Hot stuff

CISA orders federal agencies to “patch smarter”

CISA orders federal agencies to “patch smarter” 2026-06-11 at 20:18 By Zeljka Zorz The US Cybersecurity and Infrastructure Security Agency (CISA) has issued a Binding Operational Directive that will change how the US federal government approaches vulnerability management. The directive arrives as the patching problem has become nearly unmanageable, driven by a surge in newly […]

CISA orders federal agencies to “patch smarter” Read More »

Oracle PeopleSoft servers under attack, Oracle pushes out-of-band security alert

Oracle PeopleSoft servers under attack, Oracle pushes out-of-band security alert 2026-06-11 at 15:41 By Zeljka Zorz A zero-day vulnerability (CVE-2026-35273) in Oracle PeopleSoft PeopleTools is being exploited in the wild, Charles Carmakal, CTO at cybersecurity firm Mandiant, part of Google Cloud, warned today. The warning comes a day after Oracle published an out-of-band security alert

Oracle PeopleSoft servers under attack, Oracle pushes out-of-band security alert Read More »

Critical Ivanti Sentry flaw allows root-level remote code execution (CVE-2026-10520)

Critical Ivanti Sentry flaw allows root-level remote code execution (CVE-2026-10520) 2026-06-10 at 17:24 By Zeljka Zorz Ivanti has patched two critical vulnerabilities (CVE-2026-10520 and CVE-2026-10523) in Ivanti Sentry and has urged customers to implement the fix right away. Though the vulnerabilities are not known to be actively exploited, security researchers have already released technical details

Critical Ivanti Sentry flaw allows root-level remote code execution (CVE-2026-10520) Read More »

Record Microsoft Patch Tuesday, fresh zero-day

Record Microsoft Patch Tuesday, fresh zero-day 2026-06-10 at 14:23 By Zeljka Zorz Microsoft marked its largest-ever Patch Tuesday this month, by shipping fixes for nearly 200 vulnerabilities. Within hours, “Nightmare Eclipse”, the researcher behind weeks of escalating Windows exploit releases, dropped a proof-of-concept exploit for a new zero-day: “RoguePlanet”, which abuses a race condition in

Record Microsoft Patch Tuesday, fresh zero-day Read More »

LiteLLM vulnerability under active attack, CISA warns (CVE-2026-42271)

LiteLLM vulnerability under active attack, CISA warns (CVE-2026-42271) 2026-06-09 at 15:21 By Zeljka Zorz A command injection vulnerability (CVE-2026-42271) in BerryAI’s LiteLLM open-source AI gateway is being exploited by attackers, the US Cybersecurity and Infrastructure Security Agency (CISA) confirmed by adding the flaw to its Known Exploited Vulnerabilities catalog on Monday. About CVE-2026-42271 LiteLLM is

LiteLLM vulnerability under active attack, CISA warns (CVE-2026-42271) Read More »

The architecture of subtraction: Why it’s time to erase the roads, not just map the traffic

The architecture of subtraction: Why it’s time to erase the roads, not just map the traffic 2026-06-09 at 09:42 By Help Net Security The advent of AI-assisted vulnerability discovery and autonomous exploit development has brought about a new age in cybersecurity—one in which we can no longer rely on patching as a primary defense mechanism.

The architecture of subtraction: Why it’s time to erase the roads, not just map the traffic Read More »

Malware ships with bugs that defenders could use against it

Malware ships with bugs that defenders could use against it 2026-06-09 at 08:46 By Anamarija Pogorelec Static analysis tools have spent years scanning legitimate software for security bugs before it goes out the door. The same scanners work on malware, and malware carries a steady supply of its own bugs. Researchers ran four of these

Malware ships with bugs that defenders could use against it Read More »

Qilin ransomware affiliate exploited Check Point VPN zero-day (CVE-2026-50751)

Qilin ransomware affiliate exploited Check Point VPN zero-day (CVE-2026-50751) 2026-06-08 at 16:16 By Zeljka Zorz A Qilin ransomware affiliate is believed to be exploiting CVE-2026-50751, an authentication bypass vulnerability in Check Point VPN Remote Access and Mobile Access, the company announced on Monday. About CVE-2026-50751 Check Point Remote Access VPN enables and secures connections between

Qilin ransomware affiliate exploited Check Point VPN zero-day (CVE-2026-50751) Read More »

CISA: Patch actively exploited SolarWinds Serv-U DoS vulnerability (CVE-2026-28318)

CISA: Patch actively exploited SolarWinds Serv-U DoS vulnerability (CVE-2026-28318) 2026-06-08 at 14:07 By Zeljka Zorz A vulnerability (CVE-2026-28318) that can be exploited to crash SolarWinds Serv-U file transfer servers is being leveraged by attackers in the wild, the US Cybersecurity and Infrastructure Security Agency (CISA) confirmed on Friday. The agency has ordered US federal civilian

CISA: Patch actively exploited SolarWinds Serv-U DoS vulnerability (CVE-2026-28318) Read More »

