Severity Sector 209 shown
-
CVE-2026-25089: Fortinet FortiSandbox Critical Remote Code Execution Flaw
financehealthcaregovernmentgeneral -
SimpleHelp Authentication Bypass Allows Unauthenticated Account Creation
post-secondarygovernmenthealthcareenergymspgeneral -
Joomla Content Editor Widget Factory Allows Unauthenticated Code Execution
post-secondarygovernmenthealthcarefinancegeneral -
Mozilla Firefox, Firefox ESR, and Thunderbird Vulnerabilities Enable Arbitrary Code Execution
post-secondarygovernmenthealthcarefinance -
CISA orders federal agencies to patch critical Joomla plugin vulnerability
post-secondarygovernmenthealthcaregeneral -
Account takeovers surge as attackers exploit phishing and MFA fatigue
post-secondarygovernmenthealthcarefinancegeneral -
FortiBleed leak exposes Fortinet VPN credentials for 73,000+ devices worldwide
governmenthealthcareenergypost-secondaryfinancegeneral -
Microsoft developing patch for RoguePlanet zero-day in Defender
governmenthealthcarefinancepost-secondarymspgeneral -
Rokarolla Android malware targets 217 banking and crypto applications
finance -
CISA Adds Joomla Widget Factory Vulnerability to Known Exploited List
post-secondarygovernmenthealthcaregeneral -
Malicious JetBrains IDE plugins discovered stealing developer AI API keys
post-secondarygovernmentgeneral -
Microsoft Office launch failures affect third-party integrations after June updates
post-secondarygovernmenthealthcarefinancegeneral -
Browser Security Gaps: Detection Tools May Miss Threats
post-secondarygovernmenthealthcarefinancegeneral -
Oracle June 2026 Quarterly Security Update Released
healthcareenergyfinancepost-secondarygovernment -
Atlassian Security Advisory AV26-608 Released
post-secondarygovernmentgeneral -
Steam Workshop exploited to distribute malware through Wallpaper Engine
general -
Microsoft security advisory AV26-607 issued
post-secondarygovernmenthealthcarefinancegeneral -
JetBrains Security Advisory AV26-606 Released
post-secondarygeneral -
ISC Stormcast Daily Security Brief – June 17, 2026
general -
Critical Fortinet FortiSandbox vulnerabilities actively exploited in attacks
governmenthealthcarefinanceenergygeneral -
Microsoft Patch Tuesday June 2026: 206 vulnerabilities including 39 critical fixes
post-secondarygovernmenthealthcareenergyfinancegeneral -
CVE-2026-50751: Critical Check Point VPN Authentication Bypass Under Active Exploitation
governmenthealthcarefinanceenergypost-secondary -
Rockwell Automation FLEX I/O EtherNet/IP Adapters: Memory and Authentication Flaws
energygovernmentgeneral -
Vertex AI SDK vulnerability enables remote code execution through bucket squatting
post-secondaryhealthcarefinanceenergygeneral -
Modern SOCs must detect and respond to threats within 72 minutes to prevent data exfiltration
post-secondarygovernmenthealthcareenergyfinancegeneral -
Ransomware gang hides malicious traffic through Microsoft Teams relay infrastructure
post-secondarygovernmenthealthcarefinancegeneral -
SimpleHelp vulnerability allows unauthorized creation of privileged support accounts
post-secondarygovernmenthealthcaremsp -
Cisco Catalyst SD-WAN Manager Path Traversal Vulnerability Disclosed
governmenthealthcareenergyfinancegeneral -
GhostTree Attack Exploits Windows Junctions to Evade Microsoft Defender Scans
post-secondarygovernmenthealthcareenergyfinancegeneral -
Malicious VHDX File Delivers Remcos RAT via Automated Windows Mount
post-secondarygovernmenthealthcarefinancegeneral -
Mozilla Security Advisory AV26-604 Released
post-secondarygovernmenthealthcaregeneral -
CISA adds two actively exploited vulnerabilities to Known Exploited Vulnerabilities catalog
energyfinancehealthcarepost-secondarygovernmentgeneral -
CISA alerts on actively exploited cPanel LiteSpeed plugin vulnerability
post-secondarygovernmentgeneral -
