All CosmicBytez Labs articles tagged #Zero-Day, across news, security advisories, how-to guides, and projects.
The Inc ransomware group is actively exploiting two chained zero-day vulnerabilities in SonicWall Secure Mobile Access appliances. When combined, the flaws allow unauthenticated attackers to gain root-level control over SMA devices.
A security researcher has released a public Windows zero-day exploit called LegacyHive that allows local privilege escalation to SYSTEM on fully up-to-date Windows machines. No patch is available.
Security researcher Chaotic Eclipse released LegacyHive, a proof-of-concept exploit for a Windows User Profile Service privilege escalation vulnerability, just hours after Microsoft's July 2026 Patch Tuesday release.
SonicWall has issued an urgent advisory warning of two zero-day vulnerabilities in its SMA1000 appliances — CVE-2026-15409 and CVE-2026-15410 — that can be chained for unauthenticated remote code execution. Patches are available now.
Security firm Intruder built an AI-powered system that combines code slicing with large language models to automatically discover complex software vulnerabilities — including a previously unknown WordPress plugin zero-day.
Progress Software has confirmed a high-severity path traversal zero-day vulnerability in ShareFile Storage Zone Controller triggered the emergency shutdown order issued to on-premises customers on July 10, 2026. Emergency patches (versions 5.12.5 and 6.0.2) were released July 14, restoring customer access. All 5.x and 6.x versions are affected; cloud-only ShareFile accounts are not impacted.
SonicWall has issued an urgent advisory warning that two vulnerabilities in its SMA 1000 series secure remote access appliances are being actively exploited in chained zero-day attacks. CVE-2026-15409 (SSRF, CVSS 10.0) and CVE-2026-15410 (OS command injection) are combined to achieve full remote compromise. Patches are available; CISA has set a July 17 federal deadline.
This week: Progress ShareFile and SonicWall hit with chained zero-days, the US sanctions its first VPN provider, ShinyHunters walks into Salesforce through the front door, and a 1.6M-install browser extension was hiding a dormant data collector the whole time.
CISA has added two maximum-severity flaws in iCagenda and Balbooa Forms Joomla extensions to its KEV catalog following confirmed zero-day exploitation in the wild. Administrators should patch or mitigate immediately.
Researcher 'Nightmare-Eclipse' published a proof-of-concept exploit for a Windows Defender vulnerability in early June after dropping several other...
CVE-2025-27915, a stored XSS vulnerability in Zimbra's Classic Web Client, was exploited as a zero-day before public disclosure. Attackers used malicious...
Microsoft has patched a Windows Defender zero-day vulnerability dubbed RoguePlanet after researcher 'Nightmare-Eclipse' released a working...
Researchers at the AI Now Institute have demonstrated a 'Friendly Fire' attack that tricks AI coding agents — including Claude Code, Gemini CLI, and...
Brian Krebs investigates IRIS C2, an offensive cybersecurity startup dangling million-dollar zero-day payouts that is run by Jacob Wohl and Jack Burkman —...
Japanese telecommunications giant KDDI confirmed attackers breached a shared email platform used by six ISPs, exposing 12.2 million email addresses and...
A roundup of security stories you may have missed: an Anonymous-linked Canadian hacker receives a prison sentence, a researcher drops zero-days in open...
Threat actors who exploited the FortiBleed vulnerability to gain persistent access to thousands of Fortinet firewalls are now monetizing that access by...
The Microsoft Defender vulnerability CVE-2026-33825 was actively exploited as a zero-day by ransomware groups before Microsoft had the chance to release a...
CISA has confirmed that ransomware gangs are actively exploiting BlueHammer, a Microsoft Defender privilege escalation vulnerability previously used in...
A Microsoft Defender zero-day fuels ransomware before any patch exists; researchers dissect how syndicate groups run HR departments and tiered pricing;...
The National Association of Insurance Commissioners confirms ShinyHunters exploited an Oracle PeopleSoft zero-day but says only publicly available data,...
Nissan warns that current and former employees had data stolen after threat actors exploited an Oracle PeopleSoft zero-day vulnerability tied to the...
Mandiant has detailed an incident in which threat actors exploited a Cisco SD-WAN zero-day vulnerability to gain the highest possible access level at a...
Mandiant's post-incident analysis exposes a sophisticated multi-stage attack chain that exploited CVE-2026-20245 to plant a hidden root account on Cisco...
