Any user can get remote code execution on a Gogs server through a malicious branch name. The maintainer was told in March. It's still not fixed. There's a public exploit. Self-hosters, good luck.
A crafted email is all it takes. Open it in Outlook Web Access and an attacker runs JavaScript in your browser. No patch yet. Here's what to do if you run Exchange on-prem.
You've seen the term in headlines. Log4Shell. MOVEit. Exchange. Here's what a zero-day actually is, why it matters even if you're not a tech company, and what you can do about a threat you can't see coming.
UNC3886 used zero-days and rootkits to breach every major telecom provider in Singapore. The government ran an 11-month counteroperation called CYBER GUARDIAN. If state actors can own an entire country's telecom, what chance does your business have without help?
The Dutch data authority. The European Commission. Finland. The Council for the Judiciary. All breached through Ivanti EPMM zero-days. CVSS 9.8. If you manage mobile devices with Ivanti, check your version now.