Latest news

Microsoft Secure Boot Certificates Expire — Over a Billion PCs and Linux Systems at Risk
Vulnerability

Microsoft Secure Boot Certificates Expire — Over a Billion PCs and Linux Systems at Risk

26 June 2026 dark6

Microsoft's original Secure Boot certificates have begun expiring as of June 24, 2026, affecting over a billion UEFI-capable PCs worldwide....
Read more 0
State-Sponsored Hackers Exploit Cisco Catalyst SD-WAN Manager Zero-Day to Gain Root Access
Vulnerability

State-Sponsored Hackers Exploit Cisco Catalyst SD-WAN Manager Zero-Day to Gain Root Access

25 June 2026 dark6

A state-sponsored threat actor exploited zero-day CVE-2026-20245 in Cisco Catalyst SD-WAN Manager to gain root access via a malicious CSV...
Read more 0
CISA Flags Actively Exploited Ubiquiti UniFi OS Vulnerabilities — Patch Deadline June 26
Vulnerability

CISA Flags Actively Exploited Ubiquiti UniFi OS Vulnerabilities — Patch Deadline June 26

25 June 2026 dark6

CISA has added three Ubiquiti UniFi OS vulnerabilities to its KEV catalog following confirmed active exploitation. Federal agencies must patch...
Read more 0
Eight-Year-Old Samsung KNOX Flaw Exposed Hundreds of Millions of Galaxy Devices to Kernel Attacks
Vulnerability

Eight-Year-Old Samsung KNOX Flaw Exposed Hundreds of Millions of Galaxy Devices to Kernel Attacks

24 June 2026 dark6

A critical use-after-free vulnerability in Samsung's KNOX PROCA subsystem — undetected for 8 years — could allow kernel-level compromise on...
Read more 0
DifyTap: Critical Flaws in AI Platform Dify Allow Silent Wiretapping of AI Conversations Across 1M+ Apps
Vulnerability

DifyTap: Critical Flaws in AI Platform Dify Allow Silent Wiretapping of AI Conversations Across 1M+ Apps

24 June 2026 dark6

Researchers at Zafran disclosed four vulnerabilities in Dify — including two critical CVSS 9+ flaws — that let attackers silently...
Read more 0
Squidbleed: 29-Year-Old Squid Proxy Vulnerability Leaks Passwords and API Keys from Other Users
Vulnerability

Squidbleed: 29-Year-Old Squid Proxy Vulnerability Leaks Passwords and API Keys from Other Users

23 June 2026 dark6

A critical heap overread vulnerability in Squid Proxy, dubbed Squidbleed, has gone undetected since 1997. Discovered with the help of...
Read more 0
SiderAI and MaxAI Chrome Extensions Expose 10 Million Users to Full Browser Compromise
Vulnerability

SiderAI and MaxAI Chrome Extensions Expose 10 Million Users to Full Browser Compromise

22 June 2026 dark6

Critical vulnerabilities dubbed Spyder and MaXSS have been discovered in the SiderAI and MaxAI Chrome extensions, which together are installed...
Read more 0
CVSS 9.1: Critical Cisco ISE Vulnerabilities Enable Remote Code Execution and Unauthenticated Data Theft
Vulnerability

CVSS 9.1: Critical Cisco ISE Vulnerabilities Enable Remote Code Execution and Unauthenticated Data Theft

19 June 2026 dark6

Cisco has disclosed two critical vulnerabilities in its Identity Services Engine (ISE) — CVE-2026-20181 (RCE, CVSS 9.1) and CVE-2026-20190 (unauthenticated...
Read more 0
CVE-2026-50656: Microsoft Confirms Defender ‘RoguePlanet’ Zero-Day — No Patch Available Yet
Vulnerability

CVE-2026-50656: Microsoft Confirms Defender ‘RoguePlanet’ Zero-Day — No Patch Available Yet

19 June 2026 dark6

Microsoft has confirmed CVE-2026-50656, a zero-day TOCTOU race condition in Microsoft Defender dubbed 'RoguePlanet,' that allows low-privilege attackers to escalate...
Read more 0
usbliter8: New iPhone BootROM Vulnerability Exposes A12/A13 Apple SoCs to Full Chain-of-Trust Compromise
Vulnerability

usbliter8: New iPhone BootROM Vulnerability Exposes A12/A13 Apple SoCs to Full Chain-of-Trust Compromise

19 June 2026 dark6

Security researchers have disclosed 'usbliter8,' a critical hardware-level BootROM vulnerability affecting Apple devices with A12, S4/S5, and A13 SoCs. The...
Read more 0
FortiBleed: Over 73,000 Fortinet Firewalls Compromised Across 194 Countries in Massive Credential Attack
Vulnerability

FortiBleed: Over 73,000 Fortinet Firewalls Compromised Across 194 Countries in Massive Credential Attack

18 June 2026 dark6

A devastating cyber espionage campaign dubbed 'FortiBleed' has silently compromised over 73,932 unique Fortinet firewall URLs spanning 194 countries. Discovered...
Read more 0
Critical Fortinet FortiSandbox Vulnerabilities Actively Exploited in the Wild
Vulnerability

Critical Fortinet FortiSandbox Vulnerabilities Actively Exploited in the Wild

17 June 2026 dark6

Threat actors are actively exploiting three critical Fortinet FortiSandbox vulnerabilities — including CVE-2026-39813, which has no prior exploitation history. All...
Read more 0