Groups like ShinyHunters are demonstrating that attackers do not necessarily need malware or zero-day exploits to cause massive damage — identity-based...
Security researchers at Paradigm Shift have published a working exploit called usbliter8 that achieves arbitrary code execution inside the SecureROM of...
Microsoft has confirmed it is developing a security patch for the RoguePlanet zero-day vulnerability in Windows Defender, disclosed publicly last week,...
A comprehensive breakdown of the most dangerous attack surface exposures organizations face in 2026 — from exposed admin panels and credential reuse to...
This week's security roundup covers an actively exploited Chrome zero-day, attackers abusing UniFi network controllers, fresh macOS infostealer campaigns,...
A critical zero-day vulnerability in Check Point's VPN products has been under active exploitation since at least early May 2026, with a Qilin ransomware...
Google's Threat Intelligence Group confirmed in-the-wild exploitation of Oracle PeopleSoft zero-day CVE-2026-35273 by ShinyHunters, even as Oracle...
The ShinyHunters hacking group exploited a critical Oracle PeopleSoft ERP zero-day (CVE-2026-35273) that disproportionately impacted American...
Microsoft has released a patch for CVE-2026-42897, an Exchange Server zero-day that has been under active exploitation since at least May 14, 2026. The...
Oracle has issued an emergency mitigation for CVE-2026-35273, a critical unauthenticated RCE flaw in PeopleSoft Suite being actively exploited by the...
The ShinyHunters group, tracked by Mandiant as UNC6240, has been exploiting CVE-2026-35273 in Oracle PeopleSoft to breach universities and higher...
A CVSS 9.8 unauthenticated remote code execution flaw in Oracle PeopleSoft Enterprise PeopleTools 8.61 and 8.62 is being actively exploited, with threat...
A seventh actively exploited zero-day in Cisco SD-WAN products this year — CVE-2026-20245 — is under attack with no patch yet available from Cisco.
Anonymous researcher Chaotic Eclipse released a PoC exploit for a new Microsoft Defender zero-day named RoguePlanet. The race condition flaw grants SYSTEM...
Microsoft's June 2026 Patch Tuesday is the largest single release on record, fixing 206 vulnerabilities across its software portfolio — including three...
Microsoft's June 2026 Patch Tuesday fixes three actively exploited Windows zero-days: two SYSTEM privilege escalation flaws and a BitLocker bypass...
A high-severity path traversal flaw (CVE-2026-5027, CVSS 8.8) in the AI application builder Langflow is being actively exploited with no patch available....
CISA ordered federal agencies to patch a critical Check Point Remote Access VPN flaw within 3 days after Qilin ransomware affiliates were confirmed...
A critical out-of-bounds read and write vulnerability in the Chromium V8 engine allows remote attackers to execute arbitrary code inside a sandbox via a...
An autonomous AI security agent found 21 previously unknown vulnerabilities in FFmpeg, the media library powering countless applications. The same week…
Hackers are actively exploiting a critical vulnerability (CVE-2026-3300) in the Everest Forms Pro WordPress plugin, enabling them to take complete control of…
Cisco has issued an emergency warning about an actively exploited, unpatched zero-day in Cisco Catalyst SD-WAN Manager (CVE-2026-20245) that enables root…
Acer is scrambling to address two maximum-severity zero-day vulnerabilities discovered in its Wave 7 mesh router lineup. Both flaws carry a CVSS score of 10.0…
A security researcher has released exploit code for a Visual Studio Code zero-day vulnerability that allows attackers to steal GitHub authentication tokens by…
An AI-generated ransomware toolkit automates EDR evasion; Windows Netlogon RCE is actively exploited on domain controllers; the Miasma campaign hits Red Hat…
Google's June 2026 Android security bulletin addresses 124 vulnerabilities including CVE-2025-48595, an actively exploited zero-day used in limited targeted…
Google's June 2026 Android security update patches 124 vulnerabilities including one zero-day flaw that has been actively exploited in targeted attacks…
Following intense backlash from the security research community over Microsoft's removal of GitHub researcher accounts and statements labeling zero-day…
After a disgruntled security researcher published several unpatched zero-day exploits in recent weeks, Microsoft seemingly indicated that criminal charges…
Palo Alto Networks warns that CVE-2026-0257, a CVSS 7.8 authentication bypass in PAN-OS GlobalProtect, is under active exploitation by hackers attempting...
