Researchers from Google LLC and two cybersecurity companies have identified a set of zero-day exploits in iOS 18. Google’s GTIG threat intelligence team, Lookout Inc. and iVerify Inc. published their findings today.

Google has confirmed an emergency Chrome security update amid reports that attackers are exploiting two zero-day vulnerabilities.

The Interlock ransomware gang has been exploiting a maximum severity remote code execution (RCE) vulnerability in Cisco's Secure Firewall Management Center (FMC) software in zero-day attacks since late January.

The zero-day trend is clear

Admins have been handed a patching emergency as Amazon reveals that Interlock ransomware started targeting the FMC flaw in January.

It always pays to top up your browser security.

According to X user Dark Web Informer, a cybercriminal known as Kamirmassabi recently posted an ad on an underground hacking forum, offering to sell a zero-day

Exploitation of zero-days by commercial surveillance and spyware developers outpaced exploitation by nation-state actors last year, according to a report.

Interlock ransomware is actively exploiting CVE-2026-20131 (CVSS 10.0) in Cisco FMC, enabling unauthenticated remote code execution as root.

While the ongoing war has brought attention to Iran’s cyber operations, threat intelligence indicates that China dominates the zero-day cyber exploit space.

Sysdig cited figures from the Zero Day Clock initiative which revealed that median time-to-exploit (TTE) collapsed from 771 days in 2018 to just hours in 2024. It said that, by 2023, 44% of exploited vulnerabilities were weaponized within 24 hours of disclosure, and 80% of public exploits appeared before the official advisory was published.