CISA has ordered U.S. agencies to immediately patch a VMware Tools zero day under active China linked exploitation, added critical WSUS and ICS flaws to its KEV list, and flagged live attacks on a Linux kernel bug. Meanwhile, Google enforces HTTPS defaults, Microsoft battles fresh zero days and AI powered phishing, and organizations scramble on encrypted DNS, BEC scams and AI defense strategies.
