Security Insights

Breaches, ransomware and regulation — analysed the day they break, with the practical lessons your team can act on. Free to read, no account required.

A close-up photoreal shot of a server rack in a dimly lit enterprise data center, with a single rack unit emitting a fai
Vulnerabilities
5 min read
30 Jun 2026

CVE-2026-46817: Unauthenticated Attackers Are Actively Exploiting Oracle E-Business Suite Payments

A CVSS 9.8 flaw in Oracle's Payments module lets remote attackers seize full control of EBS instances — no credentials required — and exploitation is already underway.

Photoreal editorial scene: a software developer sitting at a dual-monitor workstation in a dimly lit open-plan office, f
Vulnerabilities
5 min read
29 Jun 2026

CVE-2026-12957: Amazon Q Developer Flaw Let a Cloned Repo Steal AWS Credentials

A high-severity vulnerability in Amazon's AI coding assistant allowed a hostile repository to hijack ambient AWS credentials the moment a developer clicked 'trust workspace.' Amazon has shipped a patch.

Photoreal editorial scene: a dimly lit industrial server room inside a large manufacturing facility, rows of humming rac
Vulnerabilities
5 min read
27 Jun 2026

Web Shells Deployed on PTC Windchill PLM Systems as Attackers Exploit Critical Deserialization Flaw

A CVSS 9.3 vulnerability in PTC Windchill and FlexPLM — software trusted by defense contractors, aerospace primes, and automotive manufacturers — is under active exploitation, with attackers establishing persistent backdoors inside some of the most sensitive engineering environments on earth.

A dimly lit enterprise network operations center at night, rows of physical server racks and blinking network switches i
Vulnerabilities
4 min read
25 Jun 2026

Cisco Catalyst SD-WAN Zero-Day Exploited for Two Months Before Disclosure

CVE-2026-20245 gave attackers root on enterprise WAN gear while defenders had no patch to apply — and possibly no idea the intrusion was happening.

A photoreal close-up editorial photograph of a rack-mounted industrial network device with serial ports and ethernet con
Vulnerabilities
4 min read
24 Jun 2026

CISA Adds Lantronix EDS5000 Code Injection Bug to Known Exploited Vulnerabilities List

CVE-2025-67038 scores a 9.8 CVSS and is already being exploited in the wild. Federal agencies have until June 26, 2026 to patch — a deadline that tells you nothing about how fast attackers are moving right now.

A photoreal close-up of a film strip partially unwinding from a damaged reel on a dark server room floor, with dramatic
Vulnerabilities
5 min read
24 Jun 2026

PixelSmash: Critical FFmpeg Flaw Puts Media Servers and Cloud Pipelines at Risk

A heap out-of-bounds write in FFmpeg's MagicYUV decoder — CVE-2026-8461 — can crash applications or hand attackers remote code execution via a 50 KB video file.

A photoreal close-up of a glowing computer screen in a darkened server room showing lines of YAML pipeline code, with a
Vulnerabilities
5 min read
23 Jun 2026

GitHub Hardens actions/checkout to Kill 'Pwn Request' Attacks Dead

A new default in actions/checkout v7, announced June 18, automatically blocks unreviewed fork code from running inside privileged workflows — closing an exploit path that attackers had used for years to steal secrets and poison packages.

A photoreal editorial scene of a modern open-plan office at dusk, warm overhead lights, several professionals wearing wi
Vulnerabilities
6 min read
22 Jun 2026

Four Security Stories You Shouldn't Ignore: Beats Eavesdropping, a GCP Privilege-Escalation Flaw, and a Threat Actor Who Lived Inside a Network for a Decade

Apple quietly patched a Bluetooth vulnerability in Beats firmware, Google Cloud's Config Connector carries an unpatched privilege-escalation bug, and the threat group Velvet Ant spent roughly ten years undetected inside a target network. Here is what defenders need to know — and do — right now.

