home.social

#zeroday — Public Fediverse posts

Live and recent posts from across the Fediverse tagged #zeroday, aggregated by home.social.

  1. CVE-2026-5426: zero-day in KnowledgeDeliver LMS sfruttato per distribuire BLUEBEAM e Cobalt Strike BEACON

    Mandiant ha pubblicato i dettagli dell'exploitation attiva di CVE-2026-5426, zero-day nel LMS KnowledgeDeliver causato da chiavi ASP.NET machineKey hardcoded e condivise tra tutte le installazioni. L'attacco ha portato al deployment della web shell in-memory BLUEBEAM e, tramite social engineering degli utenti, alla distribuzione di Cobalt Strike BEACON personalizzato per organizzazione.

    insicurezzadigitale.com/cve-20

  2. CVE-2026-5426: zero-day in KnowledgeDeliver LMS sfruttato per distribuire BLUEBEAM e Cobalt Strike BEACON

    Mandiant ha pubblicato i dettagli dell'exploitation attiva di CVE-2026-5426, zero-day nel LMS KnowledgeDeliver causato da chiavi ASP.NET machineKey hardcoded e condivise tra tutte le installazioni. L'attacco ha portato al deployment della web shell in-memory BLUEBEAM e, tramite social engineering degli utenti, alla distribuzione di Cobalt Strike BEACON personalizzato per organizzazione.

    insicurezzadigitale.com/cve-20

  3. CVE-2026-5426: zero-day in KnowledgeDeliver LMS sfruttato per distribuire BLUEBEAM e Cobalt Strike BEACON

    Mandiant ha pubblicato i dettagli dell'exploitation attiva di CVE-2026-5426, zero-day nel LMS KnowledgeDeliver causato da chiavi ASP.NET machineKey hardcoded e condivise tra tutte le installazioni. L'attacco ha portato al deployment della web shell in-memory BLUEBEAM e, tramite social engineering degli utenti, alla distribuzione di Cobalt Strike BEACON personalizzato per organizzazione.

    insicurezzadigitale.com/cve-20

  4. CVE-2026-5426: zero-day in KnowledgeDeliver LMS sfruttato per distribuire BLUEBEAM e Cobalt Strike BEACON

    Mandiant ha pubblicato i dettagli dell'exploitation attiva di CVE-2026-5426, zero-day nel LMS KnowledgeDeliver causato da chiavi ASP.NET machineKey hardcoded e condivise tra tutte le installazioni. L'attacco ha portato al deployment della web shell in-memory BLUEBEAM e, tramite social engineering degli utenti, alla distribuzione di Cobalt Strike BEACON personalizzato per organizzazione.

    insicurezzadigitale.com/cve-20

  5. CVE-2026-5426: zero-day in KnowledgeDeliver LMS sfruttato per distribuire BLUEBEAM e Cobalt Strike BEACON

    Mandiant ha pubblicato i dettagli dell'exploitation attiva di CVE-2026-5426, zero-day nel LMS KnowledgeDeliver causato da chiavi ASP.NET machineKey hardcoded e condivise tra tutte le installazioni. L'attacco ha portato al deployment della web shell in-memory BLUEBEAM e, tramite social engineering degli utenti, alla distribuzione di Cobalt Strike BEACON personalizzato per organizzazione.

    insicurezzadigitale.com/cve-20

  6. Critical Vulnerability in KnowledgeDeliver LMS Has Been Patched

    A zero-day (CVE-2026-5426) in KnowledgeDeliver LMS is being actively exploited due to reused ASP.NET machine keys.

    Pulse ID: 6a164033c76e927d4afb9278
    Pulse Link: otx.alienvault.com/pulse/6a164
    Pulse Author: cryptocti
    Created: 2026-05-27 00:52:03

    Be advised, this data is unverified and should be considered preliminary. Always do further verification.

    #CyberSecurity #Edge #InfoSec #Mac #NET #OTX #OpenThreatExchange #Vulnerability #ZeroDay #bot #cryptocti

  7. Critical Vulnerability in KnowledgeDeliver LMS Has Been Patched

    A zero-day (CVE-2026-5426) in KnowledgeDeliver LMS is being actively exploited due to reused ASP.NET machine keys.

