zero-day

Zero-Day by Default: Why Cisco FMC Should Reorder This Week's Patch Queue

John Z Black Mar 18, 2026

Vulnerabilities & Patching #cisco #fmc #zero-day #kev #patching #ransomware #vulnerability-management

Interlock operators have been exploiting a Cisco FMC zero-day since January. If you're still sorting patch queues by CVSS score, that's the problem.

Patch Chrome Now: Two Zero-Days Being Actively Exploited in the Wild

John Z Black Mar 14, 2026

Vulnerability #chrome #zero-day #cve-2026-3909 #google #patch #browser-security #v8 #skia

Google just patched two zero-days in Chrome 146 that were already being used in real attacks. Update now or stay exposed.

March Patch Tuesday: Two Zero-Days Already Public, Plus a SolarWinds Deadline That's Right Now

John Z Black Mar 12, 2026

Patch Tuesday #patch-tuesday #microsoft #zero-day #solarwinds #cisa #cve #vulnerability-management

Microsoft patched 79+ flaws including two publicly disclosed zero-days. No confirmed active exploitation yet, which is rare. But the SolarWinds Web Help Desk CISA deadline is today, and 'publicly disclosed' means attackers already have the blueprints.

Patch Week From Hell: Microsoft, Adobe, SAP, and HPE All Drop Critical Fixes at Once

John Z Black Mar 11, 2026

Vulnerability Management #patch-tuesday #microsoft #adobe #sap #hpe #zero-day #vulnerability-management

March 2026 might be the worst coordinated patching week in years. Microsoft, Adobe, SAP, and HPE all dropped critical fixes in the same 48-hour window. Here's what to patch first.