A photoreal close-up of a physical server rack in a dimly lit data center, with a single open padlock resting on a cable
Vulnerabilities
5 min read
20 Jun 2026

Gravity SMTP Vulnerability CVE-2026-4020 Is Being Actively Exploited — Patch and Rotate Now

An unauthenticated information-disclosure flaw in the popular WordPress mailer plugin is already under active attack, putting API keys, OAuth tokens, and SMTP credentials at risk on up to 100,000 websites.

A close-up macro photograph of a modern mobile processor chip on a circuit board, with a thin beam of ultraviolet light
Vulnerabilities
5 min read
20 Jun 2026

usbliter8: Researchers Crack Apple A12 and A13 SecureROM in an Exploit That Cannot Be Patched

A working tethered exploit from Paradigm Shift reaches code burned into the chip at fabrication — and no software update on earth can fix it.

A pair of sleek white wireless earbuds resting on a dark matte surface, soft blue Bluetooth signal waves glowing faintly
Vulnerabilities
4 min read
19 Jun 2026

Beats Studio Buds Firmware Patch Closes Bluetooth Flaw That Could Turn Earbuds Into a Listening Device

A CVSS 8.8 authorization bug in the Airoha Bluetooth audio SDK let any attacker within radio range pair with Studio Buds without the owner's knowledge — and potentially capture microphone audio.

A photoreal editorial scene of a server rack in a dimly lit data center, with a single amber warning light casting a glo
Vulnerabilities
4 min read
18 Jun 2026

F5 Patches Two Critical NGINX Flaws That Allow Unauthenticated Remote Code Execution

A use-after-free in NGINX's HTTP/3 module earns a CVSS v4 score of 9.2 — and any deployment with QUIC enabled should treat the patch as same-day work.

A photorealistic editorial scene of a glowing blue computer server rack in a dark enterprise data center, with a single
Vulnerabilities
5 min read
17 Jun 2026

CVE-2026-50656: Microsoft's Unpatched 'RoguePlanet' Flaw Puts Every Defender Install at Risk

A privilege-escalation zero-day in the Malware Protection Engine — the scanning core shared by every supported Defender variant — has been confirmed by Microsoft, with no patch yet shipped.

A photoreal close-up of a server rack in a dimly lit data center, one rack unit glowing amber with a warning indicator l
Vulnerabilities
5 min read
17 Jun 2026

CVSS 10.0: CISA Confirms Active Exploitation of Joomla Content Editor Flaw CVE-2026-48907

Widget Factory's JCE extension contains an unauthenticated arbitrary file-write vulnerability that attackers are already burning in the wild. Federal agencies have three weeks to patch. Everyone else should move faster.

A photorealistic editorial scene of a server rack in a dimly lit data center, shot from a low angle with shallow depth o
Vulnerabilities
5 min read
16 Jun 2026

CISA Flags LiteSpeed cPanel Plugin Flaw as Actively Exploited — Root Access at Stake

CVE-2026-54420 carries a CVSS score of 8.5 and hands attackers root-level control over shared hosting servers. Federal agencies must patch by June 18, 2026. Everyone else should move faster.

A high-tech conference room with IT professionals discussing cybersecurity vulnerabilities, a digital screen displaying
Vulnerabilities
2 min read
14 Jun 2026

Critical Vulnerability in Splunk Enterprise Exposes Systems to Remote Code Execution

Splunk addresses a severe flaw in its Enterprise software that could allow unauthenticated users to execute arbitrary code.

A close-up photoreal editorial photograph of a laptop computer open on a dark desk, the screen displaying a blue Windows
Vulnerabilities
4 min read
13 Jun 2026

GreatXML: A BitLocker Bypass That Doesn't Quite Work — Yet

A pseudonymous researcher dropped an alleged Windows Recovery Environment exploit days after Patch Tuesday. A respected vulnerability analyst couldn't replicate it. The researcher is already hunting a workaround.