    Pulse ID: 6a164033c76e927d4afb9278
    Pulse Link: otx.alienvault.com/pulse/6a164
    Pulse Author: cryptocti
    Created: 2026-05-27 00:52:03

    Be advised, this data is unverified and should be considered preliminary. Always do further verification.

    #CyberSecurity #Edge #InfoSec #Mac #NET #OTX #OpenThreatExchange #Vulnerability #ZeroDay #bot #cryptocti

  8. Critical Vulnerability in KnowledgeDeliver LMS Has Been Patched

    A zero-day (CVE-2026-5426) in KnowledgeDeliver LMS is being actively exploited due to reused ASP.NET machine keys.

    Pulse ID: 6a164033c76e927d4afb9278
    Pulse Link: otx.alienvault.com/pulse/6a164
    Pulse Author: cryptocti
    Created: 2026-05-27 00:52:03

    Be advised, this data is unverified and should be considered preliminary. Always do further verification.

    #CyberSecurity #Edge #InfoSec #Mac #NET #OTX #OpenThreatExchange #Vulnerability #ZeroDay #bot #cryptocti

  9. Critical Vulnerability in KnowledgeDeliver LMS Has Been Patched

    A zero-day (CVE-2026-5426) in KnowledgeDeliver LMS is being actively exploited due to reused ASP.NET machine keys.

    Pulse ID: 6a164033c76e927d4afb9278
    Pulse Link: otx.alienvault.com/pulse/6a164
    Pulse Author: cryptocti
    Created: 2026-05-27 00:52:03

    Be advised, this data is unverified and should be considered preliminary. Always do further verification.

    #CyberSecurity #Edge #InfoSec #Mac #NET #OTX #OpenThreatExchange #Vulnerability #ZeroDay #bot #cryptocti

  10. Critical Vulnerability in KnowledgeDeliver LMS Has Been Patched

    A zero-day (CVE-2026-5426) in KnowledgeDeliver LMS is being actively exploited due to reused ASP.NET machine keys.

    Pulse ID: 6a164033c76e927d4afb9278
    Pulse Link: otx.alienvault.com/pulse/6a164
    Pulse Author: cryptocti
    Created: 2026-05-27 00:52:03

    Be advised, this data is unverified and should be considered preliminary. Always do further verification.

    #CyberSecurity #Edge #InfoSec #Mac #NET #OTX #OpenThreatExchange #Vulnerability #ZeroDay #bot #cryptocti

  11. Critical Vulnerability in KnowledgeDeliver LMS Has Been Patched

    A zero-day (CVE-2026-5426) in KnowledgeDeliver LMS is being actively exploited due to reused ASP.NET machine keys.

    Pulse ID: 6a15820b3e17a040b5f904e1
    Pulse Link: otx.alienvault.com/pulse/6a158
    Pulse Author: cryptocti
    Created: 2026-05-26 11:20:43

    Be advised, this data is unverified and should be considered preliminary. Always do further verification.

    #CyberSecurity #Edge #InfoSec #Mac #NET #OTX #OpenThreatExchange #Vulnerability #ZeroDay #bot #cryptocti

  12. Critical Vulnerability in KnowledgeDeliver LMS Has Been Patched

    A zero-day (CVE-2026-5426) in KnowledgeDeliver LMS is being actively exploited due to reused ASP.NET machine keys.

    Pulse ID: 6a15820b3e17a040b5f904e1
    Pulse Link: otx.alienvault.com/pulse/6a158
    Pulse Author: cryptocti
    Created: 2026-05-26 11:20:43

    Be advised, this data is unverified and should be considered preliminary. Always do further verification.

    #CyberSecurity #Edge #InfoSec #Mac #NET #OTX #OpenThreatExchange #Vulnerability #ZeroDay #bot #cryptocti

  13. Critical Vulnerability in KnowledgeDeliver LMS Has Been Patched

    A zero-day (CVE-2026-5426) in KnowledgeDeliver LMS is being actively exploited due to reused ASP.NET machine keys.

    Pulse ID: 6a15820b3e17a040b5f904e1
    Pulse Link: otx.alienvault.com/pulse/6a158
    Pulse Author: cryptocti
    Created: 2026-05-26 11:20:43

    Be advised, this data is unverified and should be considered preliminary. Always do further verification.

