Latest news

CVSS 9.1: Critical Cisco ISE Vulnerabilities Enable Remote Code Execution and Unauthenticated Data Theft
Vulnerability

CVSS 9.1: Critical Cisco ISE Vulnerabilities Enable Remote Code Execution and Unauthenticated Data Theft

19 June 2026 dark6

Cisco has disclosed two critical vulnerabilities in its Identity Services Engine (ISE) — CVE-2026-20181 (RCE, CVSS 9.1) and CVE-2026-20190 (unauthenticated...
Read more 0
CVE-2026-50656: Microsoft Confirms Defender ‘RoguePlanet’ Zero-Day — No Patch Available Yet
Vulnerability

CVE-2026-50656: Microsoft Confirms Defender ‘RoguePlanet’ Zero-Day — No Patch Available Yet

19 June 2026 dark6

Microsoft has confirmed CVE-2026-50656, a zero-day TOCTOU race condition in Microsoft Defender dubbed 'RoguePlanet,' that allows low-privilege attackers to escalate...
Read more 0
usbliter8: New iPhone BootROM Vulnerability Exposes A12/A13 Apple SoCs to Full Chain-of-Trust Compromise
Vulnerability

usbliter8: New iPhone BootROM Vulnerability Exposes A12/A13 Apple SoCs to Full Chain-of-Trust Compromise

19 June 2026 dark6

Security researchers have disclosed 'usbliter8,' a critical hardware-level BootROM vulnerability affecting Apple devices with A12, S4/S5, and A13 SoCs. The...
Read more 0
International Authorities Dismantle SocGholish (FakeUpdates) Malware Network — 106 Servers and 101 Domains Seized
Malware

International Authorities Dismantle SocGholish (FakeUpdates) Malware Network — 106 Servers and 101 Domains Seized

19 June 2026 dark6

International law enforcement agencies from the US, Netherlands, Canada, and Germany have dismantled the SocGholish malware network under Operation Endgame,...
Read more 0
Kodak Confirms Data Breach as ShinyHunters Claims 2.2 Million Customer Records Stolen
Databreach

Kodak Confirms Data Breach as ShinyHunters Claims 2.2 Million Customer Records Stolen

18 June 2026 dark6

Iconic imaging company Kodak has confirmed a data breach following claims by the notorious ShinyHunters hacking group that it stole...
Read more 0
CISA Adds Oracle PeopleSoft Zero-Day CVE-2026-35273 to KEV Catalog After Ransomware Gang Exploitation
Ransomware

CISA Adds Oracle PeopleSoft Zero-Day CVE-2026-35273 to KEV Catalog After Ransomware Gang Exploitation

18 June 2026 dark6

CISA has added a critical Oracle PeopleSoft vulnerability (CVE-2026-35273) to its Known Exploited Vulnerabilities catalog after confirming active exploitation in...
Read more 0
Supply Chain Attack Compromises 140+ Mastra npm Packages, Targeting Developer Credentials and Crypto Wallets
Malware

Supply Chain Attack Compromises 140+ Mastra npm Packages, Targeting Developer Credentials and Crypto Wallets

18 June 2026 dark6

A sophisticated supply chain attack has compromised over 141 packages in the Mastra-AI npm ecosystem, including @mastra/core which sees 918,000...
Read more 0
FortiBleed: Over 73,000 Fortinet Firewalls Compromised Across 194 Countries in Massive Credential Attack
Vulnerability

FortiBleed: Over 73,000 Fortinet Firewalls Compromised Across 194 Countries in Massive Credential Attack

18 June 2026 dark6

A devastating cyber espionage campaign dubbed 'FortiBleed' has silently compromised over 73,932 unique Fortinet firewall URLs spanning 194 countries. Discovered...
Read more 0
DragonForce Ransomware Abuses Microsoft Teams TURN Relay to Hide Malicious C2 Traffic
Ransomware

DragonForce Ransomware Abuses Microsoft Teams TURN Relay to Hide Malicious C2 Traffic

17 June 2026 dark6

Symantec researchers have discovered that DragonForce ransomware actors used a novel Go-based backdoor called Backdoor.TURN to route C2 communications through...
Read more 0
Chinese Hackers (UNC6508) Spent Over a Year Spying on US Medical Research Institutions via REDCap
Malware

Chinese Hackers (UNC6508) Spent Over a Year Spying on US Medical Research Institutions via REDCap

17 June 2026 dark6

Google GTIG has attributed a 2+ year Chinese cyber-espionage campaign to UNC6508, which exploited REDCap medical research servers across North...
Read more 0
Novo Nordisk Confirms Cyberattack: Patient Clinical Trial Data and Proprietary AI Models Stolen
Databreach

Novo Nordisk Confirms Cyberattack: Patient Clinical Trial Data and Proprietary AI Models Stolen

17 June 2026 dark6

Novo Nordisk has confirmed a cyberattack that exposed pseudonymized patient data from clinical trials. The threat group Dragonfly claims to...
Read more 0
Critical Fortinet FortiSandbox Vulnerabilities Actively Exploited in the Wild
Vulnerability

Critical Fortinet FortiSandbox Vulnerabilities Actively Exploited in the Wild

17 June 2026 dark6

Threat actors are actively exploiting three critical Fortinet FortiSandbox vulnerabilities — including CVE-2026-39813, which has no prior exploitation history. All...
Read more 0