Edge-device zero-day is being exploited before a patch exists
A pre-auth remote code execution bug in a widely deployed edge gateway is under active exploitation with no vendor fix yet. Workarounds exist — apply them and watch your logs closely.
Telemetry from multiple responders points to coordinated exploitation of an unauthenticated RCE in a popular edge gateway. There is no patch at time of writing, only vendor-provided mitigations.
Observed post-exploitation activity includes webshell drops and credential harvesting, consistent with an access broker stockpiling footholds to resell.
Until a fix ships: restrict management interfaces to trusted networks, apply the vendor workaround, and hunt for the published indicators.
This summary was generated from open reporting. Read the full original article ↗
Related
Drupal Patches Highly Critical Vulnerability Exposing Websites to Hacking
CVE-2026-9082 can be exploited without authentication for information disclosure, privilege escalation, and remote code execution. The post Drupal Patches Highly Critical Vulnerability Exposing Websites to Hacking appeared first on SecurityWeek .
Microsoft warns of new Defender zero-days exploited in attacks
On Wednesday, Microsoft started rolling out security patches for two Defender vulnerabilities that have been exploited in zero-day attacks. [...]
9-Year-Old Linux Kernel Flaw Enables Root Command Execution on Major Distros
Cybersecurity researchers have disclosed details of a vulnerability in the Linux kernel that remained undetected for nine years. The vulnerability, tracked as CVE-2026-46333 (CVSS score: 5.5), is a case of improper privilege management that could permit an unprivileged local user to disclose sensitive files and execute arbitrary commands as root on default installations of several major
Discussion
Loading discussion…