CIRCLE WITH A DOT

[ZDI-26-124|CVE-2025-15060] claude-hovercraft executeClaudeCode Command Injection Remote Code Execution Vulnerability (CVSS 9.8; Credit: Peter Girnus of Trend Research) https://zerodayinitiative.com/advisories/ZDI-26-124/

Heading to the #[un]prompted conference next week? Be sure to catch @gothburz's talk on "FENRIR: AI Hunting for AI Zero-Days at Scale" His talk shows how we're FENRIR has detected over 100+ CVEs since mid-2025. Don't miss it. unpromptedcon.org

CVE-2026-20841: Arbitrary Code Execution in the Windows Notepad - The TrendAI Research team takes a deep dive into this recently patched file parsing bug to show you root cause, source code walk through, and provide detection guidance. Read the details at https://www.zerodayinitiative.com/blog/2026/2/19/cve-2026-20841-arbitrary-code-execution-in-the-windows-notepad

Microsoft report six(!) exploits in the wild while Adobe has a small (and relatively quiet) month. Join @TheDustinChilds from Tokyo as he breaks down the release and shows you what to watch for. https://www.zerodayinitiative.com/blog/2026/2/10/the-february-2026-security-update-review

@muelli not sure, haven’t looked at it for a long time. What are you thinking about?