Sami Laiho
@samilaiho.com
📤 1639
📥 182
📝 3818
Keynote-speaker, Chief Research Officer, Microsoft MVP since 2011 More info:
https://samilaiho.com/
Palo Alto Warns of Active Exploitation of PAN-OS GlobalProtect VPN Flaw
thehackernews.com/2026/06/palo...
loading . . .
Palo Alto Warns of Active Exploitation of PAN-OS GlobalProtect VPN Flaw
Palo Alto says CVE-2026-0257 is being exploited to bypass PAN-OS GlobalProtect authentication and create unauthorized VPN sessions.
https://thehackernews.com/2026/06/palo-alto-warns-of-active-exploitation.html
about 17 hours ago
0
0
0
OptinMonster WordPress plugin hacked in CDN supply-chain attack
www.bleepingcomputer.com/news/securit...
loading . . .
OptinMonster WordPress plugin hacked in CDN supply-chain attack
WordPress plugins OptinMonster, TrustPulse, and PushEngage have been compromised in a supply-chain attack impacting Awesome Motive-s content distribution network (CDN).
https://www.bleepingcomputer.com/news/security/optinmonster-wordpress-plugin-hacked-in-cdn-supply-chain-attack/
about 17 hours ago
0
0
0
Cisco fixes SD-WAN vManage flaw exploited in zero-day attacks
www.bleepingcomputer.com/news/securit...
loading . . .
Cisco fixes SD-WAN vManage flaw exploited in zero-day attacks
Cisco has released security updates to address a vulnerability in the Catalyst SD-WAN Manager, tracked as CVE-2026-20262, that was exploited in attacks to escalate to root privileges.
https://www.bleepingcomputer.com/news/security/cisco-fixes-sd-wan-vmanage-flaw-exploited-in-zero-day-attacks/
about 17 hours ago
0
0
0
New attack turned Microsoft 365 Copilot into 1-click data theft tool
www.bleepingcomputer.com/news/securit...
loading . . .
New attack turned Microsoft 365 Copilot into 1-click data theft tool
A critical vulnerability chain dubbed SearchLeak in Microsoft 365 Copilot Enterprise could allow attackers to steal sensitive data from a target's mailbox, OneDrive, or SharePoint account through a sp...
https://www.bleepingcomputer.com/news/security/new-attack-turned-microsoft-365-copilot-into-1-click-data-theft-tool/
about 17 hours ago
0
0
3
Public and Private Medical Community Targeted by China-Nexus Threat Actor Pursuing Artificial Intelligence, Cyber, Medical, and National Defense Research
cloud.google.com/blog/topics/...
loading . . .
Public and Private Medical Community Targeted by China-Nexus Threat Actor Pursuing Artificial Intelligence, Cyber, Medical, and National Defense Research | Google Cloud Blog
UNC6508 leveraged Google Workspace compliance rules and REDCap vulnerabilities for intelligence collection.
https://cloud.google.com/blog/topics/threat-intelligence/prc-targets-us-medical-research/
about 17 hours ago
0
1
0
Travel Phishing and Cyber Attacks are Surging in 2026, Growing 122% over the last 3 years. Here’s What Cyber Criminals Are Actually Doing
blog.checkpoint.com/research/tra...
loading . . .
Travel Phishing and Cyber Attacks are Surging in 2026, Growing 122% over the last 3 years. Here's What Cyber Criminals Are Actually Doing - Check Point Blog Travel Phishing Scams Surge 122%: How Cyber...
Every summer, hundreds of millions of people book flights, reserve hotels, and plan vacations online. And every summer, cyber criminals show up to take %Travel cyberattacks have surged 122% since 2023...
https://blog.checkpoint.com/research/travel-phishing-and-cyber-attacks-are-surging-in-2026-growing-122-over-the-last-3-years-heres-what-cyber-criminals-are-actually-doing/
about 17 hours ago
0
0
0
Critical vulnerability in Splunk Enterprise URL:
advisory.splunk.com/advisories/S...
Classification: Critical, Solution: Official Fix, Exploit Maturity: Not Defined, CVSSv3.1: 9.8
loading . . .
