🐛 COMMON VULNERABILITIES AND EXPOSURES 8[−]
12 JunShinyHunters Exploits Oracle PeopleSoft Zero-Day (CVE-2026-35273) to Breach UniversitiesThe ShinyHunters extortion crew exploited an unpatched flaw in Oracle PeopleSoft to break into enterprise systems, steal data, and demand payment to keep it private. The campaign hit universities hardest. Google's Mandiant attributes it to the group it tracks as UNC6240, and date…THEHACKERNEWS.COM
12 JunGoogle Confirms Exploitation of Oracle PeopleSoft Zero-Day by ShinyHuntersOracle has mitigated CVE-2026-35273, but it has not publicly confirmed the vulnerability’s in-the-wild exploitation. The post Google Confirms Exploitation of Oracle PeopleSoft Zero-Day by ShinyHunters appeared first on SecurityWeek .SECURITYWEEK.COM
12 JunCVE-2026-46643 Snappy: Binary path is never shell-escaped due to an inverted is_executable checkInformation published.MSRC.MICROSOFT.COM
12 JunCVE-2026-46683 Snappy: SSRF and local file read via the xsl-style-sheet optionInformation published.MSRC.MICROSOFT.COM
12 Jun KEVOracle PeopleSoft zero‑day fuels ShinyHunters extortion spreeA newly disclosed Oracle PeopleSoft zero-day became the weapon of choice in a recent ShinyHunters extortion campaign that primarily targeted universities and other educational institutes. Attackers exploited the critical remote code execution (RCE) flaw in PeopleSoft’s Environmen…CSOONLINE.COM
12 Jun KEVResearchers release details, PoC for exploited Check Point VPN flaw (CVE-2026-50751)WatchTowr researchers have disclosed a technical analysis and a “Detection Artefact Generator” for CVE-2026-50751, an authentication bypass flaw in Check Point’s Remote Access VPN and Mobile Access, which the vendor confirmed to be actively exploited. The attack…HELPNETSECURITY.COM
12 Jun KEVActive Exploitation of Oracle PeopleSoft Zero-Day (CVE-2026-35273)Overview On June 10, 2026, Oracle published a security alert for CVE-2026-35273 , a critical vulnerability in the Updates Environment Management component of PeopleSoft Enterprise PeopleTools. Oracle released an out-of-band patch the same day as the advisory, underscoring the urg…RAPID7.COM
12 JunGoogle warns of Oracle PeopleSoft attacks hitting universitiesGoogle's Mandiant and Google Threat Intelligence Group (GTIG) say the ShinyHunters extortion group exploited a critical Oracle PeopleSoft vulnerability as a zero-day to compromise education institutes. The activity, tracked as UNC6240, was observed between May 27 and June 9 and i…CYBERINSIDER.COM
⚠️ VULNERABILITY DISCLOSURE 22[−]
12 JunAnthropic Warns AI Risks Are Real, RoguePlanet Zero-Day Drops, Crypto Laundering TakedownAnthropic is calling for governments to have the authority to stop deployment of advanced AI systems that pose unacceptable risks. CEO Dario Amodei points to the company's Mythos cybersecurity model as proof that AI has become a matter of national and strategic consequence, warni…CYBERSECURITYTODAY.LIBSYN.COM
12 JunComcast Business SecurityEdge Preferred strengthens security for small businessesComcast Business announced SecurityEdge Preferred, its most advanced network-native cybersecurity solution for small businesses. Because SecurityEdge Preferred is built directly into the Comcast Business network, security can be activated in minutes without deploying additional h…HELPNETSECURITY.COM
12 Jun‘Harvest now, decipher later’: The quantum threat few are preparing forQuantum technology may feel far off but certain risks are already with us in the form of “harvest now, decrypt later” — an attack vector in which malicious actors steal data now for a future in which they have access to quantum computational tools capable of breaking encryption d…CSOONLINE.COM
12 JunAuthorities dismantle crypto laundering service that moved €336 million for cybercriminalsAn international law enforcement operation has dismantled a cryptocurrency laundering service linked to ransomware groups and other cybercriminals that processed more than €336 million in illicit funds. The domain seizure notice (Source: Europol) Europol said the service, known a…HELPNETSECURITY.COM
12 Jun KEVCISA orders feds to patch actively exploited Ivanti flaw by SundayThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) ordered government agencies to patch an actively exploited Ivanti Sentry flaw within three days, as mandated by the newly issued Binding Operational Directive (BOD) 26-04. [...]BLEEPINGCOMPUTER.COM
