Severity Sector 140 shown
-
Oracle PeopleSoft PeopleTools Authentication Bypass Allows Full System Takeover
post-secondarygovernmenthealthcarefinance -
CISA Adds Oracle PeopleSoft Authentication Bypass to Known Exploited Vulnerabilities
post-secondarygovernmenthealthcarefinance -
Chinese-linked threat actors maintain decade-long authentication compromise
governmenthealthcareenergyfinancepost-secondary -
phpBB forum authentication bypass vulnerability patched after 10-year presence
post-secondarygovernmentgeneral -
Over 400 Arch Linux packages compromised to distribute rootkit and infostealer malware
post-secondarygeneral -
GeoServer Security Advisory AV26-595 Released
governmentpost-secondaryenergygeneral -
Oracle Security Advisory AV26-587 Update 1 Released
healthcarefinanceenergypost-secondarygovernment -
FreePBX Security Advisory AV26-596 Released
post-secondarygovernmenthealthcarefinancegeneral -
US government orders Anthropic to restrict foreign access to advanced AI models
post-secondarygovernmenthealthcaregeneral -
Ukrainian national extradited to US pleads guilty in Conti ransomware case
generalhealthcareenergygovernment -
US state disables breach notification portal after fraudulent disclosures
government -
Arctic Wolf Launches Data Explorer for Threat Investigation Access
post-secondarygovernmenthealthcareenergyfinancemsp -
New macOS Tahoe 26 forensic artifact discovered tracking user menu selections
post-secondarygovernmenthealthcare -
Ivanti Sentry OS Command Injection Allows Unauthenticated Root RCE
post-secondarygovernmenthealthcaremsp -
Oracle PeopleSoft PeopleTools vulnerability enables remote code execution
post-secondarygovernmenthealthcarefinance -
CISA orders federal agencies to patch actively exploited Ivanti Sentry flaw by Sunday
governmentpost-secondaryhealthcaregeneral -
Oracle PeopleSoft zero-day under active exploitation in data theft campaigns
post-secondarygovernmenthealthcarefinance -
Dark Web Markets Expose Early Indicators of Supply-Chain Attack Preparation
post-secondarygovernmenthealthcarefinanceenergymspgeneral -
CISA Adds Ivanti Sentry OS Command Injection to Known Exploited Vulnerabilities Catalog
governmenthealthcareenergypost-secondarygeneral -
Ivanti Security Advisory AV26-567 Update 1 Released
post-secondarygovernmenthealthcareenergygeneral -
2026 FIFA World Cup threats target fans and event organizers with AiTM, phishing, malware
governmentpost-secondarygeneral -
Microsoft Edge Security Advisory AV26-591 Released
post-secondarygovernmenthealthcarefinancegeneral -
Check Point Security Advisory AV26-590 Released
governmenthealthcareenergyfinancegeneral -
Google Chrome Security Advisory AV26-593 Released
post-secondarygovernmenthealthcarefinancegeneral -
Spring Security Advisory AV26-592 Released
post-secondarygovernmenthealthcarefinancegeneral -
Moxa Control Systems Security Advisory Released
energygeneral -
Microsoft resolves Windows update failures with WUSA network installation
post-secondarygovernmenthealthcaregeneral -
Digital privacy risks from open communication channels highlighted in recent analysis
post-secondarygovernmenthealthcaregeneral -
Novo Nordisk discloses clinical trials data breach affecting patient information
healthcare -
Fraudulent breach disclosures submitted to Maine portal in misinformation campaign
governmentgeneral -
Ubiquiti Releases Security Advisory AV26-589
general -
Frontier AI Models Advancing Vulnerability Detection and Threat Analysis
post-secondarygovernmenthealthcarefinancegeneral -
ISC Stormcast Daily Security Briefing – June 12, 2026
general -
Microsoft Releases Record 200 Security Patches in June 2026 Patch Tuesday
post-secondarygovernmenthealthcarefinanceenergygeneral -
Microsoft Issues Critical Security Patches for Remote Code Execution Vulnerabilities