Unauthenticated Arbitrary File Creation and Truncation in a PostgreSQL Sidecar Service Endpoint in Splunk Enterprise
In Splunk Enterprise 10.2 versions below 10.2.4 and 10 versions below 10.0.7, an unauthenticated user could create or truncate arbitrary files through a PostgreSQL sidecar service endpoint. The vulner...
https://advisory.splunk.com/advisories/SVD-2026-0603
about 22 hours ago
0
0
0
www.csoonline.com/article/4184...
loading . . .
GreatXML zero-day BitLocker bypass doesn’t seem to work, yet
Researcher’s feud with Microsoft continues to escalate with new Windows zero-day flaw that an experience vulnerability expert says doesn’t work as advertised.
https://www.csoonline.com/article/4184678/greatxml-zero-day-bitlocker-bypass-doesnt-seem-to-work-yet.html
2 days ago
0
2
1
ShinyHunters Claims Theft of 297GB of Council of Europe Data, Threatens Leak of 429,000 Files
www.ibtimes.sg/shinyhunters...
loading . . .
ShinyHunters Threatens Huge Council of Europe Data Dump, Claims Theft of 429,000 Files
ShinyHunters claims it stole 297GB of Council of Europe data, including HR, payroll and personal records and threatens to leak it after 16 June.
https://www.ibtimes.sg/shinyhunters-claims-theft-297gb-council-europe-data-threatens-leak-429000-files-87935
2 days ago
0
0
0
FBI disrupts massive AI-powered phishing service using a million URLs
www.bleepingcomputer.com/news/securit...
loading . . .
FBI disrupts massive AI-powered phishing service using a million URLs
In a coordinated effort, the FBI, working with Google and Black Lotus Labs, has dismantled a massive Chinese phishing-as-a-service operation called Outsider Enterprise with thousands of phishing websi...
https://www.bleepingcomputer.com/news/security/fbi-disrupts-massive-ai-powered-phishing-service-using-a-million-urls/
2 days ago
0
1
0
China-Linked Hackers Backdoored Linux Login Software to Hide for Nearly a Decade
thehackernews.com/2026/06/chin...
loading . . .
China-Linked Hackers Backdoored Linux Login Software to Hide for Nearly a Decade
Sygnia says Velvet Ant modified Linux PAM and OpenSSH components to steal credentials and maintain stealthy access since 2016.
https://thehackernews.com/2026/06/china-linked-hackers-backdoored-linux.html
3 days ago
0
4
1
Shai-Hulud Campaign Evolution: Miasma, Hades, and AI Scanner Evasion
www.zscaler.com/blogs/securi...
loading . . .
Shai-Hulud: Miasma, Hades, & AI Scanner Evasion | ThreatLabz
ThreatLabz examines how the Shai-Hulud campaign evolved from npm to PyPI, abused CI/CD trust paths, targeted IDE workflows, and introduced AI scanner evasion.
https://www.zscaler.com/blogs/security-research/shai-hulud-campaign-evolution-miasma-hades-and-ai-scanner-evasion
3 days ago
0
0
0
thehackernews.com/2026/06/ai-b...
loading . . .
AI Broke Vulnerability Management. That's Why CISOs Are Moving Budget to BAS.
AI cut exploit timelines to 24 hours in 2026 while patching takes 43 days, widening exposure and driving BAS adoption.
https://thehackernews.com/2026/06/ai-broke-vulnerability-management-thats.html
3 days ago
0
0
0
Vulnerabilities in OpenClaw URL:
github.com/openclaw/ope...
Classification: Critical, Solution: Official Fix, Exploit Maturity: Not Defined, CVSSv3.1: 9.8
loading . . .
Node pairing reconnection could confuse approval scope state
### Summary Node pairing reconnection could confuse approval scope state. In affected versions, a paired or reconnecting node session could mutate pairing state in a way that changed the approval ...
https://github.com/openclaw/openclaw/security/advisories/GHSA-83w9-h5wv-j9xm
3 days ago
1
0
0
Over 400 Arch Linux packages compromised to push rootkit, infostealer
www.bleepingcomputer.com/news/securit...
loading . . .