12 JunLangGraph Flaw Chain Exposes Self-Hosted AI Agents to Remote Code ExecutionCybersecurity researchers have disclosed details of three now-patched security flaws impacting LangGraph, including a critical vulnerability chain that could result in remote code execution. LangGraph is an open-source framework created by LangChain to build complex, stateful, an…THEHACKERNEWS.COM
12 JunAI is exposing the biggest weakness in cybersecurity: We never built a health model. Until now!For 30 years, cybersecurity has operated like an emergency room. Reactive. Crisis-driven. Always triaging. We are extraordinarily good at it — our detection is faster, our response playbooks are sharper, our incident teams are more capable than they have ever been. When something…CSOONLINE.COM
12 JunIvanti Sentry Exploitation Attempts Hitting HoneypotsThe critical-severity OS command injection vulnerability allows attackers to execute arbitrary code with root privileges. The post Ivanti Sentry Exploitation Attempts Hitting Honeypots appeared first on SecurityWeek .SECURITYWEEK.COM
12 JunChrome 149 Update Patches 28 VulnerabilitiesThe browser refresh resolved critical and high-severity security defects, including a dozen use-after-free bugs. The post Chrome 149 Update Patches 28 Vulnerabilities appeared first on SecurityWeek .SECURITYWEEK.COM
12 JunPrompt injection breaks today’s AI agents, study warnsToday’s AI web agents have no dependable defenses against prompt injection, according to new research showing that not a single attack scenario was consistently blocked across leading systems powered by GPT‑5 and Gemini. The findings come from StakeBench, a stakeholder-centric be…CSOONLINE.COM
12 JunPharma giant Novo Nordisk discloses breach of clinical trials dataDanish pharmaceutical giant Novo Nordisk, the world's largest producer of insulin, disclosed a data breach affecting patient information from some clinical trials. [...]BLEEPINGCOMPUTER.COM
12 Jun KEVFactoring "short-sleeve" RSA keys with polynomialsWhat happens when the bits of an RSA private key are heavily biased toward 0 instead of being randomly generated? The public key’s bits could be biased enough for us to detect these incorrectly generated keys in the wild. Together with Hanno Böck of the badkeys project, we found …TRAILOFBITS.COM
12 JunAgentjacking Attack Tricks AI Coding Agents Into Running Malicious CodeCybersecurity researchers have described what they say is a new class of attack that can trick artificial intelligence (AI) coding agents into running arbitrary code on developer machines. Called Agentjacking by Tenet Security, the attack can be triggered by means of a fake error…THEHACKERNEWS.COM
12 JunSecurity Tools Are Breaking SOCsMany organizations now operate dozens of security tools across incident response, threat intelligence, detection, investigation, and remediation. While these tools increasingly include AI features, they often lack proper integration across platforms. This creates operational frag…YOUTUBE.COM
12 JunCISA directs agencies to “patch smarter, not harder.”Anthropic rejects Fable 5 jailbreak claims. Google confirms ShinyHunters exploited a critical Oracle PeopleSoft vulnerability.THECYBERWIRE.COM
12 JunShinyHunters linked to exploitation of critical flaw in Oracle PeopleSoftMore than 100 organizations, more than two-thirds in higher education, have been notified of potential impact.CYBERSECURITYDIVE.COM
12 JunShinyHunters is actively extorting universities after exploiting an unpatched Oracle flawOracle still hasn't patched the vulnerability the group has been using in its attacks since late May. The post ShinyHunters is actively extorting universities after exploiting an unpatched Oracle flaw appeared first on CyberScoop .CYBERSCOOP.COM
12 JunphpBB forum fixes auth bypass bug lurking for a decadeA 10-year-old authentication bypass vulnerability discovered in the phpBB forum software allows an attacker to log in as any user, including administrators. [...]BLEEPINGCOMPUTER.COM
