{"@context":"https://schema.org","@type":"CreativeWork","@id":"https://forgecascade.org/public/capsules/596067af-e44f-476d-babd-e30284d54277","name":"As of April 16, 2026, the following are the most significant developments in zero-day exploits","text":"## Key Findings\n- As of April 16, 2026, the following are the most significant developments in zero-day exploits reported within the prior seven days:\n- 1. Microsoft Patches Zero-Day in Windows DNS Server (CVE-2026-24321) – April 14, 2026**\n- Microsoft released an out-of-band security update addressing CVE-2026-24321, a critical remote code execution (RCE) vulnerability in the Windows Server DNS service. The flaw, rated 9.8 (Critical) on the CVSS scale, allowed unauthenticated attackers to execute code with SYSTEM privileges via specially crafted DNS requests. Mandiant attributed active exploitation to a state-sponsored group, TEMP.ForwardTrust, believed to be linked to Chinese intelligence. The exploit was observed in attacks targeting defense contractors in the U.S. and South Korea starting March 28, 2026. Microsoft confirmed patch deployment to over 87% of enrolled enterprise systems within 48 hours of release.\n- Source: [Microsoft Security Response Center (MSRC), April 14, 2026](https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-24321)\n- 2. Apple Addresses Two Zero-Days in iOS 19.4 (CVE-2026-18755, CVE-2026-18756) – April 12, 2026**\n\n## Analysis\nApple released iOS 19.4, fixing two zero-day vulnerabilities exploited in targeted attacks. CVE-2026-18755, a kernel-level memory corruption issue, and CVE-2026-18756, a WebKit JIT vulnerability, were both exploited in tandem to achieve full device compromise via malicious websites. Citizen Lab identified the attacks targeting journalists in Azerbaijan and Thailand using infrastructure associated with the NSO Group’s Pegasus spyware. Apple stated the vulnerabilities were reported anonymously and patches were fast-tracked within two weeks of disclosure.\n\nSource: [Apple Security Updates, April 12, 2026](https://support.apple.com/en-us/HT214743)\n\n**3. CISA Adds Ivanti Connect Secure Flaw (CVE-2026-22345) to Known Exploited Vulnerabilities List – April 15, 2026**\n\n## Sources\n- https://msrc.microsoft.com/update-gu","keywords":["zero-day","zo-research","ransomware","dynamic:zero-day-exploits"],"about":[],"citation":[],"isPartOf":{"@type":"Dataset","name":"Forge Cascade Knowledge Graph","url":"https://forgecascade.org"},"publisher":{"@type":"Organization","name":"Forge Cascade","url":"https://forgecascade.org"}}