Palo Alto Networks warns that CVE-2026-0257, a CVSS 7.8 authentication bypass in PAN-OS GlobalProtect and Prisma Access, is being actively exploited by...
Fortinet's April hotfix for the actively exploited CVE-2026-35616 FortiClient EMS flaw is now seeing renewed exploitation, as attackers continue targeting...
Microsoft publicly condemned unauthorized zero-day disclosures as 'never justifiable' after a security researcher published working proof-of-concept...
Microsoft condemns uncoordinated public zero-day disclosure, urging the security community to adopt CVD after removing a researcher's GitHub account.
An unpatched Gogs zero-day lets attackers gain RCE on internet-facing instances of the self-hosted Git service — no patch is currently available.
CISA has added a LiteSpeed cPanel plugin zero-day to its Known Exploited Vulnerabilities catalog after active exploitation allowed attackers to execute scripts.
A hardcoded machineKey value in KnowledgeDeliver's configuration enabled ViewState deserialization attacks leading to remote code execution and web shell.
Attackers exploited a critical zero-day vulnerability in KnowledgeDeliver LMS servers to deploy the Godzilla web shell, giving persistent backdoor access to.
A now-patched high-severity zero-day vulnerability in Digital Knowledge's KnowledgeDeliver LMS, a popular learning management system in Japan, was actively.
Microsoft patches a CVSS 8.8 SharePoint RCE; the Megalodon campaign poisons 5,561 GitHub repos in six hours; 7-Eleven's ShinyHunters breach hits 185,000; and a.
This week's security roundup covers Linux privilege escalation zero-days, actively exploited Windows Defender vulnerabilities, router botnets hijacking DNS.
Microsoft has disclosed two Windows Defender vulnerabilities under active exploitation in the wild, including CVE-2026-41091 — a privilege escalation flaw...
This week's threat intelligence bulletin covers Linux rootkit campaigns, an actively exploited router zero-day, AI-assisted intrusions, new scam kit...
Trend Micro has patched an Apex One zero-day vulnerability actively exploited in attacks targeting Windows systems. The flaw, discovered in the company's...
Google accidentally leaked information about an unpatched Chromium vulnerability that allows JavaScript to continue running in the background even after...
Microsoft has issued emergency patches for two Windows Defender vulnerabilities that were actively exploited as zero-days before fixes were available....
A Microsoft Exchange zero-day is being exploited with no patch in sight; Verizon DBIR 2026 marks a landmark shift — vulnerability exploitation now...
A zero-day XSS vulnerability in Microsoft Exchange Server (CVE-2026-42897) is being actively exploited in the wild, allowing attackers to compromise...
A new Windows kernel privilege escalation zero-day dubbed MiniPlasma, released by researcher Chaotic Eclipse, grants SYSTEM-level access on fully patched...
Pwn2Own Berlin 2026 has concluded with security researchers earning over $1.29 million in prizes after successfully exploiting 47 zero-day vulnerabilities...
This week's cybersecurity landscape opened with a critical Microsoft Exchange spoofing zero-day under active exploitation, a coordinated npm/PyPI supply...
A cybersecurity researcher has released a proof-of-concept exploit for a Windows privilege escalation zero-day dubbed MiniPlasma that lets attackers gain...
Cisco has patched CVE-2026-20182, a zero-day in Catalyst SD-WAN Manager that has been actively exploited in targeted attacks by sophisticated threat actor...
The threat group UAT-8616 is actively exploiting a new Cisco SD-WAN zero-day and has been linked to multiple prior Cisco firewall and SD-WAN vulnerability...
Microsoft has shared mitigations for CVE-2026-42897 until a permanent patch can be released for affected Exchange Server versions actively being targeted...
On day two of Pwn2Own Berlin 2026, competitors demonstrated 15 unique zero-day vulnerabilities and collected $385,750 in awards, successfully exploiting...
Microsoft shared mitigations for a high-severity Exchange Server vulnerability being actively exploited that allows threat actors to execute arbitrary...
Threat actors began exploiting CVE-2026-44338, a missing authentication flaw in the PraisonAI multi-agent orchestration framework, within just four hours...