12 JunDeadline-driven defense.CISA directs agencies to “patch smarter, not harder.” The House fails to extend FISA. Europol pulls over AudiA6. GitHub announces npm security updates. Anthropic rejects Fable 5 jailbreak claims. CISA gives feds three days to patch a critical Ivanti Sentry vulnerability. Google c…THECYBERWIRE.COM
12 JunShinyHunters Uses Oracle Zero-Day to Rampage Higher EdA major bug in Oracle's ERP software disproportionately affected American universities, and hackers have capitalized by stealing gobs of data.DARKREADING.COM
12 JunGreatXML zero-day BitLocker bypass doesn’t seem to work, yetA disgruntled researcher who has been publishing zero-day Microsoft Windows vulnerabilities for the past several months released a new exploit Thursday that promises to bypass BitLocker encryption on locked devices. A well respected security expert reported that the exploit doesn…CSOONLINE.COM
12 Jun KEVShiny Hunters Hit PeopleSoftOracle mitigated a critical PeopleSoft vulnerability affecting PeopleTools versions 8.61 and 8.62. Reports indicate the vulnerability was actively exploited as a zero-day by the group known as Shiny Hunters to access organizational data. The issue was described as an unauthentica…YOUTUBE.COM
📢 SECURITY ADVISORIES 4[−]
12 JunHow to use NIST and ISO frameworks to govern AI agentsSecurity leaders no longer need convincing that AI agents introduce risk. What’s missing is how to govern them once they move into production and begin operating autonomously across enterprise environments. AI agents already read sensitive documents, invoke internal APIs, trigger…HELPNETSECURITY.COM
12 JunINTERPOL Operation Takes Down Sniper Dz Phishing Platform, Arrests AdministratorAn INTERPOL-led operation last month resulted in the disruption of Sniper Dz, a decade-long phishing-as-a-service (PhaaS) platform, Group-IB said Thursday. The effort, codenamed Operation Ramz, took place between October 2025 and February 2026, and saw authorities from 13 countri…THEHACKERNEWS.COM
12 JunFrench government’s secure messaging system breachedAn intruder has breached the French government’s encrypted messaging service, Tchap, showing once again that human error is a weak spot in any security system. Tchap was developed in France as an example of national sovereignty and was designed to be a more secure option than Wha…CSOONLINE.COM
12 JunWarrantless wiretaps cut off for a week following US Congress voteLawmakers have failed to extend a surveillance law that allows US intelligence agencies to monitor targets abroad without a warrant. Congress rejected a vote to extend Section 702 of the Foreign Intelligence Surveillance Act to July 2, which means, for a few days at least, some s…CSOONLINE.COM
🔥 INCIDENT REPORTING 11[−]
12 JunEuropol Disrupts AudiA6 Crypto Laundering Service Used by Ransomware GangsAuthorities in Europe have disrupted AudiA6, a cryptocurrency laundering service used by ransomware gangs and cybercriminal networks. Europol, in a statement issued Thursday, said the dismantling of AudiA6 cut off a "key financial pipeline used to wash hundreds of millions in ill…THEHACKERNEWS.COM
12 JunOver 73,000 French govt employees affected in Tchap messenger breachThe French government revealed that a recent breach of its Tchap encrypted messaging platform affects the accounts of over 73,000 employees in the French public sector. [...]BLEEPINGCOMPUTER.COM
12 JunRansomware Payment Crypto Laundering Platform Taken Out by FBI and EuropolDomain of dark web money laundering platform AudiA6 seized and suspects arrested in joint operation by the FBI, Europol and othersINFOSECURITY-MAGAZINE.COM
12 JunSouth Korea hits Coupang with record $409 million fine over data breachThe penalty is the largest ever issued by the commission for a personal data breach, surpassing the record 134.8 billion won ($88.8 million) fine levied against SK Telecom earlier this year.THERECORD.MEDIA
12 JunAgentic AI surges in financial sector even as many firms fail to manage security risksOne-fifth of firms aren’t even sure if they’ve been hacked through their AI tools, according to a new report.CYBERSECURITYDIVE.COM
12 JunIn Other News: Google Security Layoffs, AudiA6 Takedown, $400 Million Coupang FineOther noteworthy stories that might have slipped under the radar: ICS device exposure remains flat as attack surface widens, Microsoft issues incident response playbook for AI, IBM and AT&T accused of hack cover-ups. The post In Other News: Google Security Layoffs, AudiA6 Ta…SECURITYWEEK.COM
