Exploited Zero-Day Linked to Spyware Attacks

Apple Rushes Patch for Actively Exploited Zero-Day Linked to Spyware Attacks

Apple has issued emergency security updates to address a critical zero-day vulnerability actively exploited in what the company describes as an "…
Hackers Are Actively Exploiting Critical Microsoft Office Flaw—Patch Now or Risk Takeover

Hackers Are Actively Exploiting Critical Microsoft Office Flaw—Patch Now or Risk Takeover

Microsoft has scrambled to release an out-of-band security patch for a high-severity zero-day vulnerability in Office that attackers are actively wea…
Cloudflare's Certificate Path Let Attackers Sidestep Web Application Firewalls for Months

Cloudflare's Certificate Path Let Attackers Sidestep Web Application Firewalls for Months

A seemingly innocuous certificate validation path became a hidden gateway past Cloudflare's Web Application Firewall (WAF), security researchers …
New VMware Zero-Day Exploited Chinese Hackers

New VMware Zero-Day Exploited Chinese Hackers

A critical privilege escalation vulnerability in VMware products was exploited in the wild for nearly a year before being patched, security researche…
Hackers Exploit Cisco Firewall Zero-Days, CISA Issues Emergency Directive

Hackers Exploit Cisco Firewall Zero-Days, CISA Issues Emergency Directive

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued Emergency Directive, ordering federal agencies to immediately identify an…
Cisco Patches Critical IOS Zero-Day Under Active Attack—Millions of Network Devices at Risk

Cisco Patches Critical IOS Zero-Day Under Active Attack—Millions of Network Devices at Risk

Cisco has released emergency security patches for a critical zero-day vulnerability in its IOS and IOS XE software that attackers are actively exploi…
8-Year-Old Sample Key Exposes Thousands of Sitecore Websites to Hackers

8-Year-Old Sample Key Exposes Thousands of Sitecore Websites to Hackers

Cybersecurity researchers at Google's Mandiant have uncovered an active exploitation campaign targeting Sitecore deployments using a sample encry…
WhatsApp Patches Actively Exploited 0day Flaw

WhatsApp Patches Actively Exploited 0day Flaw

WhatsApp has rushed to patch a critical zero-day vulnerability that was actively exploited in targeted cyberattacks against journalists, activists, a…
Stealth Falcon Exploits Zero-Day CVE-2025-33053 Against Middle East Defense Targets

Stealth Falcon Exploits Zero-Day CVE-2025-33053 Against Middle East Defense Targets

Check Point Research has uncovered a sophisticated cyber espionage campaign orchestrated by the Stealth Falcon APT group, which exploited a previousl…
Critical SAP Zero-Day Vulnerability Under Active Exploitation

Critical SAP Zero-Day Vulnerability Under Active Exploitation

A critical zero-day vulnerability in SAP NetWeaver systems (CVE-2025-31324) is currently being actively exploited by threat actors, according to secu…
BLASTPASS Explained: How NSO’s WebP Zero-Day Exploit Hacked iPhones Silently

BLASTPASS Explained: How NSO’s WebP Zero-Day Exploit Hacked iPhones Silently

In September 2023, Apple rushed to patch a critical vulnerability after researchers uncovered an alarming zero-click exploit chain attributed to…
Kaspersky Uncovers New Chrome 0-Day Actively Exploited

Kaspersky Uncovers New Chrome 0-Day Actively Exploited

In the latest discovery, Kaspersky Lab exposed a highly sophisticated cyber attack, dubbed “ Operation ForumTroll ,” that leverages a critical zero-d…
Zero-Day Flaw in Parallels Desktop Allows Root Privilege Escalation

Zero-Day Flaw in Parallels Desktop Allows Root Privilege Escalation

Security researchers have dropped a significant zero-day vulnerability in Parallels Desktop that could allow attackers to gain root privileges on mac…
Apple Fix Actively Exploited Zero-Day in iPhone and iPad

Apple Fix Actively Exploited Zero-Day in iPhone and iPad

Apple has released iOS 18.3 and iPadOS 18.3, introducing significant security improvements with patches for more than 20 vulnerabilities across vari…