A close-up photoreal editorial shot of a laptop sitting open and unattended on a hotel room desk at night, soft lamp lig
Vulnerabilities
5 min read
12 Jun 2026

GreatXML: How a Researcher Cracked BitLocker in Four Hours Using Windows' Own Recovery Partition

A hobbyist find targeting XML configuration files in the Windows Recovery Environment exposes a fundamental gap in full-disk encryption's trust model — and no Microsoft patch exists yet.

A photoreal editorial scene of a glowing blue server rack inside a dimly lit data center, with cascading green terminal
Vulnerabilities
5 min read
12 Jun 2026

CVE-2026-5027: Unauthenticated Path Traversal in Langflow Is Being Exploited Right Now

A write-anywhere bug in the popular open-source AI workflow builder carries a CVSS 8.8 score and is already seeing opportunistic mass exploitation — patch immediately or assume compromise.

A close-up photoreal editorial scene of a developer's hands at a mechanical keyboard in a dimly lit office, a terminal w
Vulnerabilities
5 min read
11 Jun 2026

npm 12 Kills Install Scripts by Default — and That Changes the Supply Chain Math

GitHub's decision to disable lifecycle hooks in npm 12 removes the single most-abused primitive in JavaScript supply chain attacks. Here is what defenders, DevOps teams, and security engineers need to know before the cutover.

A photorealistic scene of a cybersecurity analyst examining a computer screen with lines of code, depicting a race condi
Vulnerabilities
2 min read
10 Jun 2026

RoguePlanet Exploit Unveiled: Microsoft Defender's Latest Vulnerability Challenge

An exploit named RoguePlanet has surfaced, targeting Microsoft Defender with a local privilege escalation vulnerability, raising security concerns.

A photorealistic scene of a busy software development office with engineers working on computers, digital screens showin
Vulnerabilities
2 min read
10 Jun 2026

AI-Driven Bug Disclosures and Zero-Day Threats Dominate Microsoft's June Patch Tuesday

Microsoft addresses a record number of vulnerabilities amid AI-assisted bug discoveries and a high-profile researcher threatening further zero-day releases.

A close-up photoreal shot of a server rack in a dimly lit enterprise data center, with one server panel illuminated by a
Vulnerabilities
4 min read
9 Jun 2026

Microsoft's KB5094127 Patches Windows 10 ESU Fleets — and Starts the Secure Boot Certificate Clock

The June 2026 cumulative update for Windows 10 22H2 Extended Security Updates enrollees bundles this month's vulnerability fixes and adds diagnostic hooks for a looming Secure Boot certificate transition that could leave unpatched systems open to bootkit attacks.

A dramatic wide-angle shot of a dimly lit enterprise network operations center at night, multiple large monitors display
Vulnerabilities
5 min read
9 Jun 2026

Cisco SD-WAN Manager Hit by Active Command-Injection Exploit — No Patch Available Yet

CVE-2026-20245 lets an authenticated attacker escalate to root through the CLI. Mandiant reported the bug after spotting real intrusions, and Cisco has confirmed unauthorized configuration changes in the wild.

A photoreal close-up of glowing green terminal text scrolling across a dark monitor screen in a dimly lit server room, c
Vulnerabilities
5 min read
8 Jun 2026

CVE-2026-23111: Public Exploit Turns Unpatched Linux Kernels Into Root Shells

A weaponized proof-of-concept for a use-after-free in nf_tables dropped on June 8, 2026 — four months after the upstream fix — and it works reliably against hardened kernels with KASLR and SMAP enabled.

A photoreal close-up of a computer circuit board bathed in cool blue light, with streams of green binary code cascading
Vulnerabilities
5 min read
8 Jun 2026

AI Agent Finds 21 Zero-Days in FFmpeg the Same Week Chrome Ships a Record 429 Security Fixes

An autonomous AI fuzzer exposed 21 previously unknown vulnerabilities in the media library embedded in nearly every video-capable product on earth. Days later, Google released Chrome 149 with 429 patches — the largest single browser security update on record. Neither story is routine.