post-secondarygovernmenthealthcarefinanceenergy -
Check Point VPN and Firewall Products Vulnerable to Authentication Bypass
post-secondarygovernmenthealthcareenergyfinance -
Check Point Security Gateway VPN Authentication Bypass Vulnerability (CVE-2026-50751)
governmenthealthcareenergyfinancepost-secondary -
Microsoft patches three critical zero-day vulnerabilities affecting Windows and BitLocker
post-secondarygovernmenthealthcareenergyfinancegeneral -
Microsoft Defender Zero-Day 'RoguePlanet' Allows SYSTEM-Level Privilege Escalation
governmentpost-secondaryhealthcarefinancegeneral -
Critical Ivanti Sentry vulnerability actively exploited for remote code execution
governmenthealthcarepost-secondaryfinanceenergy -
Ivanti Sentry Gateway Patched for Critical Root-Level Code Execution Flaw
post-secondarygovernmenthealthcaremspgeneral -
Schneider Electric Modicon Switches RADIUS Protocol Vulnerability (CVE-2024-3596)
energygovernmenthealthcarepost-secondarygeneral -
SAP Releases Fixes for 15 Vulnerabilities Including 4 Critical Flaws
financeenergygovernmentgeneral -
Naxclow IoT Platform: Critical Authorization and Credential Management Vulnerabilities
post-secondarygovernmenthealthcaregeneral -
Chromium V8 Out-of-Bounds Vulnerability Affects Chrome, Edge, Opera
post-secondarygovernmenthealthcareenergyfinancemspgeneral -
Social Engineering Attacks Escalating Through Microsoft Teams
post-secondarygovernmenthealthcarefinanceenergy -
CISA Adds Three Known Exploited Vulnerabilities to Catalog
energyfinancehealthcaregovernmentpost-secondarygeneral -
Oracle PeopleSoft servers targeted in ShinyHunters extortion campaigns
post-secondarygovernmenthealthcarefinancegeneral -
Active Exploitation of PAN-OS CVE-2026-0257 Reported
governmenthealthcareenergyfinancegeneral -
ServiceNow discloses security incident from API vulnerability exposing customer data
post-secondarygovernmenthealthcarefinancegeneral -
Hitachi Energy RTU500 firmware vulnerabilities affect critical infrastructure controls
energygovernmentgeneral -
Microsoft patches actively exploited Exchange Server zero-day vulnerability
post-secondarygovernmenthealthcarefinancegeneral -
TeamPCP Supply Chain Campaign Expands; Mini Shai-Hulud Framework Widely Adopted
post-secondarygovernmenthealthcareenergyfinance -
Cloud Logging Services Targeted for Defense Evasion and Attack Concealment
post-secondarygovernmenthealthcarefinanceenergy -
Microsoft Patch Tuesday June 2026: 204 Vulnerabilities Including 38 Critical Issues
post-secondarygovernmenthealthcarefinanceenergygeneral -
Palo Alto Networks GlobalProtect Authentication Bypass Exploitation Surge Detected
governmentpost-secondaryhealthcareenergygeneral -
The Gentlemen ransomware group identified as second most active by victim count
post-secondarygovernmenthealthcareenergyfinancemspgeneral -
Cisco Catalyst SD-WAN Manager Remote Command Execution Vulnerability
energyfinancegovernmenthealthcare -
Hitachi Energy MACH HiDraw Buffer Overflow Vulnerability (CVE-2026-7310)
energygeneral -
SolarWinds Serv-U Denial of Service Vulnerability Added to CISA KEV Catalog
governmentpost-secondaryenergygeneral -
CISA Adds Two New Known Exploited Vulnerabilities to KEV Catalog
financehealthcareenergygovernmentgeneral -
Fake macOS Installers Distribute Information-Stealing Malware
post-secondarygovernmenthealthcarefinancegeneral -
Brickcom IP Cameras Vulnerable to Unauthenticated Access and Default Credentials
healthcaregovernmentpost-secondaryfinancegeneral -
Multiple Google Chrome Vulnerabilities Enable Arbitrary Code Execution
post-secondarygovernmenthealthcarefinancegeneral -
CISA Adds SolarWinds Serv-U Resource Consumption Vulnerability to KEV Catalog
governmentpost-secondaryhealthcarefinance -
