Latest Zero-day vulnerability news

TrueConf zero-day turned trusted updates into a government espionage backdoor

by Artem Safonov April 3, 2026

A zero-day in TrueConf's update mechanism let a China-linked actor distribute Havoc C2 implants to dozens of Southeast Asian government agencies through a single compromised server. CVE-2026-3502 (CVSS 7.8) required no signature bypass because there was no signature check. Patched …

Microsoft patches 83 CVEs in March 2026, two zero-days disclosed but none exploited

by Artem Safonov March 11, 2026

No confirmed exploitation, but six flaws tagged Exploitation More Likely. Microsoft's March 2026 Patch Tuesday fixes 83 CVEs, two zero-days in SQL Server and .NET, and critical Office RCEs exploitable through the Preview Pane.

Menu

Latest Zero-day vulnerability news

TrueConf zero-day turned trusted updates into a government espionage backdoor

Microsoft patches 83 CVEs in March 2026, two zero-days disclosed but none exploited

Latest News

Editor's Choice

Menu

Latest Zero-day vulnerability news

TrueConf zero-day turned trusted updates into a government espionage backdoor

Microsoft patches 83 CVEs in March 2026, two zero-days disclosed but none exploited

Latest News

Editor's Choice

Stay informed on cybersecurity