12 JunBankruptcy admin approves settlement fund of $47 million for 23andMe data breach victimsAbout 7 million customers of the genetics testing company had their data stolen by hackers starting in April 2023, and many had their information posted on the dark web.THERECORD.MEDIA
12 JunConti ransomware group member pleads guilty, faces up to 20 years in prisonOleksii Lytvynenko, a 44-year-old Ukrainian national, admitted to joining the prolific cybercrime group in 2021. Officials said he engaged in cybercrime up until his arrest in Ireland in 2023. The post Conti ransomware group member pleads guilty, faces up to 20 years in prison ap…CYBERSCOOP.COM
12 JunUkrainian national pleads guilty to role in Conti ransomware operationA Ukrainian national extradited from Ireland to the United States last year has pleaded guilty to conspiracy charges tied to the Conti ransomware operation. [...]BLEEPINGCOMPUTER.COM
12 JunOver 400 Arch Linux packages compromised to push rootkit, infostealerMore than 400 packages in the Arch User Repository (AUR) are distributing a Linux rootkit and infostealer malware targeting credentials and access tokens. [...]BLEEPINGCOMPUTER.COM
12 JunMaine disables data breach notification portal after fake disclosuresMaine has taken its public data breach reporting portal offline after fraudulent breach disclosures were published on the state's website, prompting a review of procedures to prevent abuse in the future. [...]BLEEPINGCOMPUTER.COM
🕵️ THREAT INTELLIGENCE 25[−]
12 JunNew infosec products of the week: June 12, 2026Here’s a look at the most interesting products from the past week, featuring releases from AISLE, Drata, Elastic, Filigran, IDnow, and Ridge Security. RidgeBot 7.0 automates Active Directory attack simulations for security validation Ridge Security has announced the release of Ri…HELPNETSECURITY.COM
12 JunAI sovereignty makes data centers strategic targets for cyber operationsData centers built for frontier AI draw hundreds of megawatts of electricity and large volumes of cooling water from fixed locations with known addresses. Each one concentrates tens of thousands of graphics processors, liquid cooling systems, and high-density power equipment insi…HELPNETSECURITY.COM
12 JunProduct showcase: Avast One turns scam screenshots into actionable security adviceAvast One Free combines privacy, security, identity monitoring, and performance tools in a single platform. The app is available for Windows, macOS, Android, and iOS. Checking the device for security and privacy issues After installing it from the App Store, I ran Smart Scan, whi…HELPNETSECURITY.COM
12 JunEurope’s digital identity wallet gets its first set of standardsPeople across the European Union already use their phones for banking, travel, and government services. The European Digital Identity Wallet will bring those activities into one application, and the European Telecommunications Standards Institute (ETSI) has released the first sta…HELPNETSECURITY.COM
12 JunZeroFox releases AI Analytics to bring answers directly to security teamsZeroFox launched ZeroFox AI Analytics, a new platform capability that gives security teams real-time visibility into the signals, patterns, and trends shaping their external threat landscape. ZeroFox AI Analytics gives security teams the ability to move beyond static reports and …HELPNETSECURITY.COM
12 JunThe assembly line behind 1.5 million malicious domainsAttackers registered roughly 1.5 million malicious domains during the first five months of 2026. The registration patterns resemble industrial output. Most of the domains were created by attackers, put to use within weeks, and concentrated among a small set of registrars, top-lev…HELPNETSECURITY.COM
12 JunAnthropic Disputes Fable 5 AI JailbreakAn AI hacker claims to have achieved a prompt-based jailbreak shortly after Fable 5’s launch, but Anthropic says it’s not a real jailbreak. The post Anthropic Disputes Fable 5 AI Jailbreak appeared first on SecurityWeek .SECURITYWEEK.COM