Rockwell Automation CompactLogix Controllers Vulnerable to DoS and Information Disclosure
energygeneral -
iRhythm discloses data breach affecting patient health records
healthcare -
Rockwell Automation Logix Controllers Vulnerable to Denial of Service via CIP Protocol
energygeneral -
Rockwell Automation RSLinx Classic Buffer Overflow Vulnerability
energygeneral -
SprySOCKS malware now targets Windows systems at government organizations globally
government -
Rockwell Automation FactoryTalk Analytics PavilionX Authorization Bypass (CVE-2025-14272)
energygeneral -
Arctic Wolf 2026 Report: Organizations Face Wider Attack Surfaces Than Perceived
post-secondarygovernmenthealthcareenergyfinancegeneral -
Zyxel Security Advisory AV26-603 Released
governmenthealthcareenergypost-secondarygeneral -
Fortinet Security Advisory AV26-351 Update 1 Released
governmenthealthcareenergyfinancegeneral -
Exposure management strategies help enterprises reduce cyber risk from expanding attack surfaces
post-secondarygovernmenthealthcareenergyfinancemspgeneral -
LiteSpeed cPanel Plugin Symlink Vulnerability Affects Shared Hosting Servers
post-secondarygovernmentgeneral -
Asset visibility gaps challenge modern vulnerability management programs
governmenthealthcarepost-secondarygeneral -
Managing expanding attack surfaces and vulnerability gaps in modern IT environments
post-secondarygovernmenthealthcareenergyfinancegeneral -
Exposure management critical for reducing cyber risk across enterprise IT environments
post-secondarygovernmenthealthcareenergyfinancemspgeneral -
FTC reports record $3.5 billion in imposter scam losses during 2025
financepost-secondaryhealthcaregovernment -
Cisco Security Advisory AV26-602 Released
post-secondarygovernmenthealthcareenergygeneral -
Arctic Wolf provides managed security solution for Lobster Data
general -
SearchLeak vulnerability in Microsoft 365 Copilot enables one-click data theft
post-secondarygovernmenthealthcarefinancegeneral -
Cisco patches SD-WAN Manager zero-day vulnerability enabling privilege escalation
energyhealthcarefinancegovernmentgeneral -
Chinese-linked hackers breach REDCap servers, deploy InfiniteRed malware
healthcarepost-secondary -
Infinite Campus breach exposes 137,000 school staff accounts via Salesforce compromise
post-secondarygovernment -
OptinMonster and related WordPress plugins compromised in CDN supply-chain attack
post-secondarygovernmenthealthcarefinancegeneral -
CISOs address code sprawl from unsanctioned AI-driven development tools
post-secondarygovernmenthealthcarefinancegeneral -
AI and Cybersecurity Convergence Highlighted in White House Executive Order
post-secondarygovernmenthealthcareenergyfinancegeneral -
CISA issues industrial control system security advisories
energygeneral -
Malicious MSI installers with embedded background images detected
post-secondarygovernmenthealthcareenergyfinancegeneral -
Ubuntu Security Advisory AV26-599 Released
post-secondarygovernmenthealthcareenergygeneral -
FBI warns of courier-based cash collection in crypto investment scams
financegeneral -
Red Hat Security Advisory AV26-601 Released
governmenthealthcareenergygeneral -
Microsoft Defender email security performance benchmarked against competing solutions
post-secondarygovernmenthealthcarefinancemsp -
Behavioral AI as defense against phishing and account takeover attacks
post-secondarygovernmenthealthcarefinancemsp -
Dell Security Advisory AV26-598 Released
governmenthealthcareenergypost-secondarygeneral -
IBM Security Advisory AV26-597 Released
general -
Former IT employee sentenced for cyberattacks on school district
post-secondarygovernment -
FBI disrupts large-scale Chinese phishing-as-a-service operation targeting credential theft
financepost-secondarygovernmentgeneral -
