Secure Bulletin Navigating the cyber sea with knowledge
Home
Latest news

EY Notifies Clients After Breach of IT Support Platform Exposes Tax Documents

18 July 2026  |  dark6  |  Databreach

Ernst & Young is notifying clients that attackers accessed a third-party IT support ticketing platform for roughly two weeks this spring, downloading documents containing sensitive tax and investment...

>> read more

Coca-Cola’s Fairlife Brand Halts US Production After Ransomware Hits Manufacturing Systems

18 July 2026  |  dark6  |  Ransomware

Coca-Cola disclosed in an SEC filing that its Fairlife dairy subsidiary suffered a ransomware attack that forced a temporary halt of US production, while Canadian operations continued unaffected....

>> read more

Unpatched LegacyHive Bug Lets Standard Windows Users Hijack Admin Accounts

18 July 2026  |  dark6  |  Vulnerability

A newly disclosed Windows zero-day called LegacyHive abuses the User Profile Service to let a low-privileged user tamper with an administrator's registry hive, opening a path to persistence...

>> read more

CISA Confirms Active Exploitation of Critical SharePoint Deserialization Flaw

18 July 2026  |  dark6  |  Vulnerability

CISA has added CVE-2026-58644, a critical unauthenticated remote code execution flaw in Microsoft SharePoint, to its Known Exploited Vulnerabilities catalog after confirming real-world attacks. Federal agencies must remediate...

>> read more

SonicWall SMA1000 Zero-Days Under Active Attack: Perfect-10 Flaw Chained for Root Access

17 July 2026  |  dark6  |  Vulnerability

Attackers were exploiting a maximum-severity SonicWall SMA1000 flaw before the vendor's advisory even landed, chaining it with a privilege-escalation bug to seize root and pivot into corporate Active...

>> read more

Critical 7-Zip Flaw Lets Booby-Trapped Archives Hijack Your System

17 July 2026  |  dark6  |  Vulnerability

A newly patched 7-Zip vulnerability lets attackers achieve remote code execution simply by getting a victim to open a maliciously crafted compressed file. With 7-Zip installed on millions...

>> read more

CISA Sounds Alarm as Attackers Exploit Critical FortiSandbox Command Injection Flaws

17 July 2026  |  dark6  |  Vulnerability

CISA has confirmed active exploitation of two OS command injection vulnerabilities in Fortinet's FortiSandbox product line, adding both to its Known Exploited Vulnerabilities catalog and giving federal agencies...

>> read more

Scattered Spider Duo Sentenced Over £29 Million Transport for London Cyberattack

17 July 2026  |  dark6  |  Cybercrime

Two young members of the Scattered Spider hacking collective have been jailed for over five years each after a 2024 breach knocked out 148 Transport for London systems...

>> read more