Cisco Unified Communications Manager SSRF Vulnerability Enables File Write and Root Escalation
post-secondaryhealthcaregovernmentfinanceenergy -
Schneider Electric EcoStruxure Panel Server Authentication Bypass Vulnerability
energygeneral -
Path traversal vulnerability in Langflow AI platform actively exploited
post-secondarygeneral -
Hitachi Energy ITT600 Explorer vulnerabilities allow denial of service attacks
energygeneral -
B&R PPT30 Operating System OPC-UA Denial of Service Vulnerability (CVE-2025-11482)
energygeneral -
Miasma credential-stealing framework source code briefly exposed on GitHub
post-secondarygovernmentenergygeneral -
Siemens KACO Blueplanet Inverters Vulnerable to Credential Derivation and SQL Injection
energygeneral -
BerriAI LiteLLM Command Injection Allows Authenticated Users Arbitrary Code Execution
post-secondarygovernmentgeneral -
CISA Issues 3-Day Patch Deadline for Critical Exploited Vulnerabilities
governmentgeneral -
China-linked JDY botnet expands targeting of U.S. military networks
governmentenergygeneral -
Microsoft June 2026 Security Updates Released
post-secondarygovernmenthealthcareenergyfinancemspgeneral -
OpenSSL Security Advisory AV26-572 Released
post-secondarygovernmenthealthcareenergyfinancegeneral -
Fortinet Security Advisory AV26-568 Released
governmenthealthcareenergypost-secondaryfinance -
Endpoint Security Challenges: Balancing Detection and Operational Noise
post-secondarygovernmenthealthcareenergyfinance -
Threat actors exploit AI hype in social engineering campaigns
post-secondarygovernmenthealthcareenergyfinancemspgeneral -
Google Chrome Security Advisory AV26-561 – Update 1
post-secondarygovernmenthealthcarefinancegeneral -
Five best practices for secure identity verification to counter authentication threats
post-secondarygovernmenthealthcareenergyfinancegeneral -
Splunk Security Advisory AV26-586 Released
governmenthealthcareenergyfinancegeneral -
Microsoft Patch Tuesday June 2026 — Security Updates Released
post-secondarygovernmenthealthcarefinancegeneral -
Veeam Security Advisory AV26-564 Released
healthcareenergyfinancepost-secondarygovernmentgeneral -
Microsoft reports Windows update installation failures on some 24H2 and 25H2 systems
post-secondarygovernmenthealthcarefinancegeneral -
AI-driven attacks reveal gaps in fragmented MSP security infrastructure
post-secondaryhealthcaregovernmentfinancemspgeneral -
Malicious MSI installers hidden in image files continue to spread via email
post-secondarygovernmenthealthcarefinancegeneral -
Enterprise AI agents at risk from third-party skill vulnerabilities
post-secondarygovernmenthealthcareenergyfinancegeneral -
Vulnerability Management Challenges: Detection vs. Practical Risk Reduction
post-secondarygovernmenthealthcareenergyfinancegeneral -
AMD Security Advisory AV26-577 Released
energyfinancehealthcarepost-secondarygovernmentgeneral -
GitHub announces npm security changes to address supply-chain attack risks
post-secondaryfinancehealthcareenergygovernmentgeneral -
Arista EOS Packet Decapsulation Vulnerability Could Enable Network Spoofing
energyhealthcaregovernmentfinance -
Ivanti Security Advisory AV26-567 Released
governmenthealthcarepost-secondarygeneral -
Cisco Security Advisory AV26-551 - Update 1
governmenthealthcareenergypost-secondarygeneral -
Microsoft Patches BitLocker Recovery Boot Issue in Windows Server 2025
governmenthealthcarepost-secondary -
FreePBX Security Advisory AV26-579 Released
post-secondarygovernmenthealthcaregeneral -
MISP Security Advisory AV26-565 Released
governmentpost-secondaryhealthcareenergyfinance -
Prompt Injection Vulnerability Found in Claude Code GitHub Action CI/CD Workflows
post-secondaryenergyfinancegovernmentgeneral -
Microsoft Red Team Identifies Seven New Failure Modes in Agentic AI Systems