Over 400 Arch Linux packages compromised to push rootkit, infostealer
More than 400 packages in the Arch User Repository (AUR) are distributing a Linux rootkit and infostealer malware targeting credentials and access tokens.
https://www.bleepingcomputer.com/news/security/over-400-arch-linux-packages-compromised-to-push-rootkit-infostealer/
4 days ago
0
3
0
INTERPOL Operation Takes Down Sniper Dz Phishing Platform, Arrests Administrator
thehackernews.com/2026/06/inte...
loading . . .
INTERPOL Operation Takes Down Sniper Dz Phishing Platform, Arrests Administrator
INTERPOL-led Operation Ramz disrupted Sniper Dz, a free phishing-as-a-service platform active since 2015 with 45,000 victim records and 20,000+ domain
https://thehackernews.com/2026/06/interpol-takes-down-sniper-dz-phishing.html
4 days ago
0
1
0
OceanLotus: From external espionage to domestic targeting
www.welivesecurity.com/en/eset-rese...
loading . . .
OceanLotus: From external espionage to domestic targeting
ESET researchers show how OceanLotus, a Vietnam-aligned APT group, has put an increasing focus on domestic espionage between 2024 and 2026.
https://www.welivesecurity.com/en/eset-research/oceanlotus-external-espionage-domestic-targeting/
4 days ago
0
0
0
Marking Your Own Homework (Check Point Remote Access VPN IKEv1 Authentication Bypass CVE-2026-50751)
labs.watchtowr.com/marking-your...
loading . . .
Marking Your Own Homework (Check Point Remote Access VPN IKEv1 Authentication Bypass CVE-2026-50751)
It is yet another day in this parallel universe of security, where the devices we bolt onto the edge of our networks to keep the bad people out are, with remarkable consistency, the exact thing that l...
https://labs.watchtowr.com/marking-your-own-homework-check-point-remote-access-vpn-ikev1-authentication-bypass-cve-2026-50751/
4 days ago
0
2
0
www.theregister.com/cyber-crime/...
loading . . .
ShinyHunters hacked 100+ orgs by exploiting an Oracle PeopleSoft 0-day
University of Nottingham is first of many, Shiny tells The Reg
https://www.theregister.com/cyber-crime/2026/06/11/shinyhunters-claims-oracle-peoplesoft-0-day-hit-100-orgs/5254443
4 days ago
0
1
0
Vulnerability in AWS Common Runtime aws-c-http library URL:
aws.amazon.com/security/sec...
Classification: Critical, Solution: Official Fix, Exploit Maturity: Not Defined, CVSSv3.1: 8.8
loading . . .
CVE-2026-12043 - Heap double-free in AWS Common Runtime aws-c-http
https://aws.amazon.com/security/security-bulletins/2026-043-aws/
4 days ago
0
0
0
Critical vulnerabilities in vm2 URL:
github.com/patriksimek/...
Classification: Critical, Solution: Official Fix, Exploit Maturity: Not Defined, CVSSv3.1: 10.0
loading . . .
Sandbox Escape
### Summary By combining `Buffer.call.call({}.__lookupGetter__, Buffer, "__proto__")`, `Buffer.call.call({}.__lookupSetter__, Buffer, "__proto__")`, and Node.js's `ERR_INVALID_ARG_TYPE` Error, the...
https://github.com/patriksimek/vm2/security/advisories/GHSA-v6mx-mf47-r5wg
4 days ago
0
1
0
Microsoft's worst 'Nightmare' unleashes BitLocker bypass 0-day
www.theregister.com/security/202...
loading . . .
Microsoft's worst 'Nightmare' unleashes BitLocker bypass 0-day
Another day, another Windows exploit code
https://www.theregister.com/security/2026/06/11/nightmare-eclipse-drops-claimed-bitlocker-bypass-for-microsoft-windows/5254371
5 days ago
0
3
0
GitHub to Disable npm Install Scripts by Default to Stop Supply Chain Attacks
thehackernews.com/2026/06/gith...
loading . . .
GitHub to Disable npm Install Scripts by Default to Stop Supply Chain Attacks
npm 12 disables install scripts by default, requiring explicit approval to reduce dependency-based code execution risks.
https://thehackernews.com/2026/06/github-to-disable-npm-install-scripts.html
5 days ago
0
1
1
Coupang hit with record $409 million data breach fine in Korea
www.bleepingcomputer.com/news/securit...
loading . . .