    #CyberSecurity #Edge #InfoSec #Mac #NET #OTX #OpenThreatExchange #Vulnerability #ZeroDay #bot #cryptocti

  14. Critical Vulnerability in KnowledgeDeliver LMS Has Been Patched

    A zero-day (CVE-2026-5426) in KnowledgeDeliver LMS is being actively exploited due to reused ASP.NET machine keys.

    Pulse ID: 6a15820b3e17a040b5f904e1
    Pulse Link: otx.alienvault.com/pulse/6a158
    Pulse Author: cryptocti
    Created: 2026-05-26 11:20:43

    Be advised, this data is unverified and should be considered preliminary. Always do further verification.

    #CyberSecurity #Edge #InfoSec #Mac #NET #OTX #OpenThreatExchange #Vulnerability #ZeroDay #bot #cryptocti

  15. Critical Vulnerability in KnowledgeDeliver LMS Has Been Patched

    A zero-day (CVE-2026-5426) in KnowledgeDeliver LMS is being actively exploited due to reused ASP.NET machine keys.

    Pulse ID: 6a15820b3e17a040b5f904e1
    Pulse Link: otx.alienvault.com/pulse/6a158
    Pulse Author: cryptocti
    Created: 2026-05-26 11:20:43

    Be advised, this data is unverified and should be considered preliminary. Always do further verification.

    #CyberSecurity #Edge #InfoSec #Mac #NET #OTX #OpenThreatExchange #Vulnerability #ZeroDay #bot #cryptocti

  16. Eine neue #Episode des #Zeroday #Podcast ist #online: 0d133 – IP Leaks

    Link zur Episode: 0x0d.de/2026/05/0d133-ip-leaks/

    Während Sven nichtsahnend die news gelesen hat, schlich sich ein Thema in seinen Fokus. Getrieben von der Frage “Was ist ein IP-Leak?” Begab sich Sven auf

    @[email protected] (Stefan)
    @zeroday (Sven)

    #Datenschutz #DNS #Informationssicherheit #IPLeaks #IPv2 #IPv6 #ITSecurity #ITSicherheit #privacy #Privatsphäre #WebRTC

  17. Eine neue #Episode des #Zeroday #Podcast ist #online: 0d133 – IP Leaks

    Link zur Episode: 0x0d.de/2026/05/0d133-ip-leaks/

    Während Sven nichtsahnend die news gelesen hat, schlich sich ein Thema in seinen Fokus. Getrieben von der Frage “Was ist ein IP-Leak?” Begab sich Sven auf

    @[email protected] (Stefan)
    @zeroday (Sven)

    #Datenschutz #DNS #Informationssicherheit #IPLeaks #IPv2 #IPv6 #ITSecurity #ITSicherheit #privacy #Privatsphäre #WebRTC

  18. Eine neue #Episode des #Zeroday #Podcast ist #online: 0d133 – IP Leaks

    Link zur Episode: 0x0d.de/2026/05/0d133-ip-leaks/

    Während Sven nichtsahnend die news gelesen hat, schlich sich ein Thema in seinen Fokus. Getrieben von der Frage “Was ist ein IP-Leak?” Begab sich Sven auf

    @[email protected] (Stefan)
    @zeroday (Sven)

    #Datenschutz #DNS #Informationssicherheit #IPLeaks #IPv2 #IPv6 #ITSecurity #ITSicherheit #privacy #Privatsphäre #WebRTC

  19. Eine neue #Episode des #Zeroday #Podcast ist #online: 0d133 – IP Leaks

    Link zur Episode: 0x0d.de/2026/05/0d133-ip-leaks/

    Während Sven nichtsahnend die news gelesen hat, schlich sich ein Thema in seinen Fokus. Getrieben von der Frage “Was ist ein IP-Leak?” Begab sich Sven auf

    @[email protected] (Stefan)
    @zeroday (Sven)

    #Datenschutz #DNS #Informationssicherheit #IPLeaks #IPv2 #IPv6 #ITSecurity #ITSicherheit #privacy #Privatsphäre #WebRTC

