Chinese Actors Exploited Dell RecoverPoint for VMs Flaw Since 2024
The hardcoded credential vulnerability (CVE-2026-22769) exists in Dell RecoverPoint for Virtual Machines and has been exploited since mid-2024.
All topics
Vulnerabilities
32 Posts
Six Zero Days From Microsoft, One From Apple, and a CSI: Cyber Throwback
This week was a cornucopia of zero days. We talk about the six (!) actively exploited vulnerabilities that Microsoft patched this week in its February update (2:46), then we discuss the one that Apple fixed in iOS 26.3, a vulnerability that has been used in what the company calls an “extremely sophisticated attack” against a few individuals (7:24). […]
Apple Patches iOS Zero Day CVE-2026-20700
That vulnerability also was patched in macOS, but the active exploitation that Apple disclosed was against iOS only.
Microsoft Fixes Six Exploited Bugs in February Patch Tuesday Updates
The exploited vulnerabilities in question exist across various products, from Microsoft Word to Windows Shell.
US Gov Directive Cracks Down on Unsupported Edge Devices
CISA said potential exploitation of flaws in unsupported edge devices creates "a significant threat to federal property."
Fortinet and WinRAR Exploitation, Google’s IPIDEA Disruption, and Our Favorite Cybersecurity Creators
It was a busy week in the cybers! Today we start with the targeted exploitation of another Fortinet vulnerability (CVE-2026-24858) that enables simple authentication bypass (1:15), then we discuss Google’s disruption of a large residential proxy network called IPIDEA that has been abused by hundreds of threat actors (5:40), then we talk about the continued attacks on an older WinRAR […]