A security researcher has publicly released two unpatched Windows zero-day exploits: YellowKey, a BitLocker bypass requiring physical access, and...
An anonymous researcher has publicly disclosed two new unpatched Windows zero-days — YellowKey enabling BitLocker bypass and GreenPlasma targeting CTFMON...
A cybersecurity researcher has published proof-of-concept exploits for two unpatched Windows vulnerabilities — YellowKey (BitLocker bypass) and...
Google confirms the first AI-generated zero-day in the wild; TeamPCP's Mini Shai-Hulud worm hits TanStack, Mistral AI, and Guardrails AI; Instructure pays...
SecurityWeek reports that Google has confirmed detecting the first known AI-generated zero-day exploit actively used in the wild. The exploit, designed to...
Google Threat Intelligence Group researchers say a zero-day exploit targeting a widely used open-source web administration tool was likely generated using...
Google has disclosed a landmark discovery: an unknown threat actor used an AI system to develop a zero-day exploit in the wild — the first confirmed...
A critical authentication bypass flaw in cPanel/WHM has triggered a wave of exploit activity, with multiple proof-of-concept exploits now public and...
Ivanti has disclosed a high-severity improper input validation vulnerability in Endpoint Manager Mobile (EPMM) that is being actively exploited in the...
Palo Alto Networks has disclosed that CVE-2026-0300, a critical CVSS 9.3 buffer overflow in the PAN-OS User-ID Authentication service, is being actively...
This week's ThreatsDay threat roundup covers Microsoft Edge storing passwords in plaintext, industrial control system zero-days under active exploitation,...
Ivanti has issued an urgent advisory warning customers to patch a high-severity remote code execution vulnerability in Endpoint Manager Mobile (EPMM) that...
A new unpatched Linux zero-day exploit dubbed 'Dirty Frag' allows local attackers to gain root privileges on virtually all major Linux distributions with...
CISA has added a high-severity Ivanti Endpoint Manager Mobile vulnerability to the Known Exploited Vulnerabilities catalog and issued an emergency...
Attackers are actively exploiting a new zero-day vulnerability in Ivanti Endpoint Manager Mobile (EPMM), the latest in a long series of critical flaws...
The critical CVE-2026-41940 authentication bypass vulnerability in cPanel, WHM, and WP Squared is being actively exploited in the wild and has been...
SentinelOne details how its AI-driven behavioral detection stopped three zero-day supply chain attacks at machine speed — without prior knowledge of the...
Microsoft released patches for 167 security vulnerabilities in April 2026, including an actively exploited SharePoint Server zero-day and the publicly...
SentinelOne's AI-driven behavioral defense stopped three recent zero-day supply chain attacks before any payload signatures existed — demonstrating how...
More than 1,300 internet-facing Microsoft SharePoint servers remain unpatched against a spoofing vulnerability exploited as a zero-day, with active...
Stolen credentials remain the dominant initial access vector in 2026 — no zero-days, no malware, just valid logins that blend in with normal activity...
Adobe has patched an actively exploited zero-day in Acrobat and Reader that threat actors have been weaponizing via malicious PDF files since at least...
OX Security analyzed 216 million security findings across 250 organizations over 90 days and found critical risk grew by nearly 400% year-over-year, even...
Microsoft's April 2026 Patch Tuesday addressed 169 CVEs — the second-largest monthly update in company history — including one actively exploited...
Microsoft's April 2026 Patch Tuesday addresses a record 169 security vulnerabilities including a SharePoint zero-day actively exploited in the wild, 8...
This week's threat roundup covers an unpatched Microsoft Defender zero-day, active SonicWall brute-force campaigns, a 17-year-old Excel RCE vulnerability...
Threat actors are actively exploiting three recently disclosed Windows security vulnerabilities that allow attackers to gain SYSTEM or elevated...
Huntress is warning that threat actors are actively exploiting three privilege escalation vulnerabilities in Microsoft Defender — codenamed BlueHammer,...
Anthropic's Claude Mythos Preview model can autonomously find and exploit zero-days across every major OS and browser at a 72.4% success rate — and it's...
A weekly roundup of notable cybersecurity stories: Iran-linked hackers wipe 200,000 Stryker devices, the BlueHammer Windows zero-day PoC goes public,...
A CVSS 10 critical vulnerability in the Sonos Era 300 smart speaker allows unauthenticated remote attackers to execute arbitrary code by exploiting an...