  20. Eine neue #Episode des #Zeroday #Podcast ist #online: 0d133 – IP Leaks

    Link zur Episode: 0x0d.de/2026/05/0d133-ip-leaks/

    Während Sven nichtsahnend die news gelesen hat, schlich sich ein Thema in seinen Fokus. Getrieben von der Frage “Was ist ein IP-Leak?” Begab sich Sven auf

    @[email protected] (Stefan)
    @zeroday (Sven)

    #Datenschutz #DNS #Informationssicherheit #IPLeaks #IPv2 #IPv6 #ITSecurity #ITSicherheit #privacy #Privatsphäre #WebRTC

  21. Exploitation of KnowledgeDeliver via ViewState Deserialization Vulnerability

    In late 2025, an unknown threat actor exploited a critical zero-day vulnerability in KnowledgeDeliver, a Learning Management System widely used in Japan. The vulnerability, tracked as CVE-2026-5426, allowed unauthenticated remote code execution through ViewState deserialization attacks. The issue stemmed from identical hardcoded ASP.NET machine keys distributed across multiple customer deployments in the vendor's configuration files. Attackers obtained these keys from one deployment and used them to compromise other internet-facing instances. Following initial access, threat actors deployed the BLUEBEAM in-memory web shell, modified JavaScript files to display fake security alerts, and tricked users into installing malicious software that delivered Cobalt Strike BEACON backdoors. The attack demonstrates the severe risks of shared secrets in deployment templates and highlights the importance of unique cryptographic keys per installation.

    Pulse ID: 6a140384686e44f07358066d
    Pulse Link: otx.alienvault.com/pulse/6a140
    Pulse Author: AlienVault
    Created: 2026-05-25 08:08:36

    Be advised, this data is unverified and should be considered preliminary. Always do further verification.

    #BackDoor #CobaltStrike #CyberSecurity #Edge #InfoSec #Japan #Java #JavaScript #Mac #NET #OTX #OpenThreatExchange #RAT #RemoteCodeExecution #Vulnerability #ZeroDay #bot #AlienVault

  22. #Microsoft #BitLocker-protected drives can now be opened with just some files on a #USB stick — YellowKey #zeroday #exploit demonstrates an apparent backdoor #YellowKey is kind of crazy because now, any device that was stolen but protected by BitLocker is now super-compromised, with no recourse

    #computersecurity #security #cybersec

  23. #Microsoft #BitLocker-protected drives can now be opened with just some files on a #USB stick — YellowKey #zeroday #exploit demonstrates an apparent backdoor #YellowKey is kind of crazy because now, any device that was stolen but protected by BitLocker is now super-compromised, with no recourse

    #computersecurity #security #cybersec

  24. #Microsoft #BitLocker-protected drives can now be opened with just some files on a #USB stick — YellowKey #zeroday #exploit demonstrates an apparent backdoor #YellowKey is kind of crazy because now, any device that was stolen but protected by BitLocker is now super-compromised, with no recourse

    #computersecurity #security #cybersec

  25. #Microsoft #BitLocker-protected drives can now be opened with just some files on a #USB stick — YellowKey #zeroday #exploit demonstrates an apparent backdoor #YellowKey is kind of crazy because now, any device that was stolen but protected by BitLocker is now super-compromised, with no recourse

    #computersecurity #security #cybersec

  26. 📰 New 'MiniPlasma' Windows Zero-Day Resurrects Patched Flaw for Full System Control

    ⚠️ Unpatched Windows zero-day 'MiniPlasma' grants full SYSTEM access! A regression of a 2020 flaw, the PoC exploit works on fully patched Win11 systems. No patch available. #Windows11 #ZeroDay #CyberSecurity #LPE

    🌐 cyber[.]netsecops[.]io

    🔗 cyber.netsecops.io/articles/mi

  27. 📰 New 'MiniPlasma' Windows Zero-Day Resurrects Patched Flaw for Full System Control

    ⚠️ Unpatched Windows zero-day 'MiniPlasma' grants full SYSTEM access! A regression of a 2020 flaw, the PoC exploit works on fully patched Win11 systems. No patch available. #Windows11 #ZeroDay #CyberSecurity #LPE

    🌐 cyber[.]netsecops[.]io

    🔗 cyber.netsecops.io/articles/mi

  28. Bleeping Computer: Microsoft warns of new Defender zero-days exploited in attacks. “On Wednesday, Microsoft started rolling out security patches for two Defender vulnerabilities that have been exploited in zero-day attacks.”

