Cybersecurity Hacking News

Active zero-day exploitation & patching crisis (Check Point, MariaDB, Chrome, Defender, macOS, Apple iOS, SimpleHelp, Oracle EBS, Tenda, ColdFusion, CitrixBleed 2, Android root)

Active zero-day exploitation & patching crisis (Check Point, MariaDB, Chrome, Defender, macOS, Apple iOS, SimpleHelp, Oracle EBS, Tenda, ColdFusion, CitrixBleed 2, Android root)

Check Point VPN zero-day (CVE-2026-50751) exploited by Qilin affiliate; CISA KEV deadline June 11. MariaDB critical (CVSS 10.0). Chrome zero-day under active exploitation. Microsoft Defender two zero-days in CISA KEV; now fixed. CISA mandates 3-day patch window for critical vulns. Apple moves up iOS 26.5.2 security update citing AI threat acceleration. macOS flaw allows attackers to disable enterprise security tools without password. Tenda router backdoor (CVE-2026-11405, CVSS 9.8) unpatched. ColdFusion exploit reported. CitrixBleed 2 exploitation and Android root zero-day added. Patching crisis deepens: AI finds bugs faster than humans can patch. Darktrace reports pre-CVE exploitation detection 18 days before disclosure. Oracle targets faster patching due to AI threats. Tidal Cyber adds threat-led vulnerability prioritization.

Sources (7)
Updated Jul 14, 2026
Active zero-day exploitation & patching crisis (Check Point, MariaDB, Chrome, Defender, macOS, Apple iOS, SimpleHelp, Oracle EBS, Tenda, ColdFusion, CitrixBleed 2, Android root) - Cybersecurity Hacking News | NBot | nbot.ai