Threat actors have been exploiting an unpatched zero-day in Adobe Reader since at least November 2025, using specially crafted PDFs to fingerprint victims...
Attackers have been silently exploiting an unpatched zero-day vulnerability in Adobe Acrobat Reader since at least November 2025, using malicious PDFs to...
Anthropic's new Project Glasswing initiative uses a preview of its frontier model Claude Mythos to autonomously discover thousands of previously unknown...
A China-based threat cluster designated Storm-1175 has been linked to high-velocity ransomware attacks deploying Medusa payloads using chained zero-day...
SecurityWeek reports that the Medusa ransomware group has developed a dangerous capability: rapidly weaponizing newly disclosed vulnerabilities —...
Microsoft has raised the alarm over Medusa ransomware's unprecedented operational speed, with the group now exploiting zero-day vulnerabilities before...
Microsoft says the financially motivated cybercrime group Storm-1175, linked to China, has exploited N-day and zero-day vulnerabilities in high-velocity...
Storm-1175 runs sub-24-hour Medusa ransomware campaigns using zero-days; the FBI IC3 reports a record $21 billion in US cybercrime losses for 2025; North...
A security researcher operating under the aliases 'Chaotic Eclipse' and 'Nightmare-Eclipse' has publicly released exploit code for an unpatched Windows...
A critical zero-day in FortiClient EMS with a CVSS score of 9.8 is being actively exploited in the wild while Fortinet has released only an emergency...
Microsoft warns that Medusa ransomware operators are exploiting zero-day vulnerabilities approximately one week before public disclosure, enabling the...
Microsoft has formally attributed Medusa ransomware zero-day attacks to Storm-1175, a China-based financially motivated cybercriminal group that has...
This week's biggest cybersecurity stories: a North Korean supply chain attack hit the Axios npm package, a new Chrome zero-day under active exploitation,...
SentinelOne intercepts a LiteLLM supply chain attack in real time, attackers weaponize the Axios npm package to deploy a cross-platform RAT, and a Chrome...
Apple has extended security update eligibility to additional iPhone models still running iOS 18, enabling more devices to receive protections against the...
Google has patched the fourth Chrome zero-day vulnerability actively exploited in attacks this year, a use-after-free flaw in the Dawn graphics engine...
Threat actors have weaponized an unpatched zero-day in TrueConf conference server software to execute arbitrary files on all connected endpoints,...
Google has released a Chrome security update patching 21 vulnerabilities including a high-severity use-after-free zero-day in the Dawn graphics engine...
Anthropic's Claude AI assistant discovered remote code execution vulnerabilities in both Vim and GNU Emacs text editors using simple security research...
Citrix has patched two NetScaler ADC and Gateway vulnerabilities — including a critical CVSS 9.3 out-of-bounds read flaw eerily similar to the previously...
Researchers say the GitHub leak of the DarkSword iOS exploit chain — six chained vulnerabilities targeting iOS 18.4 through 18.7 — threatens to...
CISA orders federal agencies to patch five actively exploited vulnerabilities by April 3, including three Apple flaws linked to the DarkSword iOS exploit...
CVE-2026-20131, a maximum-severity CVSS 10.0 insecure deserialization flaw in Cisco Firepower Management Center, was exploited by Interlock ransomware as...
CVE-2026-33017, a CVSS 9.3 unauthenticated remote code execution vulnerability in the Langflow AI platform, was weaponized by threat actors within 20...
CISA added actively exploited Zimbra Collaboration Suite and Microsoft SharePoint vulnerabilities to its Known Exploited Vulnerabilities catalog on March...
The Interlock ransomware gang has been actively exploiting a CVSS 10.0 insecure deserialization flaw in Cisco Secure Firewall Management Center since late...
Security teams racing to patch every new zero-day are fighting the symptom, not the cause. Intruder's Head of Security argues that most organizations have...
Google's Threat Intelligence Group tracked 90 zero-day vulnerabilities actively exploited in 2025, with enterprise software and appliances accounting for...
This week: Google reports 90 zero-days exploited in 2025 with enterprise tech at 48%, CISA issues emergency directive for Cisco SD-WAN CVSS 10 zero-day,...
LexisNexis Legal & Professional confirms a data breach after threat actor FulcrumSec exploited an unpatched React2Shell vulnerability to exfiltrate 2.04...
