News

Microsoft Addresses 59 Vulnerabilities, Including Six Zero-Days

Luciano Ferrari

11 Feb 2026 — 2 min read

Wednesday, February 11, 2026

Top 5 Cybersecurity Stories You Should Know

Microsoft Addresses 59 Vulnerabilities, Including Six Zero-Days — tl;dr: Microsoft has released security updates for 59 vulnerabilities, including six that are actively exploited. The updates address critical issues such as privilege escalation and remote code execution, affecting various Microsoft software products. Organizations are urged to apply these patches promptly to mitigate potential risks. Notably, this patch cycle follows recent vulnerabilities in the Edge browser, emphasizing the importance of maintaining up-to-date security measures. Users should prioritize updating their systems to protect against these identified threats and ensure robust cybersecurity practices.
↪ https://thehackernews.com/
Chrome Zero-Day CVE-2025-6554: Importance of Zero Trust in Browser Security — tl;dr: The recent Chrome zero-day vulnerability, CVE-2025-6554, underscores the critical need for robust browser security measures. Attackers are increasingly exploiting such vulnerabilities, often before patches are available, putting sensitive data and business operations at risk. Organizations must adopt a layered Zero Trust approach to enhance their defenses against these threats. Regular updates and proactive security strategies are essential to safeguard against evolving cyber threats. Menlo Security emphasizes that traditional patching is insufficient, advocating for real-time protection solutions that maintain user experience while ensuring security.
↪ https://www.linkedin.com/posts/menlo-security_chrome-zero-day-why-browser-security-is-activity-7348477992660070416-sdcJ
Under Armour Data Breach 2025: Everest Ransomware Exposes 72.7M Customer Records — tl;dr: In late 2025, Under Armour suffered a major data breach attributed to the Everest ransomware group, compromising sensitive information of approximately 72.7 million customers, including names, email addresses, and purchase histories. Although payment systems and passwords were unaffected, the breach has led to class action lawsuits and raised significant privacy concerns. The attack utilized credential harvesting and double extortion tactics, with the stolen data published on hacker forums. Organizations are advised to enhance credential management, implement multi-factor authentication, and adopt robust endpoint detection solutions to mitigate similar risks.
↪ https://www.rescana.com/post/under-armour-customer-data-breach-2025-technical-analysis-of-everest-ransomware-attack-and-exposed
Kroll Reports 356% Surge in CVE and Zero-Day Cyber Attacks in Q4 2021 — tl;dr: Kroll's latest report reveals a staggering 356% increase in cyber attacks exploiting known Common Vulnerabilities and Exposures (CVEs) and zero-day vulnerabilities in Q4 2021 compared to the previous quarter. This alarming trend poses significant risks to organizations, as many may unknowingly use vulnerable software. Compliance officers are urged to implement robust patch management processes, conduct CVE/zero-day readiness assessments, and consider continuous monitoring solutions. The rise in these attacks highlights the critical need for organizations to prioritize cybersecurity measures to protect sensitive data and maintain operational integrity.
↪ https://www.corporatecomplianceinsights.com/common-and-zero-day-vulnerability-cyber-incidents-tripled-in-q4-2021/
Understanding Cybersecurity: Protecting Your Digital Life — tl;dr: Cybersecurity involves safeguarding networks, devices, and data from unauthorized access and criminal use, ensuring the confidentiality, integrity, and availability of information. As our reliance on technology grows, so do the risks associated with poor cybersecurity, including malware attacks and data theft. To enhance your cybersecurity, stay informed about threats, keep software updated, use strong passwords, implement multifactor authentication, and be cautious of phishing emails. For more guidance on improving your cybersecurity posture, refer to resources from the Cybersecurity and Infrastructure Security Agency (CISA).
↪ https://www.cisa.gov/news-events/news/what-cybersecurity