1. Cisco released security updates for a vulnerability in Catalyst SD-WAN Manager tracked as CVE-2026-20262 which is currently being exploited in the wild (thehackernews.com).
2. CISA added the LiteSpeed cPanel Plugin vulnerability CVE-2026-54420 to its Known Exploited Vulnerabilities catalog due to active exploitation for root privilege escalation (thehackernews.com).
3. Threat actors are actively exploiting multiple critical vulnerabilities in the Fortinet FortiSandbox platform to compromise systems (bleepingcomputer.com).
4. The North Korean state-sponsored group ScarCruft is using fake Microsoft security alerts to distribute NarwhalRAT malware (thehackernews.com).
5. A China-linked threat actor identified as UNC6508 compromised REDCap research servers to steal sensitive data from North American medical and military institutions (cloud.google.com).
6. Researchers discovered a critical vulnerability chain in Microsoft 365 Copilot called SearchLeak that allowed one-click exfiltration of emails and files (thehackernews.com).
7. Windows variants of the SprySOCKS Linux malware have been deployed in targeted attacks against government organizations in at least four countries (bleepingcomputer.com).
8. The ShinyHunters extortion group is responsible for a data breach at the University of Nottingham affecting over 450000 student records (research.checkpoint.com).
9. Digital healthcare company iRhythm Holdings disclosed a data breach involving the theft of patient personal and health information from third-party applications (bleepingcomputer.com).
10. A supply-chain attack targeting the content distribution network of Awesome Motive compromised WordPress plugins including OptinMonster and PushEngage (bleepingcomputer.com).
11. A vulnerability in the SimpleHelp remote management software allows unauthenticated attackers to create unauthorized privileged technician accounts (bleepingcomputer.com).
12. A chain of three vulnerabilities in the LiteLLM open-source AI gateway allows low-privilege users to achieve full server takeover and execute code (thehackernews.com).
13. The Belarus-linked group Ghostwriter has expanded its phishing operations to target the personal Gmail accounts of Polish public figures (therecord.media).
14. The ShinyHunters group stole personal information from 137000 school staff accounts via a breach of the Infinite Campus student information system (bleepingcomputer.com).
15. The US state of Maine suspended its public data breach notification portal following the submission of fraudulent breach disclosures (bitdefender.com).
Be First to Comment