A photoreal editorial scene showing a server rack in a dimly lit enterprise data center, one server unit with a blinking
Vulnerabilities
4 min read
7 Jun 2026

CISA Adds SolarWinds Serv-U DoS Flaw to Known Exploited Vulnerabilities List

CVE-2026-28318 crashes the Serv-U file transfer service in the wild. Federal agencies have roughly three weeks to patch. Everyone else should treat that deadline as their own.

A photoreal close-up of a developer's hands on a mechanical keyboard in a dimly lit office, a large monitor showing a br
Vulnerabilities
5 min read
6 Jun 2026

One-Click github.dev Flaw Let Attackers Steal GitHub OAuth Tokens

A single crafted link was enough to drain a developer's GitHub OAuth token from the browser-based VS Code editor — granting read/write access to private repositories with no second click required.

A photoreal wide-angle shot of a dimly lit enterprise network operations center at night, multiple large monitors displa
Vulnerabilities
4 min read
6 Jun 2026

Cisco Catalyst SD-WAN Manager Flaw CVE-2026-20245 Exploited in the Wild — No Patch Available

A high-severity authorization vulnerability in Cisco's SD-WAN control plane is under active attack across on-premises, cloud, and FedRAMP deployments. Cisco has confirmed exploitation and has not yet released a fix.

Photoreal editorial scene: a close-up of a developer's hands at a mechanical keyboard in a dimly lit office, a terminal
Vulnerabilities
5 min read
6 Jun 2026

RubyGems Adds Bundler Cooldown to Block Supply Chain Attacks Before They Land

A new --cooldown flag for Bundler delays installation of freshly published gems, buying defenders the time attackers have long exploited.

A photoreal close-up of a developer's hands on a laptop keyboard in a dimly lit office, the screen casting a blue glow s
Vulnerabilities
4 min read
4 Jun 2026

GitHub's Browser Editor Handed Attackers an Unscoped OAuth Token — and a Path to Every Private Repo You Own

A malicious Jupyter notebook, a bypassed publisher trust check, and a single browser tab were all an attacker needed to steal an OAuth token granting access to every repository tied to a GitHub account.

A photoreal editorial scene showing a glowing server rack inside a dark data center, with a single open circuit board in
Vulnerabilities
5 min read
3 Jun 2026

CVE-2026-23479: Redis Sat Vulnerable for Two Years Before an AI Found the Bug

A use-after-free flaw in Redis's blocking-client code went undetected from version 7.2.0 until patches landed on May 5, 2025 — and it took an autonomous AI auditing tool, not a human researcher, to surface it.

A photoreal editorial scene of a server room bathed in low blue light, with a single rack of servers visibly older and d
Vulnerabilities
5 min read
3 Jun 2026

CISA Flags Two-Year-Old Oracle WebLogic Flaw as Actively Exploited — Federal Deadline Is Four Days

CVE-2024-21182 earned a CVSS 7.3 score and a July 2024 Oracle patch. Neither was enough to stop threat actors from finding the organizations that never bothered.

A close-up, photoreal editorial photograph of a glowing computer monitor displaying a WordPress admin dashboard with an
Vulnerabilities
5 min read
2 Jun 2026

CVE-2026-8732: Attackers Are Creating Rogue Admin Accounts on WordPress Sites Right Now

A critical unauthenticated privilege-escalation flaw in the WP Maps Pro plugin lets anyone register a full administrator account — no login, no phishing, no waiting. Active exploitation is already underway.

Photoreal editorial scene: a developer's dimly lit workstation at night, multiple monitors showing terminal windows with
Vulnerabilities
4 min read
2 Jun 2026

Miasma Supply Chain Attack Plants Credential-Stealing Worm Inside Red Hat npm Packages

A sophisticated campaign named Miasma has weaponized npm packages tied to the Red Hat ecosystem, silently harvesting developer credentials and burrowing into CI/CD pipelines the moment a compromised package lands on disk.

Ready to Reduce Your Human Cyber Risk?

Sign up and start training your team in minutes. No sales calls, no demos — just pick a plan and go. Phishing simulations, video courses, and certificates from day one.

train2secure analytics dashboard showing training completion stats and user progress