Coupang hit with record $409 million data breach fine in Korea
The Personal Information Protection Commission (PIPC), South Korea's data protection regulator, has fined e-commerce giant Coupang a record 624.6 billion won (roughly $409 million) following a massi...
https://www.bleepingcomputer.com/news/security/south-korea-hits-coupang-with-record-409-million-fine-over-data-breach/
5 days ago
0
1
0
Chinese, N. Korean Threat Groups Build on Asia-Pacific Success
www.darkreading.com/cyberattacks...
loading . . .
Chinese, N. Korean Threat Groups Build on Asia-Pacific Success
North Korea's gross domestic product (GDP) has grown, in part because of the cybercrime gains of groups linked to the nation.
https://www.darkreading.com/cyberattacks-data-breaches/chinese-korean-threat-groups-asia-pacific-success
5 days ago
0
0
0
From SQLi to RCE – Exploiting LangGraph’s Checkpointer
research.checkpoint.com/2026/from-sq...
loading . . .
From SQLi to RCE - Exploiting LangGraph’s Checkpointer - Check Point Research
By Yarden Porat AI agents need memory. Frameworks like LangGraph provide it through checkpointers – persistence layers that store execution state. But what happens when that persistence layer isn’t lo...
https://research.checkpoint.com/2026/from-sqli-to-rce-exploiting-langgraphs-checkpointer/
5 days ago
0
0
0
ShinyHunters Targets Education Sector with Oracle PeopleSoft Exploit
cloud.google.com/blog/topics/...
loading . . .
ShinyHunters Targets Education Sector with Oracle PeopleSoft Exploit | Google Cloud Blog
An active compromise and extortion campaign attributed to ShinyHunters targeting Oracle PeopleSoft with a zero-day exploit.
https://cloud.google.com/blog/topics/threat-intelligence/shinyhunters-targets-education-sector-oracle-exploit/
5 days ago
0
0
0
Naxclow IoT Platform URL:
www.cisa.gov/news-events/...
Classification: Critical, Solution: Official Fix, Exploit Maturity: Not Defined, CVSSv3.1: 9.8
loading . . .
Naxclow IoT Platform | CISA
https://www.cisa.gov/news-events/ics-advisories/icsa-26-162-02
5 days ago
0
0
0
Yarbo Android/iOS Mobile Application and Cloud Infrastructure URL:
www.cisa.gov/news-events/...
Classification: Critical, Solution: Official Fix, Exploit Maturity: Not Defined, CVSSv3.1: 9.8
loading . . .
Yarbo Android/iOS Mobile Application and Cloud Infrastructure | CISA
https://www.cisa.gov/news-events/ics-advisories/icsa-26-162-01
5 days ago
0
0
0
Google Chrome Stable Channel Update for Desktop URL:
chromereleases.googleblog.com/2026/06/stab...
Classification: Critical, Solution: Official Fix, Exploit Maturity: Not Defined, CVSSv3.1: None
loading . . .
Stable Channel Update for Desktop
The Stable channel has been updated to 149.0.7827.114/.115 for Windows and Mac and 149.0.7827.114 for Linux, which will roll out over the c...
https://chromereleases.googleblog.com/2026/06/stable-channel-update-for-desktop_01962725236.html
5 days ago
0
0
0
crypton-x509-validation Haskell libraries do not enforce X.509 NameConstraints URL:
kb.cert.org/vuls/id/862559
Classification: Critical, Solution: Official Fix, Exploit Maturity: Not Defined, CVSSv3.1: 9.1
loading . . .
CERT/CC Vulnerability Note VU#862559
crypton-x509-validation Haskell libraries do not enforce X.509 NameConstraints
https://kb.cert.org/vuls/id/862559
5 days ago
0
1
0
Oracle Security Alert Advisory - PeopleSoft PeopleTools URL:
www.oracle.com/security-ale...
Classification: Critical, Solution: Official Fix, Exploit Maturity: High, CVSSv3.1: 9.8
loading . . .
https://www.oracle.com/security-alerts/alert-cve-2026-35273.html
5 days ago
0
0
0
techcommunity.microsoft.com/blog/windows...
loading . . .
