Exploit Blog- 2026 2025 2024 2023 2022 2021 2020 2019 2018
APT blog Attack blog BigBrother blog BotNet blog Cyber blog Cryptocurrency blog Exploit blog Hacking blog ICS blog Incident blog IoT blog Malware blog OS Blog Phishing blog Ransom blog Safety blog Security blog Social blog Spam blog Vulnerebility blog
DATE | NAME | Info | CATEG. | WEB |
| 11.4.26 | Adobe Reader zero-day vulnerability in active exploitation | On April 7, 2026, a security researcher described an Adobe Reader zero-day vulnerability that has been exploited since at least December 2025. The vulnerability allows threat actors to execute privileged Acrobat APIs via specially crafted malicious PDF files that execute obfuscated JavaScript when opened. Exploitation allows attackers to steal sensitive user and system data and to potentially launch additional attacks and remotely execute code. | Exploit blog | SOPHOS |
| 8.3.26 | Look What You Made Us Patch: 2025 Zero-Days in Review | Google Threat Intelligence Group (GTIG) tracked 90 zero-day vulnerabilities exploited in-the-wild in 2025. Although that volume of zero-days is lower than the record high observed in 2023 (100), it is higher than 2024’s count (78) and remained within the 60–100 range established over the previous four years, indicating a trend toward stabilization at these levels. | Exploit blog | GTI |
| 1.2.26 | PeckBirdy: A Versatile Script Framework for LOLBins Exploitation Used by China-aligned Threat Groups | PeckBirdy is a sophisticated JScript-based C&C framework used by China-aligned APT groups to exploit LOLBins across multiple environments, delivering advanced backdoors to target gambling industries and Asian government entities. | Exploit blog | Trend Micro |
| 17.1.26 | A 0-click exploit chain for the Pixel 9 Part 3: Where do we go from here? | While our previous two blog posts provided technical recommendations for increasing the effort required by attackers to develop 0-click exploit chains, our experience finding, reporting and exploiting these vulnerabilities highlighted some broader issues in the Android ecosystem. This post describes the problems we encountered and recommendations for improvement. | Exploit blog | Project Zero |
| 17.1.26 | A 0-click exploit chain for the Pixel 9 Part 2: Cracking the Sandbox with a Big Wave | With the advent of a potential Dolby Unified Decoder RCE exploit, it seemed prudent to see what kind of Linux kernel drivers might be accessible from the resulting userland context, the mediacodec context. As per the AOSP documentation, the mediacodec SELinux context is intended to be a constrained (a.k.a sandboxed) context where non-secure software decoders are utilized. Nevertheless, using my DriverCartographer tool, I discovered an interesting device driver, /dev/bigwave that was accessible from the mediacodec SELinux context. | Exploit blog | Project Zero |
| 17.1.26 | A 0-click exploit chain for the Pixel 9 Part 1: Decoding Dolby | Over the past few years, several AI-powered features have been added to mobile phones that allow users to better search and understand their messages. One effect of this change is increased 0-click attack surface, as efficient analysis often requires message media to be decoded before the message is opened by the user. | Exploit blog | Project Zero |
| 10.1.26 | CISA Known Exploited Vulnerabilities Surged 20% in 2025 | CISA’s Known Exploited Vulnerabilities (KEV) catalog grew by 20% in 2025, including 24 vulnerabilities exploited by ransomware groups. | Exploit blog |