Week in Review: Critical patch avalanche and persistent state-sponsored threats
general -
Oracle PeopleSoft PeopleTools Authentication Bypass Allows Full System Takeover
post-secondarygovernmenthealthcarefinance -
CISA Adds Oracle PeopleSoft Authentication Bypass to Known Exploited Vulnerabilities
post-secondarygovernmenthealthcarefinance -
Chinese-linked threat actors maintain decade-long authentication compromise
governmenthealthcareenergyfinancepost-secondary -
phpBB forum authentication bypass vulnerability patched after 10-year presence
post-secondarygovernmentgeneral -
Over 400 Arch Linux packages compromised to distribute rootkit and infostealer malware
post-secondarygeneral -
GeoServer Security Advisory AV26-595 Released
governmentpost-secondaryenergygeneral -
Oracle Security Advisory AV26-587 Update 1 Released
healthcarefinanceenergypost-secondarygovernment -
FreePBX Security Advisory AV26-596 Released
post-secondarygovernmenthealthcarefinancegeneral -
US government orders Anthropic to restrict foreign access to advanced AI models
post-secondarygovernmenthealthcaregeneral -
Ukrainian national extradited to US pleads guilty in Conti ransomware case
generalhealthcareenergygovernment -
US state disables breach notification portal after fraudulent disclosures
government -
Arctic Wolf Launches Data Explorer for Threat Investigation Access
post-secondarygovernmenthealthcareenergyfinancemsp -
New macOS Tahoe 26 forensic artifact discovered tracking user menu selections
post-secondarygovernmenthealthcare -
Oracle PeopleSoft PeopleTools vulnerability enables remote code execution
post-secondarygovernmenthealthcarefinance -
Ivanti Sentry OS Command Injection Allows Unauthenticated Root RCE
post-secondarygovernmenthealthcaremsp -
CISA orders federal agencies to patch actively exploited Ivanti Sentry flaw by Sunday
governmentpost-secondaryhealthcaregeneral -
Oracle PeopleSoft zero-day under active exploitation in data theft campaigns
post-secondarygovernmenthealthcarefinance -
Dark Web Markets Expose Early Indicators of Supply-Chain Attack Preparation
post-secondarygovernmenthealthcarefinanceenergymspgeneral -
CISA Adds Ivanti Sentry OS Command Injection to Known Exploited Vulnerabilities Catalog
governmenthealthcareenergypost-secondarygeneral -
Ivanti Security Advisory AV26-567 Update 1 Released
post-secondarygovernmenthealthcareenergygeneral -
2026 FIFA World Cup threats target fans and event organizers with AiTM, phishing, malware
governmentpost-secondarygeneral -
Microsoft Edge Security Advisory AV26-591 Released
post-secondarygovernmenthealthcarefinancegeneral -
Check Point Security Advisory AV26-590 Released
governmenthealthcareenergyfinancegeneral -
Google Chrome Security Advisory AV26-593 Released
post-secondarygovernmenthealthcarefinancegeneral -
Spring Security Advisory AV26-592 Released
post-secondarygovernmenthealthcarefinancegeneral -
Moxa Control Systems Security Advisory Released
energygeneral -
Microsoft resolves Windows update failures with WUSA network installation
post-secondarygovernmenthealthcaregeneral -
Digital privacy risks from open communication channels highlighted in recent analysis
post-secondarygovernmenthealthcaregeneral -
Fraudulent breach disclosures submitted to Maine portal in misinformation campaign
governmentgeneral -
Novo Nordisk discloses clinical trials data breach affecting patient information
healthcare -
Ubiquiti Releases Security Advisory AV26-589
general -
Frontier AI Models Advancing Vulnerability Detection and Threat Analysis
post-secondarygovernmenthealthcarefinancegeneral -
ISC Stormcast Daily Security Briefing – June 12, 2026
general -
Microsoft Releases Record 200 Security Patches in June 2026 Patch Tuesday
post-secondarygovernmenthealthcarefinanceenergygeneral -