    https://rbfirehose.com/2026/05/23/bleeping-computer-microsoft-warns-of-new-defender-zero-days-exploited-in-attacks/
  29. Trend Micro Discloses Apex One Zero-Day Exploited in Attacks

    A critical zero-day vulnerability, CVE-2026-34926, has been discovered in Trend Micro's Apex One on-premises server, allowing pre-authenticated local attackers to inject malicious code - and it's being actively exploited in attacks. Federal agencies have been ordered to patch affected systems ASAP, with a deadline of June 4, 2026.

    osintsights.com/trend-micro-di

    #ZeroDay #ApexOne #Cve202634926 #TrendMicro #DirectoryTraversal

  30. Google Exposes Unfixed Chromium Flaw Details

    A security researcher just blew the whistle on a glaring Chromium flaw that Google thought was fixed - but still works, putting tens of thousands of users at risk of a botnet attack. The exploit, first reported in 2022, allows malicious websites to remotely execute JavaScript on unsuspecting devices.

    osintsights.com/google-exposes

    #Chromium #ZeroDay #SupplyChain #EmergingThreats #BrowserSecurity

  31. ZERO DAY (2002)
    Uno dei found footage più potenti mai realizzati, non perché abbia inventato il formato, ma perché ha capito meglio di quasi chiunque altro a cosa servisse davvero: non a simulare la realtà, ma a non lasciarle scampo. Ed è, insieme a Bowling for Columbine di Michael Moore, uno dei pochi film capaci di guardare la società americana e dirle che la strage non è un'anomalia, ma una conseguenza. vaevedi.it/2026/05/zero-day-20

    #zeroday #bencoccio #UnoCinema #foundfootage #film

  32. We're sure living in some interesting times: GitHub is hacked via Microsoft's own product curated by its own staff; and now Google releases a zero day for their own browser arstechnica.com/security/2026/ #cybersecurity #zeroday

  33. Funktionierender #Exploit, halluzinierte Dokumentation: Erstmals wurde ein #Zeroday-Exploit identifiziert, der mit hoher Wahrscheinlichkeit mithilfe von #KI entwickelt wurde.

    So enthielt das Skript für den Exploit übermäßig erklärende Kommentare, eine lehrbuchhafte Formatierung und sogar einen halluzinierten Schweregrad #CVSS Wert, der in Wirklichkeit gar nicht existierte.

    Die Erkenntnisse aus dem Fall? #AI identifiziert #Schwachstellen schneller, als uns lieb ist:

    securityweek.com/google-detect

  34. 📰 New 'MiniPlasma' Windows Zero-Day Resurrects Patched Flaw for Full System Control

    ⚠️ Unpatched Windows zero-day 'MiniPlasma' grants full SYSTEM access! A regression of a 2020 flaw, the PoC exploit works on fully patched Win11 systems. No patch available. #Windows11 #ZeroDay #CyberSecurity #LPE

    🌐 cyber[.]netsecops[.]io

    🔗 cyber.netsecops.io/articles/mi

  35. BitLocker Vulnerability Exposed in Zero-Day Windows Exploit

    A newly discovered zero-day exploit, dubbed YellowKey, can bypass Windows 11's standard BitLocker encryption - but don't panic, as it requires physical access to the computer. This vulnerability was recently published by a researcher known as Nightmare-Eclipse on GitHub.

    osintsights.com/bitlocker-vuln

    #ZeroDay #Bitlocker #Windows11 #Encryption #VulnerabilityExploit

  36. A zero-day exploit called YellowKey bypasses default Windows 11 BitLocker protections, giving physical attackers full drive access without recovery keys. 🔓
    Researchers linked the flaw to Transactional NTFS behavior in Windows recovery mode, raising concerns over TPM-only encryption defaults. ⚠️

    🔗 arstechnica.com/security/2026/

    #TechNews #Windows #Windows11 #BitLocker #Microsoft #Cybersecurity #Encryption #ZeroDay #Privacy #Security #TPM #Infosec #Malware #Windows #DataProtection #Hacking