A maximum-severity authentication bypass in Cisco Catalyst SD-WAN (CVE-2026-20127, CVSS 10.0) has been actively exploited by threat actor UAT-8616 since...
Google's March 2026 Android security bulletin addresses 129 vulnerabilities, including CVE-2026-21385 — an actively exploited zero-day in a Qualcomm...
A CVSS 10.0 authentication bypass in Cisco Catalyst SD-WAN has been exploited since at least 2023. CISA issues Emergency Directive ED 26-03 as all Five...
An actively exploited zero-day in Microsoft Word allows attackers to bypass OLE protections and execute malicious Office documents silently, without...
CrowdStrike's 2026 Global Threat Report reveals that AI-enabled adversary operations surged 89% year-over-year, the average eCrime breakout time dropped...
The U.S. Treasury sanctioned Russian zero-day exploit broker Operation Zero, its founder Sergey Zelenyuk, and affiliated entities after an FBI...
A critical pre-authentication remote code execution vulnerability in BeyondTrust Remote Support and Privileged Remote Access is under active exploitation,...
Google has patched CVE-2026-2441, a high-severity use-after-free vulnerability in Chrome's CSS component that has been actively exploited — the first...
Microsoft's February 2026 Patch Tuesday addresses roughly 60 vulnerabilities including six actively exploited zero-days across Windows, Office, and Azure...
A maximum-severity CVSS 10.0 hardcoded credentials vulnerability in Dell RecoverPoint for VMs has been under active exploitation by China-nexus threat...
The Warlock ransomware group exploited CVE-2026-23760, an authentication bypass zero-day in SmarterMail, to breach SmarterTools itself, compromise 12...
Apple has patched CVE-2026-20700, a memory corruption vulnerability in dyld used in 'extremely sophisticated' targeted attacks. Discovered by Google TAG,...
An actively exploited zero-day in Cisco Unified Communications allows unauthenticated remote code execution with root privileges via crafted HTTP...
Russia-linked APT28 (Fancy Bear) weaponized Microsoft Office CVE-2026-21509 within days of disclosure, deploying espionage implants against Ukrainian...
A high-severity use-after-free vulnerability in Chrome's CSS engine is being actively exploited in the wild. Google's first in-the-wild Chrome zero-day of...
Two critical Ivanti Endpoint Manager Mobile zero-days with CVSS 9.8 were exploited to breach the Dutch Data Protection Authority, European Commission, and...
Chrome's first zero-day of 2026, Ivanti EPMM breaches across EU governments, APT28's record-fast exploit weaponization, and the Cloudflare BGP outage that...
Apple releases emergency patches across all platforms for a memory corruption vulnerability in the Dynamic Link Editor (dyld) that was exploited in...
Peter Williams, former GM of L3Harris's cyber subsidiary Trenchant, admits to selling eight zero-day exploit kits to a Russian broker for $1.3M in...
Microsoft's February 2026 Patch Tuesday addresses 60 vulnerabilities including 6 actively exploited zero-days and 3 publicly disclosed issues, with...
Actively exploited zero-day in Windows RDS allows authenticated attackers with low privileges to escalate to SYSTEM. Public exploit code available....
A critical zero-day in BeyondTrust Remote Support and Privileged Remote Access enables unauthenticated command execution, potentially compromising entire...
Singapore discloses that APT group UNC3886 conducted a targeted espionage campaign against M1, SIMBA, Singtel, and StarHub using a previously unknown...
Actively exploited Windows Shell vulnerability bypasses SmartScreen protection, allowing malicious files to execute without security warnings. Patch...
Critical Exchange and FortiOS zero-days, AI deepfake phishing surge, CISA zero trust mandate, post-quantum cryptography goes live, and the expanding RaaS...
Google has released an emergency Chrome update to fix a zero-day vulnerability being actively exploited in targeted attacks against journalists and activists.
Sophisticated attack chain leverages compromised SonicWall VPN and VMware ESXi vulnerabilities to break out of virtual machine isolation and compromise...
Microsoft's first security update of 2026 addresses 114 vulnerabilities including three zero-days. One flaw is actively exploited in the wild with CISA...
Apple has released security updates for iOS, macOS, watchOS, and tvOS addressing multiple actively exploited vulnerabilities. Users urged to update immediately.