1. CISA added a critical Splunk Enterprise remote code execution vulnerability CVE-2026-20253 to its known exploited vulnerabilities catalog after reports of active exploitation (https://www.reddit.com/r/cybersecurity/comments/1ua3npz/cisa_adds_splunk_enterprise_rce_cve202620253_to/).
2. International law enforcement agencies disrupted the SocGholish botnet infrastructure and cleaned nearly 15000 infected WordPress sites in an operation linked to the Evil Corp cybercrime group (https://thehackernews.com/2026/06/operation-endgame-disrupts-socgholish.html).
3. CISA issued a warning regarding the FortiBleed campaign which has compromised over 86000 internet-accessible FortiGate devices (https://thehackernews.com/2026/06/cisa-warns-fortinet-customers-as.html).
4. The Icarus extortion group claimed responsibility for a breach at Klue that involved the theft of OAuth tokens used for Salesforce environment access (https://www.bleepingcomputer.com/news/security/klue-oauth-breach-victim-list-grows-as-icarus-hackers-claim-attack/).
5. A data breach at a Texas government vendor resulted in the exposure of personal information including driver licenses and passports for over 3 million individuals (https://www.bleepingcomputer.com/news/security/texas-govt-data-breach-exposes-over-3-million-drivers-licenses/).
6. Researchers identified an unauthenticated information disclosure vulnerability in the Gravity SMTP WordPress plugin that is currently being exploited by threat actors (https://www.bleepingcomputer.com/news/security/hackers-exploit-info-disclosure-bug-in-gravity-smtp-wordpress-plugin/).
7. The Gentlemen ransomware-as-a-service operation is deploying a custom EDR-killing framework called GentleKiller to impair security defenses on target systems (https://thehackernews.com/2026/06/the-gentlemen-raas-uses-gentlekiller.html).
8. Microsoft researchers detailed an exploit chain named AutoJack that allows malicious web pages to hijack AI browsing agents for remote code execution on host machines (https://thehackernews.com/2026/06/autojack-attack-lets-one-web-page.html).
9. Security researchers published details on an unpatchable exploit dubbed usbliter8 that achieves arbitrary code execution in the SecureROM of Apple A12 and A13 chips (https://thehackernews.com/2026/06/unpatchable-usbliter8-exploit-breaks.html).
10. Apple released patches for a vulnerability in Beats Studio Buds that allowed nearby attackers to eavesdrop via the device microphone (https://www.reddit.com/r/cybersecurity/comments/1ua2faw/apple_patches_eavesdropping_vulnerability_in/).
11. A crypto-clipper malware campaign is actively abusing fake reviews, AI-generated narrators, and VirusTotal comments to distribute malicious software (https://www.reddit.com/r/cybersecurity/comments/1uaj1sh/crypto_clipper_campaign_abuses_fake_reviews_ai/).
12. A use-after-free vulnerability identified as CVE-2026-42530 was reported in the QPACK encoder of nginx HTTP/3 (https://www.reddit.com/r/cybersecurity/comments/1uab93o/useafterfree_in_the_qpack_encoder_of_nginx_http3/).
Be First to Comment