Microsoft Issues Critical Security Patches for Remote Code Execution Vulnerabilities
post-secondarygovernmenthealthcarefinanceenergy -
Check Point VPN and Firewall Products Vulnerable to Authentication Bypass
post-secondarygovernmenthealthcareenergyfinance -
Check Point Security Gateway VPN Authentication Bypass Vulnerability (CVE-2026-50751)
governmenthealthcareenergyfinancepost-secondary -
Microsoft patches three critical zero-day vulnerabilities affecting Windows and BitLocker
post-secondarygovernmenthealthcareenergyfinancegeneral -
Microsoft Defender Zero-Day 'RoguePlanet' Allows SYSTEM-Level Privilege Escalation
governmentpost-secondaryhealthcarefinancegeneral -
Critical Ivanti Sentry vulnerability actively exploited for remote code execution
governmenthealthcarepost-secondaryfinanceenergy -
Ivanti Sentry Gateway Patched for Critical Root-Level Code Execution Flaw
post-secondarygovernmenthealthcaremspgeneral -
Schneider Electric Modicon Switches RADIUS Protocol Vulnerability (CVE-2024-3596)
energygovernmenthealthcarepost-secondarygeneral -
SAP Releases Fixes for 15 Vulnerabilities Including 4 Critical Flaws
financeenergygovernmentgeneral -
Naxclow IoT Platform: Critical Authorization and Credential Management Vulnerabilities
post-secondarygovernmenthealthcaregeneral -
Chromium V8 Out-of-Bounds Vulnerability Affects Chrome, Edge, Opera
post-secondarygovernmenthealthcareenergyfinancemspgeneral -
Social Engineering Attacks Escalating Through Microsoft Teams
post-secondarygovernmenthealthcarefinanceenergy -
CISA Adds Three Known Exploited Vulnerabilities to Catalog
energyfinancehealthcaregovernmentpost-secondarygeneral -
Oracle PeopleSoft servers targeted in ShinyHunters extortion campaigns
post-secondarygovernmenthealthcarefinancegeneral -
Active Exploitation of PAN-OS CVE-2026-0257 Reported
governmenthealthcareenergyfinancegeneral -
ServiceNow discloses security incident from API vulnerability exposing customer data
post-secondarygovernmenthealthcarefinancegeneral -
Hitachi Energy RTU500 firmware vulnerabilities affect critical infrastructure controls
energygovernmentgeneral -
Microsoft patches actively exploited Exchange Server zero-day vulnerability
post-secondarygovernmenthealthcarefinancegeneral -
TeamPCP Supply Chain Campaign Expands; Mini Shai-Hulud Framework Widely Adopted
post-secondarygovernmenthealthcareenergyfinance -
Cloud Logging Services Targeted for Defense Evasion and Attack Concealment
post-secondarygovernmenthealthcarefinanceenergy -
Microsoft Patch Tuesday June 2026: 204 Vulnerabilities Including 38 Critical Issues
post-secondarygovernmenthealthcarefinanceenergygeneral -
Palo Alto Networks GlobalProtect Authentication Bypass Exploitation Surge Detected
governmentpost-secondaryhealthcareenergygeneral -
The Gentlemen ransomware group identified as second most active by victim count
post-secondarygovernmenthealthcareenergyfinancemspgeneral -
Cisco Catalyst SD-WAN Manager Remote Command Execution Vulnerability
energyfinancegovernmenthealthcare -
Hitachi Energy MACH HiDraw Buffer Overflow Vulnerability (CVE-2026-7310)
energygeneral -
SolarWinds Serv-U Denial of Service Vulnerability Added to CISA KEV Catalog
governmentpost-secondaryenergygeneral -
CISA Adds Two New Known Exploited Vulnerabilities to KEV Catalog
financehealthcareenergygovernmentgeneral -
Fake macOS Installers Distribute Information-Stealing Malware
post-secondarygovernmenthealthcarefinancegeneral -
Brickcom IP Cameras Vulnerable to Unauthenticated Access and Default Credentials
healthcaregovernmentpost-secondaryfinancegeneral -
Multiple Google Chrome Vulnerabilities Enable Arbitrary Code Execution
post-secondarygovernmenthealthcarefinancegeneral -
CISA Adds SolarWinds Serv-U Resource Consumption Vulnerability to KEV Catalog
governmentpost-secondaryhealthcarefinance -