12 JunCybercriminals are moving away from mass phishing campaignsPhishing activity declined by roughly 20% in both 2024 and 2025, according to research from Zscaler’s ThreatLabz team. The drop followed years of growth that pushed phishing activity above 2 billion hits in 2023. “Phishing volume measured by blocked emails is no longe…HELPNETSECURITY.COM
12 JunBernie Sanders’ AI Sovereign Wealth Fund PlanLet no one accuse Bernie Sanders of ducking the big questions. Writing in the New York Times last week, the senator asked : “Will the future of humanity be determined by a handful of billionaires who have promoted and developed AI, with virtually no democratic input, who st…SCHNEIER.COM
12 JunRethinking MDR as Attackers and Defenders Embrace AIFor most of the past decade, managed detection and response was the answer to a real problem. Security teams couldn't staff around the clock, couldn't hire enough analysts, and needed someone else to handle the alert queue. MDR stepped in. It worked well enough. Until now. The th…THEHACKERNEWS.COM
12 JunCyberCorps is adapting to AI. The budget isn’t keeping up.CyberCorps is evolving to tackle AI threats. But budget cuts could derail it before the work even starts. The post CyberCorps is adapting to AI. The budget isn’t keeping up. appeared first on CyberScoop .CYBERSCOOP.COM
12 JunIranian Cyber Group Handala Claims Cal Water HackThe hackers published 5GB of data, including customer personal information and credentials for the RTKBase platform. The post Iranian Cyber Group Handala Claims Cal Water Hack appeared first on SecurityWeek .SECURITYWEEK.COM
12 JunISC Stormcast For Friday, June 12th, 2026 https://isc.sans.edu/podcastdetail/9970, (Fri, Jun 12th)(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.ISC.SANS.EDU
12 JunIndustry Reactions to Claude Fable 5: Feedback FridayIndustry professionals comment on various aspects of Fable 5, including dual-use capabilities, safeguards, and tiered access. The post Industry Reactions to Claude Fable 5: Feedback Friday appeared first on SecurityWeek .SECURITYWEEK.COM
12 JunGoogle sues China-based scammers over Gemini AI abuseGoogle has filed a lawsuit against Outsider Enterprise, a China-based cybercrime network for using AI tools, including Gemini, to build phishing websites and scam infrastructure. The company said the operation has affected “hundreds of thousands of victims,” with loss…HELPNETSECURITY.COM
12 JunNavigating the New Federal Logging Mandate | OMB Memorandum M-26-14The White House Memorandum puts in place an “adaptive framework,” where agencies make risk-based, prioritized logging decisions.WIZ.IO
12 JunIt’s Mythos’ world now. How do we live in it?Anthropic's powerful model raises difficult questions about how government and industry should work together to safeguard systems in the AI era.CYBERSECURITYDIVE.COM
12 JunResearcher uses AI to hack Google and collect $500,000 in bountiesSecurity researcher Arvin Shivram has revealed how a custom AI-powered testing system uncovered dozens of vulnerabilities across Google's vast API ecosystem, earning more than $500,000 in bug bounty rewards. The findings included access control failures affecting Google Voice, Wi…CYBERINSIDER.COM
12 JunUS, France, and Italian authorities shut down massive deepfake porn siteThe website specialized in non-consensual sexual images of famous women, including politicians, first ladies, royalty, journalists, television presenters, athletes, and entertainers, and others. The post US, France, and Italian authorities shut down massive deepfake porn site app…CYBERSCOOP.COM
12 JunMisconfigured Tor hidden services leak IP addresses and server dataTor hidden services are designed to conceal a website's real location and IP address, allowing operators to remain anonymous while serving content through the Tor network. However, a new report from SOS Intelligence researcher Amir Hadzipasic shows that simple configuration mista…CYBERINSIDER.COM
12 JunChina-Linked Hackers Backdoored Linux Login Software to Hide for Nearly a DecadeInstead of hiding on the laptops and servers defenders watch most closely, a China-nexus group spent close to a decade hidden inside the Linux login system itself. Sygnia, which tracks the group as Velvet Ant, says it backdoored the PAM and OpenSSH components that decide who is a…THEHACKERNEWS.COM
