Apple has patched a zero-day vulnerability, CVE-2026-20700, which allowed attackers to execute arbitrary code on devices. The flaw affected various Apple products, including iPhones and iPads, and was linked to sophisticated attacks on specific individuals. Users are urged to update their devices to the latest software versions for protection.

Microsoft released its first security update of 2026, fixing 112 vulnerabilities, including a zero-day in Desktop Window Manager that can leak sensitive information. While this zero-day is actively exploited, attackers need local access to the system to exploit it. Eight vulnerabilities were flagged as likely to be targeted this month.

Apple has released a security patch addressing a critical zero-day vulnerability identified as CVE-2025-43300, which could allow attackers to execute arbitrary code on affected devices. Users are urged to update their devices promptly to protect against potential exploitation of this flaw.

Apple has released a critical security patch addressing a zero-day vulnerability in its ImageIO framework, which has reportedly been exploited in targeted attacks. Users are urged to update their devices promptly to mitigate potential risks associated with this exploit.

A new zero-day vulnerability in Google Chrome is currently being exploited in the wild, allowing attackers to execute arbitrary code and potentially compromise user systems. Users are advised to update their browsers immediately to mitigate the risk of exploitation.

A critical zero-day vulnerability in SAP NetWeaver, identified as CVE-2025-31324, has been discovered, allowing attackers to execute remote code with elevated privileges. SAP has issued an urgent advisory for users to apply necessary patches to mitigate potential exploitation of this security flaw.