The Windows Admin Center: Virtualization Mode public preview build has been updated! | Microsoft Community Hub
Thank you for your continued support and engagement with the Virtualization Mode (vMode) public preview! Your testing and feedback are integral to making a...
https://techcommunity.microsoft.com/blog/windows-admin-center-blog/the-windows-admin-center-virtualization-mode-public-preview-build-has-been-updat/4527304
6 days ago
0
0
0
Cybercriminals: the 'auditors' you never hired
www.welivesecurity.com/en/business-...
loading . . .
Cybercriminals: the 'auditors' you never hired
Every organisation gets audited. The question is who does the auditing.
https://www.welivesecurity.com/en/business-security/cybercriminals-auditors-never-hired/
6 days ago
0
0
0
Path traversal flaw in AI dev platform Langflow exploited in attacks
www.bleepingcomputer.com/news/securit...
loading . . .
Path traversal flaw in AI dev platform Langflow exploited in attacks
Attackers are actively exploiting CVE-2026-5027, a high-severity path traversal vulnerability in the AI development platform Langflow, to write arbitrary files on exposed servers.
https://www.bleepingcomputer.com/news/security/path-traversal-flaw-in-ai-dev-platform-langflow-exploited-in-attacks/
6 days ago
0
0
0
Microsoft Defender RoguePlanet Zero-Day Grants SYSTEM Access on Updated Windows
thehackernews.com/2026/06/micr...
loading . . .
Microsoft Defender RoguePlanet Zero-Day Grants SYSTEM Access on Updated Windows
A RoguePlanet PoC exploit targets a Microsoft Defender zero-day race condition and can produce a SYSTEM-level shell when successful.
https://thehackernews.com/2026/06/microsoft-defender-rogueplanet-zero-day.html
6 days ago
0
1
0
More Evidence That Words Don't Mean What We Thought They Meant (Ivanti Sentry Pre-Auth OS Command Injection CVE-2026-10520)
labs.watchtowr.com/more-evidenc...
loading . . .
More Evidence That Words Don't Mean What We Thought They Meant (Ivanti Sentry Pre-Auth OS Command Injection CVE-2026-10520)
Today, Ivanti published an advisory. “No way?” we hear you say. "Yes way!" Today’s advisory outlines two vulnerabilities in Ivanti’s Sentry product, appealing directly to our inner desire for sophis...
https://labs.watchtowr.com/more-evidence-that-words-dont-mean-what-we-thought-they-meant-ivanti-sentry-pre-auth-os-command-injection-cve-2026-10520/
6 days ago
0
0
0
Ivanti: Max severity Sentry flaw allows code execution as root
www.bleepingcomputer.com/news/securit...
loading . . .
Ivanti: Max severity Sentry flaw allows code execution as root
Ivanti has patched two critical vulnerabilities in its Sentry secure mobile gateway solution, including a maximum-severity flaw that enables remote attackers to execute code with root privileges.
https://www.bleepingcomputer.com/news/security/new-max-severity-ivanti-sentry-flaw-allows-code-execution-as-root/
6 days ago
0
0
0
techcommunity.microsoft.com/blog/windows...
loading . . .
Share the Moment: Listen Together with Shared Audio | Microsoft Community Hub
I was traveling with a friend on a long flight when I asked them if they wanted to watch a movie with me on my laptop. We both pulled out our earbuds and...
https://techcommunity.microsoft.com/blog/windowsosplatform/share-the-moment-listen-together-with-shared-audio/4522401
6 days ago
0
0
0
Schneider Electric Modicon Network Managed Switches URL:
www.cisa.gov/news-events/...
Classification: Critical, Solution: Workaround, Exploit Maturity: Not Defined, CVSSv3.1: 9.0
loading . . .
Schneider Electric Modicon Network Managed Switches | CISA
https://www.cisa.gov/news-events/ics-advisories/icsa-26-160-01
6 days ago
0
0
0
Adobe Latest Product Security Updates URL:
helpx.adobe.com/security/Hom...
loading . . .
https://helpx.adobe.com/security/Home.html
6 days ago
0
0
0
krebsonsecurity.com/2026/06/who-...
loading . . .
