Former U.S. School District IT Employee Sentenced to Prison for 21-Month Cyberattack Against Former Employer

320/69 Monday, June 15, 2026 A former IT employee of the Saydel Community School District in Des Moines, Iowa, has been sentenced to 21 months in federal prison after pleading guilty to computer fraud charges under the Computer Fraud and Abuse Act (CFAA). The attacks, which continued for more than 21 months, disrupted educational services, […]

sittisak mintaboon

June 15, 2026

Anthropic Suspends Latest AI Models Following U.S. Government Control Measures

319/69 Monday, June 15, 2026 Anthropic, one of the leading AI developers, has announced the temporary suspension of its latest AI models in order to comply with directives issued by the U.S. government. The measures are reportedly intended to prevent advanced AI technologies from being accessed or utilized by certain foreign nationals. This development marks […]

sittisak mintaboon

June 15, 2026

Splunk and Palo Alto Networks Release Patches for High-Severity Security Vulnerabilities

318/69 Friday, June 12, 2026 Splunk and Palo Alto Networks have released security updates addressing multiple vulnerabilities across their products, including several high-severity and critical flaws. These vulnerabilities could potentially allow attackers to create or modify files without authorization, as well as access or alter resources that should be restricted. Palo Alto Networks addressed CVE-2026-0274 […]

sittisak mintaboon

June 12, 2026

Researchers Disclose New GreatXML Vulnerability That May Bypass BitLocker Protections Through Windows Recovery Mode

317/69 Friday, June 12, 2026 Security researcher Chaotic Eclipse, also known as Nightmare Eclipse, has published a proof-of-concept (PoC) for a newly discovered vulnerability dubbed GreatXML, which may allow attackers to bypass BitLocker protections and obtain a SYSTEM-level command shell while Windows is running in Recovery Mode. The vulnerability was disclosed on June 10, 2026, […]

sittisak mintaboon

June 12, 2026

High-Severity Vulnerability in Langflow AI Development Platform Actively Exploited; Immediate Updates Recommended

316/69 Friday, June 12, 2026 Reports indicate that threat actors have begun exploiting a vulnerability in Langflow, a popular open-source drag-and-drop platform used for developing AI applications, AI agents, and Retrieval-Augmented Generation (RAG) systems. The vulnerability, tracked as CVE-2026-5027, allows attackers to write arbitrary files directly to servers running the platform. This poses a significant […]

sittisak mintaboon

June 12, 2026

Google Releases Emergency Update to Patch Actively Exploited Chrome Zero-Day Vulnerability

315/69 Thursday, June 11, 2026 Google Chrome has released an emergency security update to address an actively exploited zero-day vulnerability tracked as CVE-2026-11645. The flaw is the fifth Chrome zero-day vulnerability patched by Google since the beginning of 2026. Security updates are being rolled out for Windows and Linux (version 149.0.7827.102) and macOS (version 149.0.7827.103). […]

sittisak mintaboon

June 11, 2026

ServiceNow Releases Security Update After Vulnerability Used to Access Customer Instances Without Authorization

314/69 Thursday, June 11, 2026 ServiceNow has issued a security advisory after discovering that an unidentified threat actor exploited a vulnerability to gain access to certain customer ServiceNow instances with privileges exceeding those intended by the platform. The company stated that on June 5, 2026, it deployed a security update to affected hosted customer instances […]

sittisak mintaboon

June 11, 2026

Critical Vulnerability in Veeam Backup & Replication Could Allow Remote Code Execution

313/69 Thursday, June 11, 2026 Veeam has released a security update to address a critical vulnerability in its Veeam Backup & Replication software, an enterprise backup and recovery platform widely used by organizations. The vulnerability could allow an authenticated domain user to execute code remotely on a backup server, potentially enabling unauthorized access to and […]

sittisak mintaboon

June 11, 2026

Gogs Releases Patch for Zero-Day Vulnerability That Could Lead to Remote Code Execution

Gogs has released a patch to address a critical zero-day vulnerability that has not yet been assigned a CVE identifier. The flaw is an Argument Injection vulnerability that could allow attackers to execute code remotely on affected servers. The vulnerability affects all Gogs versions up to 0.14.2, including 0.15.0+dev, and has been fixed in version […]

chanapon

June 10, 2026

CISA Adds BerriAI LiteLLM and Check Point Security Gateway Vulnerabilities to KEV Catalog After Active Exploitation

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added two vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog after confirming that they have been actively exploited in attacks. The vulnerabilities are CVE-2026-42271 in BerriAI LiteLLM, a Command Injection flaw with a CVSS score of 8.7, and CVE-2026-50751 in Check Point Security Gateway, a Critical […]

chanapon

June 10, 2026
1 4 5 6 100