post-secondarygovernmenthealthcarefinancegeneral -
OpenClaw AI email agent vulnerable to phishing attacks, exposes user data
post-secondarygovernmenthealthcarefinancegeneral -
Jenkins Security Advisory AV26-578 Released
post-secondarygovernmentenergyfinancegeneral -
Siemens Releases Security Advisory for Control Systems Vulnerability
energygovernmentgeneral -
HPE Security Advisory AV26-582 Released
energyhealthcarepost-secondarygovernmentgeneral -
Spring Security Advisory AV26-574 Released
post-secondarygovernmentfinancegeneral -
ABB Security Advisory AV26-580: Control Systems Vulnerability
energygeneral -
Broadcom VMware Security Advisory AV26-585 Released
post-secondarygovernmenthealthcareenergygeneral -
Oracle Security Advisory AV26-587 Released
financehealthcareenergypost-secondarygovernmentgeneral -
n8n Security Advisory AV26-584 Released
post-secondarygovernmentfinancegeneral -
NAVTOR NavBox Hard-coded Credentials Vulnerability (CVE-2026-21404)
energygeneral -
HPE Security Advisory AV26-571 Released
healthcareenergygovernmentgeneral -
Threat actors targeting 2026 FIFA World Cup through phishing and credential theft
governmentgeneral -
FreeBSD Security Advisory AV26-576 Released
governmentpost-secondarygeneral -
Law enforcement disrupts AudiA6 crypto-laundering service used by ransomware operators
general -
Erlang Security Advisory AV26-581 Released
general -
Adobe Security Advisory AV26-570 Released
post-secondarygovernmenthealthcarefinancegeneral -
Microsoft publishes guide for investigating AI activity in Microsoft 365 Copilot and Azure services
post-secondarygovernmenthealthcarefinancegeneral -
Palo Alto Networks Security Advisory AV26-583 Released
governmenthealthcareenergyfinancegeneral -
Gartner Security Summit 2026: Key Trends in Resilience, Identity, and AI
post-secondarygovernmenthealthcareenergyfinancegeneral -
AI-driven Security Operations Centers show promise for accelerating threat response
generalpost-secondaryhealthcareenergygovernment -
Selecting the Right Vulnerability Management Solution
post-secondarygovernmenthealthcareenergyfinancemspgeneral -
Mozilla Security Advisory AV26-575 Released
post-secondarygovernmenthealthcareenergyfinancegeneral -
AI-Powered Security Operations: Why Speed and Trust Win
post-secondarygovernmenthealthcareenergyfinancemspgeneral -
ISC Stormcast Daily Security Briefing — June 9th, 2026
post-secondarygovernmenthealthcareenergyfinancegeneral -
ISC Stormcast Daily Security Briefing – June 5, 2026
post-secondarygovernmenthealthcareenergyfinancemspgeneral -
ISC Stormcast June 10, 2026 – Daily Security News Briefing
general -
Analysis of Web Security Header Adoption Trends Over Three Years
post-secondarygovernmentfinancehealthcaregeneral -
AI-Powered Security Operations: Speed and Trust as Competitive Factors
post-secondarygovernmenthealthcareenergyfinancegeneral -
GitLab Security Advisory AV26-588 Released
post-secondarygovernmentgeneral -
Arctic Wolf announces 2026 Partner of the Year Award winners
general -
HPE Security Advisory AV26-573 Released
governmenthealthcareenergygeneral -
Talos launches threat hunting service with senior leadership insights
generalpost-secondarygovernmenthealthcarefinanceenergy -
Microsoft releases ASSERT framework for AI agent evaluation and testing
post-secondarygovernmenthealthcaregeneral -
Huntress offers CMMC compliance path without FedRAMP authorization
governmentgeneral -
Cisco Talos reveals threat hunting methodology using hypothesis-driven detection
general -
Arctic Wolf announces 2026 Partner of the Year Award winners
general -
ISC Stormcast Daily Briefing – June 8th, 2026
general -
SANS ISC Stormcast Daily Briefing – June 4, 2026
general -
Black Hat 2026 Conference Announced
general -
Microsoft Coreutils for Windows: Unix Command Compatibility Tool
general