1. Microsoft released a record number of security patches for June 2026 including fixes for YellowKey and GreenPlasma zero day vulnerabilities (https://www.bleepingcomputer.com/news/microsoft/microsoft-patches-yellowkey-greenplasma-miniplasma-zero-days/) 2. A new Microsoft Defender zero day exploit named RoguePlanet was released by a researcher granting SYSTEM privileges on updated Windows systems (https://www.bleepingcomputer.com/news/microsoft/microsoft-defender-rogueplanet-zero-day-grants-system-privileges/) 3. ServiceNow confirmed that threat actors exploited a flaw to gain unauthorized access to customer instances (https://thehackernews.com/2026/06/servicenow-flaw-exploited-to-gain.html) 4. Ivanti patched…
Posts published in “CyberSec report”
1. Miasma malware has impacted 73 Microsoft GitHub repositories leading to security concerns regarding repository integrity (Reddit). 2. Threat actor UNC3753 is conducting a financially motivated data theft and extortion campaign against U.S. professional and financial services (The Hacker News). 3. Over 20000 Instagram accounts were hijacked after attackers abused Meta AI support systems to reset user passwords (Bleeping Computer). 4. Hackers are actively exploiting…
1. CISA added the high severity SolarWinds Serv-U denial of service vulnerability CVE-2026-28318 to its Known Exploited Vulnerabilities catalog following reports of active exploitation (The Hacker News). 2. Cisco warned that the high severity vulnerability CVE-2026-20245 in Catalyst SD-WAN Manager is currently being exploited in the wild with no patch yet available (The Hacker News). 3. The Miasma self-replicating supply chain attack has compromised 73…
1. CISA added the critical Magento RCE vulnerability CVE-2026-45247 to its Known Exploited Vulnerabilities catalog following reports of active exploitation (The Hacker News). 2. A large scale malvertising campaign is using fake websites mimicking open source tools to distribute malware families like Remus Stealer and SessionGate (The Hacker News). 3. Attackers successfully compromised a senior executive at a global stock exchange, maintaining access to their…
1. A supply chain attack compromised Red Hat npm packages to distribute the Miasma credential stealing worm (thehackernews.com). 2. A critical Windows Netlogon remote code execution vulnerability is being actively exploited in the wild (bleepingcomputer.com). 3. Nearly 2000 WordPress sites were infected with malware using Steam profiles as command and control infrastructure (bleepingcomputer.com). 4. The Pakistan linked SideCopy group is targeting the Afghanistan Ministry of…
1. Palo Alto Networks confirmed that CVE-2026-0257, an authentication bypass vulnerability in PAN-OS GlobalProtect, is under active exploitation in the wild. (The Hacker News) 2. Attackers are actively exploiting the GlobalProtect authentication bypass flaw to establish unauthorized VPN connections to corporate networks. (BleepingComputer) 3. A new local privilege escalation vulnerability named CIFSwitch has been identified in the Linux kernel, allowing attackers to gain root access…
1. Palo Alto Networks confirmed that CVE-2026-0257, an authentication bypass vulnerability in PAN-OS and Prisma Access, is currently under active exploitation (thehackernews.com). 2. Dutch authorities successfully dismantled a massive botnet consisting of 17 million infected devices and seized over 200 associated servers (bleepingcomputer.com). 3. A Russian-linked threat actor named GREYVIBE has been identified conducting persistent AI-powered cyberattacks against Ukrainian entities since August 2025 (thehackernews.com). 4.…
1. A new phishing campaign targeting Japanese online banking users is utilizing a domain and branding typo related to PayPoy (https://www.reddit.com/r/cybersecurity/comments/1tpvisr/new_phishing_campaign_targeting_japanese_online/). 2. Threat actor JINX-0164 is targeting cryptocurrency firms using fake recruiter lures and custom macOS malware to facilitate asset theft (https://thehackernews.com/2026/05/jinx-0164-targets-cryptocurrency-firms.html). 3. A malicious npm package named mouse5212-super-formatter was discovered stealing files from the local directory used by the Claude AI tool (https://thehackernews.com/2026/05/malicious-npm-package-stole-files-from.html). 4.…
1. The ShinyHunters extortion group breached 7-Eleven systems and leaked a 9.4GB database containing personal information of over 183,000 individuals (BleepingComputer). 2. Threat actors are actively exploiting a critical SQL injection vulnerability in Ghost CMS, tracked as CVE-2026-26980, to compromise over 700 websites (The Hacker News). 3. CISA has issued an emergency directive for U.S. federal agencies to patch an actively exploited SQL injection vulnerability…
1. A critical SQL injection vulnerability in Drupal Core tracked as CVE-2026-9082 is being actively exploited with over 15000 attempts recorded across 6000 sites (The Hacker News). 2. The LiteSpeed User-End cPanel Plugin is under active exploitation via CVE-2026-48172 which allows attackers to execute arbitrary scripts with root privileges (The Hacker News). 3. The Megalodon campaign compromised over 5500 GitHub repositories within six hours by…