DockSec: Open-source AI-powered Docker security scanner

DockSec: Open-source AI-powered Docker security scanner 2026-06-08 at 13:09 By Mirko Zorz DockSec is an OWASP Incubator Project that combines three container security scanners with a language-model layer for explanation and remediation. Created by Advait Patel, the Python tool runs Trivy, Hadolint, and Docker Scout against a developer’s Dockerfile and image, correlates the findings, returns

DockSec: Open-source AI-powered Docker security scanner Read More »

Cisco SD-WAN 0-day exploited, no patch available (CVE-2026-20245)

Cisco SD-WAN 0-day exploited, no patch available (CVE-2026-20245) 2026-06-05 at 15:49 By Zeljka Zorz A 0-day privilege escalation vulnerability (CVE-2026-20245) in Cisco Catalyst SD-WAN Manager that has yet to be patched by Cisco is being leveraged by attackers. “To exploit this vulnerability, an attacker must have netadmin privileges on an affected system. This would require

Cisco SD-WAN 0-day exploited, no patch available (CVE-2026-20245) Read More »

AgentGG: Open-source agentic SAST scanner

AgentGG: Open-source agentic SAST scanner 2026-06-05 at 09:24 By Mirko Zorz Static analysis tools have spent years matching source code against known-bad patterns and handing engineers long lists of candidate issues to triage by hand. AgentGG approaches the same job with AI agents that read the code, follow imports, walk the call graph, and confirm

AgentGG: Open-source agentic SAST scanner Read More »

Spotless compliance evidence can still hide a broken control

Spotless compliance evidence can still hide a broken control 2026-06-04 at 09:26 By Mirko Zorz In this interview with Help Net Security, Marc Rubbinaccio, Head of Cybersecurity and Compliance at Secureframe, explains where security teams go wrong when preparing for CMMC and FedRAMP 20x. The conversation covers how organizations check the 110 requirements but miss

Spotless compliance evidence can still hide a broken control Read More »

Attackers already know the secrets are on your developers’ machines. Do you?

Attackers already know the secrets are on your developers’ machines. Do you? 2026-06-04 at 09:26 By Help Net Security In a recent GitGuardian analysis, an average of 150 secrets were found on a sample of developer endpoints. Private keys accounted for 38% of unique secrets, while cloud, identity provider, and secret management credentials (AWS IAM,

Attackers already know the secrets are on your developers’ machines. Do you? Read More »

Autonomous AI-driven worm can reason its way through corporate networks

Autonomous AI-driven worm can reason its way through corporate networks 2026-06-03 at 20:20 By Zeljka Zorz Researchers at the University of Toronto, the Vector Institute, and the University of Cambridge have built and tested a proof-of-concept AI-driven worm that does not operate on a fixed list of exploits. Instead, it analyzes each target it encounters,

Autonomous AI-driven worm can reason its way through corporate networks Read More »

Only 11% of production agents pass the AI agent security bar

Only 11% of production agents pass the AI agent security bar 2026-06-03 at 14:00 By Mirko Zorz Enterprise teams are running AI agents that write code, drive browsers, answer customer calls, manage cloud infrastructure, and query data warehouses with standing credentials. A new independent assessment of 100 production agents finds that nearly all of them

Only 11% of production agents pass the AI agent security bar Read More »

Google fixes actively exploited Android vulnerability (CVE-2025-48595)

Google fixes actively exploited Android vulnerability (CVE-2025-48595) 2026-06-02 at 15:17 By Zeljka Zorz Google has announced the June 2026 Android security updates, which fix a bucketload of vulnerabilities, including a high-severity vulnerability (CVE-2025-48595) in the Android Framework that “may be under limited, targeted exploitation.” About CVE-2025-48595 CVE-2025-48595 is an integer overflow vulnerability in the Android

Google fixes actively exploited Android vulnerability (CVE-2025-48595) Read More »

Zero trust physical security needs trust decisions at the edge

Zero trust physical security needs trust decisions at the edge 2026-06-02 at 09:09 By Mirko Zorz In this interview with Help Net Security, Chuck Davis, VP, Global Information Security at Hikvision, explains how zero trust applies to physical security systems like cameras and door controllers. He breaks down how to make trust decisions at the

Zero trust physical security needs trust decisions at the edge Read More »

Why you need BAS and autonomous pentesting together

Why you need BAS and autonomous pentesting together 2026-06-02 at 09:09 By Help Net Security Most security teams know the drill: A new autonomous penetration testing tool gets deployed, and the first run is genuinely impressive. The dashboard surfaces critical findings, maps lateral movement paths nobody had documented before, and exposes a legacy service account

Why you need BAS and autonomous pentesting together Read More »

Windows Netlogon RCE exploited, domain controllers at risk (CVE-2026-41089)

Windows Netlogon RCE exploited, domain controllers at risk (CVE-2026-41089) 2026-06-01 at 17:17 By Zeljka Zorz CVE-2026-41089, a critical Windows Netlogon RCE flaw that allows remote code execution, is now actively exploited in the wild, the Centre for Cybersecurity Belgium (CCB) warned on Friday. About CVE-2026-41089 CVE-2026-41089 is a stack-based buffer overflow vulnerability in Windows Netlogon,

Windows Netlogon RCE exploited, domain controllers at risk (CVE-2026-41089) Read More »

Scroll to Top