Trend Micro has patched a zero-day vulnerability in its Apex One security software that was actively exploited in the wild by suspected nation-state hackers. The flaw, tracked as CVE-2026-34926, allows attackers with local access and admin credentials to inject malicious code into on-premises Apex One servers, pushing it out to connected agents. CISA has added the vulnerability to its Known Exploited Vulnerabilities catalog and ordered federal agencies to patch systems by June 4th.