Zero-day
Cisco Talos has detailed how a Chinese-linked group is exploiting an unpatched zero-day in email security appliances since late November 2025, deploying backdoors and log-wiping tools for persistent access.
Reported by AI
Researchers have identified two Windows vulnerabilities currently under widespread exploitation, including a zero-day flaw known to attackers since 2017. Microsoft has yet to patch the zero-day, while the second critical issue received an emergency fix after an initial incomplete patch. These attacks target users across multiple countries and involve advanced persistent threats.