Network SecurityF5 releases out-of-band patches for two critical NGINX bugsSteve ZurierJune 18, 2026F5 issued urgent patches for two critical NGINX flaws that could enable DoS or code execution.
RansomwareAttackers drop DragonForce ransomware leveraging MS Teams relay systemsSteve ZurierJune 17, 2026DragonForce ransomware abused Microsoft Teams relay infrastructure to hide C2 traffic.
Network SecurityThree critical FortiSandbox bugs rated 9.8 actively exploitedSteve ZurierJune 16, 2026Active exploitation of FortiSandbox flaws prompt urgent patching calls from security experts.
Vulnerability ManagementPAN-OS GlobalProtect bug actively exploited, added to CISA’s KEV listSteve ZurierJune 15, 2026Unit 42 says exploited PAN-OS GlobalProtect flaw remains a VPN risk despite patches.
IdentityWhy non-human identities (NHIs) require a change in mindsetSteve ZurierJune 15, 2026Security teams have to get that NHIs are not just a static secret in a vault, they active participants in the business.
Critical Infrastructure SecurityIran-linked group Handala claims to steal Cal Water customer infoSteve ZurierJune 12, 2026Experts say that Handala has a history of overstating its capabilities and in this case the water system was not disrupted.
Cloud SecurityServiceNow says security researchers, not hackers, accessed dataSteve ZurierJune 10, 2026ServiceNow investigates access issue, says no attacker activity found.
Vulnerability ManagementCISA adds Check Point VPN bug to list of exploited vulnerabilitiesSteve ZurierJune 9, 2026CISA warns of an exploited Check Point VPN flaw that lets attackers bypass authentication.
IdentitySilent Ransom Group moves to in-person method if vishing attempt failsSteve ZurierJune 8, 2026Mandiant warns Silent Ransom Group uses vishing and even in-person visits to steal data.
Network SecurityAnother Cisco Catalyst SD-WAN Manager bug actively exploitedSteve ZurierJune 5, 2026Cisco warns of an exploited SD-WAN flaw that can enable remote code execution and network compromise.