Cisco Unified Communications Manager SSRF Vulnerability Enables File Write and Root Escalation
post-secondaryhealthcaregovernmentfinanceenergy -
Schneider Electric EcoStruxure Panel Server Authentication Bypass Vulnerability
energygeneral -
Path traversal vulnerability in Langflow AI platform actively exploited
post-secondarygeneral -
Hitachi Energy ITT600 Explorer vulnerabilities allow denial of service attacks
energygeneral -
B&R PPT30 Operating System OPC-UA Denial of Service Vulnerability (CVE-2025-11482)
energygeneral -
Siemens KACO Blueplanet Inverters Vulnerable to Credential Derivation and SQL Injection
energygeneral -
Miasma credential-stealing framework source code briefly exposed on GitHub
post-secondarygovernmentenergygeneral -
BerriAI LiteLLM Command Injection Allows Authenticated Users Arbitrary Code Execution
post-secondarygovernmentgeneral -
CISA Issues 3-Day Patch Deadline for Critical Exploited Vulnerabilities
governmentgeneral -
China-linked JDY botnet expands targeting of U.S. military networks
governmentenergygeneral -
Microsoft June 2026 Security Updates Released
post-secondarygovernmenthealthcareenergyfinancemspgeneral -
OpenSSL Security Advisory AV26-572 Released
post-secondarygovernmenthealthcareenergyfinancegeneral -
Fortinet Security Advisory AV26-568 Released
governmenthealthcareenergypost-secondaryfinance -
Endpoint Security Challenges: Balancing Detection and Operational Noise
post-secondarygovernmenthealthcareenergyfinance -
Threat actors exploit AI hype in social engineering campaigns
post-secondarygovernmenthealthcareenergyfinancemspgeneral -
Google Chrome Security Advisory AV26-561 – Update 1
post-secondarygovernmenthealthcarefinancegeneral -
Five best practices for secure identity verification to counter authentication threats
post-secondarygovernmenthealthcareenergyfinancegeneral -
Splunk Security Advisory AV26-586 Released
governmenthealthcareenergyfinancegeneral -
Microsoft Patch Tuesday June 2026 — Security Updates Released
post-secondarygovernmenthealthcarefinancegeneral -
Veeam Security Advisory AV26-564 Released
healthcareenergyfinancepost-secondarygovernmentgeneral -
Microsoft reports Windows update installation failures on some 24H2 and 25H2 systems
post-secondarygovernmenthealthcarefinancegeneral -
AI-driven attacks reveal gaps in fragmented MSP security infrastructure
post-secondaryhealthcaregovernmentfinancemspgeneral -
Malicious MSI installers hidden in image files continue to spread via email
post-secondarygovernmenthealthcarefinancegeneral -
Enterprise AI agents at risk from third-party skill vulnerabilities
post-secondarygovernmenthealthcareenergyfinancegeneral -
Vulnerability Management Challenges: Detection vs. Practical Risk Reduction
post-secondarygovernmenthealthcareenergyfinancegeneral -
AMD Security Advisory AV26-577 Released
energyfinancehealthcarepost-secondarygovernmentgeneral -
GitHub announces npm security changes to address supply-chain attack risks
post-secondaryfinancehealthcareenergygovernmentgeneral -
Arista EOS Packet Decapsulation Vulnerability Could Enable Network Spoofing
energyhealthcaregovernmentfinance -
Ivanti Security Advisory AV26-567 Released
governmenthealthcarepost-secondarygeneral -
Cisco Security Advisory AV26-551 - Update 1
governmenthealthcareenergypost-secondarygeneral -
Microsoft Patches BitLocker Recovery Boot Issue in Windows Server 2025
governmenthealthcarepost-secondary -
FreePBX Security Advisory AV26-579 Released
post-secondarygovernmenthealthcaregeneral -
MISP Security Advisory AV26-565 Released
governmentpost-secondaryhealthcareenergyfinance -
Prompt Injection Vulnerability Found in Claude Code GitHub Action CI/CD Workflows
post-secondaryenergyfinancegovernmentgeneral -
Microsoft Red Team Identifies Seven New Failure Modes in Agentic AI Systems