Who Runs the Ransomware Group ‘The Gentlemen?’
A cybercrime group known as The Gentlemen has emerged as the second most active ransomware gang by victim count, rapidly attracting a talented pool of hackers through an aggressive recruitment strateg...
https://krebsonsecurity.com/2026/06/who-runs-the-ransomware-group-the-gentlemen/
7 days ago
0
0
0
Technical Analysis of MLTBackdoor
www.zscaler.com/blogs/securi...
loading . . .
Technical Analysis of MLTBackdoor | ThreatLabz
MLTBackdoor is a new malware family that provides post-exploitation capabilities on demand and likely used by an initial access broker for ransomware attacks.
https://www.zscaler.com/blogs/security-research/technical-analysis-mltbackdoor
7 days ago
0
0
0
Chrome V8 Zero-Day CVE-2026-11645 Exploited in the Wild - Patch Now
thehackernews.com/2026/06/chro...
loading . . .
Chrome V8 Zero-Day CVE-2026-11645 Exploited in the Wild - Patch Now
Google released security updates for 74 Chrome vulnerabilities, including CVE-2026-11645, a high-severity V8 out-of-bounds memory access flaw.
https://thehackernews.com/2026/06/chrome-v8-zero-day-cve-2026-11645.html
7 days ago
0
0
0
Veeam Backup & Replication RCE Flaw Lets Domain Users Run Remote Code
thehackernews.com/2026/06/veea...
loading . . .
Veeam Backup & Replication RCE Flaw Lets Domain Users Run Remote Code
Veeam fixes CVE-2026-44963 RCE in 12 builds, blocking authenticated domain users from attacking backup servers.
https://thehackernews.com/2026/06/veeam-backup-replication-rce-flaw-lets.html
7 days ago
0
1
0
www.bleepingcomputer.com/news/securit...
loading . . .
ServiceNow discloses security incident exposing customer data
ServiceNow is warning about a security incident after attackers exploited an unauthenticated access flaw through a vulnerable API endpoint, allowing them to query data from customer instances.
https://www.bleepingcomputer.com/news/security/servicenow-discloses-security-incident-exposing-customer-data/
7 days ago
0
1
0
Security Advisory Ivanti Sentry URL:
hub.ivanti.com/s/article/Se...
Classification: Critical, Solution: Official Fix, Exploit Maturity: Not Defined, CVSSv3.1: 10.0
loading . . .
Ivanti Innovators Hub
https://hub.ivanti.com/s/article/Security-Advisory-Ivanti-Sentry-CVE-2026-10520-CVE-2026-10523?language=en_US
7 days ago
0
0
0
FortiSandbox Second-Order OS Command Injection via JSON Input on start vnc feature URL:
fortiguard.fortinet.com/psirt/FG-IR-...
Classification: Critical, Solution: Official Fix, Exploit Maturity: Not Defined, CVSSv3.1: 9.1
loading . . .
PSIRT | FortiGuard Labs
None
https://fortiguard.fortinet.com/psirt/FG-IR-26-141
7 days ago
0
0
0
SAP Security Patch Day - June 2026 URL:
support.sap.com/en/my-suppor...
Classification: Critical, Solution: Official Fix, Exploit Maturity: Not Defined, CVSSv3.1: 9.8
loading . . .
SAP Security Patch Day - June 2026
SAP security Patch Day Bulletin
https://support.sap.com/en/my-support/knowledge-base/security-notes-news/june-2026.html
7 days ago
0
0
0
Google Chrome Stable Channel Update for Desktop URL:
chromereleases.googleblog.com/2026/06/stab...
Classification: Critical, Solution: Official Fix, Exploit Maturity: Functional, CVSSv3.1: None
loading . . .
Stable Channel Update for Desktop
The Stable channel has been updated to 149.0.7827.102/.103 for Windows and Mac and 149.0.7827.102 for Linux, which will roll out over the ...
https://chromereleases.googleblog.com/2026/06/stable-channel-update-for-desktop_0153744567.html
7 days ago
0
0
0
Load more
feeds!
log in
