Secure Bulletin

Latest news

Ransomware

CVE-2026-50751: Check Point VPN 0-Day Actively Exploited to Deploy Qilin Ransomware

9 June 2026 dark6

A critical CVSS 9.3 authentication bypass in Check Point Remote Access VPN (CVE-2026-50751) is being actively exploited in the wild,...

Read more 0

Vulnerability

CVE-2026-23111: Linux Kernel nftables Use-After-Free Enables Root Privilege Escalation — Public Exploit Available

9 June 2026 dark6

A use-after-free vulnerability in the Linux kernel nftables subsystem (CVE-2026-23111) allows unprivileged local attackers to escalate privileges to root on...

Read more 0

Spyware

WhatsApp Disrupts Fresh NSO Group Pegasus Campaign, Seeks Court Contempt Order

9 June 2026 dark6

Meta's WhatsApp has disrupted a new NSO Group-linked Pegasus spyware campaign targeting users in Jordan and Lebanon, and is now...

Read more 0

Cybercrime

China-Linked OP-512 Uses Cryptographically Unique Web Shells in Patient IIS Server Espionage Campaign

9 June 2026 dark6

ReliaQuest has uncovered OP-512, a new China-linked threat cluster targeting IIS servers with a custom web shell framework that generates...

Read more 0

Databreach

Instagram Logic Bug Exposed Unredacted Emails and Phone Numbers for Any Account — Including Mark Zuckerberg’s

8 June 2026 dark6

A critical logic flaw in Instagram's web-based password reset flow exposed fully unredacted email addresses and phone numbers for any...

Read more 0

Malware

EDRChoker: New Red Team Tool Silences Cloud-Connected EDR Agents by Choking Network With Windows QoS

8 June 2026 dark6

A new open-source tool called EDRChoker throttles EDR agent network connections to 8 bps using Windows native Policy-Based QoS, effectively...

Read more 0

Cybercrime

Hackers Can Hijack Claude Code MCP Traffic to Steal OAuth Tokens — No Patch Coming

8 June 2026 dark6

Researchers at Mitiga Labs demonstrated a five-step npm supply chain attack that rewrites ~/.claude.json to redirect Claude Code MCP traffic...

Read more 0

Vulnerability

Microsoft Warns: Claude Code GitHub Action Exploitable via Prompt Injection to Leak CI/CD Secrets

8 June 2026 dark6

Microsoft Threat Intelligence disclosed a prompt injection flaw in the Claude Code GitHub Action that allowed attackers to access /proc/self/environ...

Read more 0

OpenAI Launches ChatGPT Lockdown Mode to Block Prompt Injection Data Exfiltration

8 June 2026 dark6

OpenAI has released ChatGPT Lockdown Mode, a new security feature that disables outbound network capabilities to cut off data exfiltration...

Read more 0

Critical HuggingFace Transformers Flaw CVE-2026-4372 Enables Silent RCE — 232 Million Installs at Risk

8 June 2026 dark6

A critical RCE vulnerability in HuggingFace Transformers (CVE-2026-4372) allows attackers to silently execute code by loading a malicious AI model,...

Read more 0

Vulnerability

CISA Warns: SolarWinds Serv-U CVE-2026-28318 Actively Exploited — Zero-Auth DoS Attack Hits File Transfer Platform

8 June 2026 dark6

CISA has added CVE-2026-28318, a zero-authentication denial-of-service flaw in SolarWinds Serv-U, to its Known Exploited Vulnerabilities catalog. Attackers can crash...

Read more 0

Vulnerability

CISA Adds Actively Exploited Linux Kernel CVE-2022-0492 to KEV Catalog — Patch Now

8 June 2026 dark6

CISA has added CVE-2022-0492, a Linux kernel improper authentication flaw, to its Known Exploited Vulnerabilities catalog. The vulnerability enables privilege...

Read more 0