  37. A zero-day exploit called YellowKey bypasses default Windows 11 BitLocker protections, giving physical attackers full drive access without recovery keys. 🔓
    Researchers linked the flaw to Transactional NTFS behavior in Windows recovery mode, raising concerns over TPM-only encryption defaults. ⚠️

    🔗 arstechnica.com/security/2026/

    #TechNews #Windows #Windows11 #BitLocker #Microsoft #Cybersecurity #Encryption #ZeroDay #Privacy #Security #TPM #Infosec #Malware #Windows #DataProtection #Hacking

  38. A zero-day exploit called YellowKey bypasses default Windows 11 BitLocker protections, giving physical attackers full drive access without recovery keys. 🔓
    Researchers linked the flaw to Transactional NTFS behavior in Windows recovery mode, raising concerns over TPM-only encryption defaults. ⚠️

    🔗 arstechnica.com/security/2026/

    #TechNews #Windows #Windows11 #BitLocker #Microsoft #Cybersecurity #Encryption #ZeroDay #Privacy #Security #TPM #Infosec #Malware #Windows #DataProtection #Hacking

  39. A zero-day exploit called YellowKey bypasses default Windows 11 BitLocker protections, giving physical attackers full drive access without recovery keys. 🔓
    Researchers linked the flaw to Transactional NTFS behavior in Windows recovery mode, raising concerns over TPM-only encryption defaults. ⚠️

    🔗 arstechnica.com/security/2026/

    #TechNews #Windows #Windows11 #BitLocker #Microsoft #Cybersecurity #Encryption #ZeroDay #Privacy #Security #TPM #Infosec #Malware #Windows #DataProtection #Hacking

  40. A zero-day exploit called YellowKey bypasses default Windows 11 BitLocker protections, giving physical attackers full drive access without recovery keys. 🔓
    Researchers linked the flaw to Transactional NTFS behavior in Windows recovery mode, raising concerns over TPM-only encryption defaults. ⚠️

    🔗 arstechnica.com/security/2026/

    #TechNews #Windows #Windows11 #BitLocker #Microsoft #Cybersecurity #Encryption #ZeroDay #Privacy #Security #TPM #Infosec #Malware #Windows #DataProtection #Hacking

  41. UAT-8616: il gruppo d’élite sfrutta il sesto zero-day Cisco SD-WAN e prende di mira governi europei e asiatici

    Un threat actor altamente sofisticato, UAT-8616, sfrutta CVE-2026-20182 — vulnerabilità critica CVSS 10.0 nel Cisco Catalyst SD-WAN — per compromettere organizzazioni governative, diplomatiche e della difesa in Europa e Asia Centrale. È la sesta zero-day sulla piattaforma SD-WAN nel 2026. La CISA ha aggiunto il CVE al catalogo KEV il 15 maggio.

    insicurezzadigitale.com/uat-86

  42. 📰 New 'MiniPlasma' Windows Zero-Day Resurrects Patched Flaw for Full System Control

    ⚠️ Unpatched Windows zero-day 'MiniPlasma' grants full SYSTEM access! A regression of a 2020 flaw, the PoC exploit works on fully patched Win11 systems. No patch available. #Windows11 #ZeroDay #CyberSecurity #LPE

    🌐 cyber[.]netsecops[.]io

    🔗 cyber.netsecops.io/articles/mi

  43. 📰 New 'MiniPlasma' Windows Zero-Day Resurrects Patched Flaw for Full System Control

    ⚠️ Unpatched Windows zero-day 'MiniPlasma' grants full SYSTEM access! A regression of a 2020 flaw, the PoC exploit works on fully patched Win11 systems. No patch available. #Windows11 #ZeroDay #CyberSecurity #LPE

    🌐 cyber[.]netsecops[.]io

    🔗 cyber.netsecops.io/articles/mi

  44. Security Researchers Uncover 47 Zero-Days at Pwn2Own Berlin

    In a thrilling three-day competition, security researchers at Pwn2Own Berlin uncovered a staggering 47 zero-day vulnerabilities, raking in nearly $1.3 million in prize money, with the Devcore Research Team taking home a whopping $505,000. The top prizes included a $200,000 award for a VMware ESXi exploit and a $100,000 prize for a…

    osintsights.com/security-resea

    #ZeroDay #Pwn2ownBerlin #VulnerabilityResearch #ExploitDevelopment #Trendai