12 JunFriday Squid Blogging: Squid-Inspired Fluid PumpThis fluid pump was inspired by the way squids propel themselves through the water. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Blog moderation policy.SCHNEIER.COM
12 JunPhones, Sarlaccs, Maine, Chinese Sites, Ivanti, Bitlocker, Peoplesoft, and More - SWN #589Bad Phones, Sarlaccs, Maine, Chinese Sites, Ivanti, GreatXML, Bitlocker, Peoplesoft, Josh Marpet, and More on this episode of the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-589YOUTUBE.COM
12 JunFBI takes down massive China-based cybercrime network that caused $1.9B in lossesOutsider provided phishing kits and infrastructure for cybercriminals to scam victims with lures claiming they missed packages, had unpaid tolls or parking violations. The post FBI takes down massive China-based cybercrime network that caused $1.9B in losses appeared first on Cyb…CYBERSCOOP.COM
12 JunTracing Digital Intent: New MacOS Tahoe 26 Artifact DiscoveredUnit 42 has discovered a new macOS Tahoe 26 forensic artifact that tracks user menu selections across the operating system. Learn more here. The post Tracing Digital Intent: New MacOS Tahoe 26 Artifact Discovered appeared first on Unit 42 .UNIT42.PALOALTONETWORKS.COM
🌐 CYBER THREAT LANDSCAPE 1[−]
12 JunGitHub to Update npm to Thwart Software Supply Chain AttacksNPM, part of GitHub, announced a new version of the npm package manager with several security improvements, including disabling install scriptsINFOSECURITY-MAGAZINE.COM
📡 INFOSEC NEWS 11[−]
12 JunPhishing Attack Volume Down 20%, but Risk Still RisingHackers are valuing quality over quantity, using AI to upgrade their phishing attacks rather than multiplying them.DARKREADING.COM
12 JunFake verification pages are stealing Steam accounts from playersA convincing fake FACEIT verification page is stealing Steam accounts by using a fake login window that looks completely legitimate.MALWAREBYTES.COM
12 JunOver 80% of Sports Organizations Targeted by Hackers in the Last YearAs the FIFA World Cup 2026 kicks off, a new Darktrace report warns that sports teams and bodies are a major target for cyber criminalsINFOSECURITY-MAGAZINE.COM
12 JunUS surveillance law to expire for first time after lawmakers reject Trump’s controversial pick to lead spy agenciesThe spy law known as Section 702, which authorizes the NSA and FBI's warrantless surveillance, will all but certainly expire on Friday for the first time.TECHCRUNCH.COM
12 JunMicrosoft fixes Windows update failures linked to WUSA installerMicrosoft has fixed a known issue that caused Windows updates released since May 2025 to fail when installed via the Windows Update Standalone Installer (WUSA) from a network share. [...]BLEEPINGCOMPUTER.COM
12 JunStolen iPhones could soon be worth a lot less to thievesApple and the Met Police are working together to make stolen iPhones harder to reset, resell, and profit from.MALWAREBYTES.COM
12 JunEarly Warning Signs of Supply-Chain Attacks Live in the Dark WebGitHub access sales, leaked repositories, and stolen API keys can all become supply-chain attack footholds. Flare explores how underground forums expose early signals tied to software supply-chain risk. [...]BLEEPINGCOMPUTER.COM
12 JunClaude Fable 5 Doesn't Change the Mythos Security StoryStay cool: Mythos 5 is an upgrade over Mythos Preview while Fable 5 is Mythos "made safe for general use," Anthropic explained.DARKREADING.COM
12 JunGoogle sues alleged Chinese cybercrime operation that used AI to send scam textsThe tech giant said a group called "Outsider Enterprise" used AI to scam hundreds of thousands of victims, sending 2.5 million text messages over a span of two weeks.TECHCRUNCH.COM
12 JunMajor US surveillance program poised to lapse after legislative deadlockIt is the first lapse of the spy program, known as Section 702 of the Foreign Intelligence Surveillance Act (FISA), since it was passed into law in 2008.THERECORD.MEDIA
12 JunPrivacy own-goal: World Cup blunder leaks Lionel Messi’s passport detailsArgentina's World Cup squad had their passport numbers leaked before a ball was kicked - not by hackers, but by someone who failed to redact a document properly. document. It's a mistake that has been made many times in the past... Read more in my article on the Hot for Security …BITDEFENDER.COM