post-secondarygovernmenthealthcarefinancegeneral -
OpenClaw AI email agent vulnerable to phishing attacks, exposes user data
post-secondarygovernmenthealthcarefinancegeneral -
Jenkins Security Advisory AV26-578 Released
post-secondarygovernmentenergyfinancegeneral -
Siemens Releases Security Advisory for Control Systems Vulnerability
energygovernmentgeneral -
Spring Security Advisory AV26-574 Released
post-secondarygovernmentfinancegeneral -
HPE Security Advisory AV26-582 Released
energyhealthcarepost-secondarygovernmentgeneral -
ABB Security Advisory AV26-580: Control Systems Vulnerability
energygeneral -
Broadcom VMware Security Advisory AV26-585 Released
post-secondarygovernmenthealthcareenergygeneral -
Oracle Security Advisory AV26-587 Released
financehealthcareenergypost-secondarygovernmentgeneral -
n8n Security Advisory AV26-584 Released
post-secondarygovernmentfinancegeneral -
NAVTOR NavBox Hard-coded Credentials Vulnerability (CVE-2026-21404)
energygeneral -
HPE Security Advisory AV26-571 Released
healthcareenergygovernmentgeneral -
Threat actors targeting 2026 FIFA World Cup through phishing and credential theft
governmentgeneral -
FreeBSD Security Advisory AV26-576 Released
governmentpost-secondarygeneral -
Law enforcement disrupts AudiA6 crypto-laundering service used by ransomware operators
general -
Erlang Security Advisory AV26-581 Released
general -
Adobe Security Advisory AV26-570 Released
post-secondarygovernmenthealthcarefinancegeneral -
Microsoft publishes guide for investigating AI activity in Microsoft 365 Copilot and Azure services
post-secondarygovernmenthealthcarefinancegeneral -
Palo Alto Networks Security Advisory AV26-583 Released
governmenthealthcareenergyfinancegeneral -
Gartner Security Summit 2026: Key Trends in Resilience, Identity, and AI
post-secondarygovernmenthealthcareenergyfinancegeneral -
AI-driven Security Operations Centers show promise for accelerating threat response
generalpost-secondaryhealthcareenergygovernment -
Selecting the Right Vulnerability Management Solution
post-secondarygovernmenthealthcareenergyfinancemspgeneral -
Mozilla Security Advisory AV26-575 Released
post-secondarygovernmenthealthcareenergyfinancegeneral -
AI-Powered Security Operations: Why Speed and Trust Win
post-secondarygovernmenthealthcareenergyfinancemspgeneral -
ISC Stormcast Daily Security Briefing — June 9th, 2026
post-secondarygovernmenthealthcareenergyfinancegeneral -
ISC Stormcast Daily Security Briefing – June 5, 2026
post-secondarygovernmenthealthcareenergyfinancemspgeneral -
ISC Stormcast June 10, 2026 – Daily Security News Briefing
general -
Analysis of Web Security Header Adoption Trends Over Three Years
post-secondarygovernmentfinancehealthcaregeneral -
AI-Powered Security Operations: Speed and Trust as Competitive Factors
post-secondarygovernmenthealthcareenergyfinancegeneral -
GitLab Security Advisory AV26-588 Released
post-secondarygovernmentgeneral -
Arctic Wolf announces 2026 Partner of the Year Award winners
general -
HPE Security Advisory AV26-573 Released
governmenthealthcareenergygeneral -
Talos launches threat hunting service with senior leadership insights
generalpost-secondarygovernmenthealthcarefinanceenergy -
Microsoft releases ASSERT framework for AI agent evaluation and testing
post-secondarygovernmenthealthcaregeneral -
Huntress offers CMMC compliance path without FedRAMP authorization
governmentgeneral -
Cisco Talos reveals threat hunting methodology using hypothesis-driven detection
general -
ISC Stormcast Daily Briefing – June 8th, 2026
general -
Arctic Wolf announces 2026 Partner of the Year Award winners
general -
SANS ISC Stormcast Daily Briefing – June 4, 2026
general -
Black Hat 2026 Conference Announced
general -
Microsoft Coreutils for Windows: Unix Command Compatibility Tool
general