Security & Risk
50 analyses
The U.S. federal agency set Sunday as the deadline for government entities to apply the CVE-2026-20230 patch, a server-side request forgery (SSRF) vulnerability in Cisco Unified Communications Manager that has already been exploited by attackers since the weekend of June 21 and 22.
CVE-2026-20230 in Cisco Unified Communications Manager and CVE-2026-12569 in PTC Windchill reach the federal deadline from CISA this Monday with confirmed active exploitation. The Cisco vulnerability opens a route to root; the Windchill vulnerability installs web shells on global industrial PLM platforms.
The U.S. agency added CVE-2026-12569 in Windchill (CVSS 10.0) and CVE-2026-20230 in Cisco UCM on June 25, both with webshells observed in production and a remediation deadline of July 16.
The Indian automaker, owner of the third-largest global motorcycle fleet, reported to SEBI an attack that affected its parent company and technical subsidiary. CERT-In has been alerted, and no cybercriminal group has claimed responsibility for the attack as of the publication of this article.
Indiana confirms incident but does not comment on ransom demand. Group claims to have published 204,341 files (630 GB) including iPhone schematics and Model Y charger diagrams.
Pre-authentication flaw in the PostgreSQL sidecar of Splunk Enterprise is being exploited in attacks. CISA's deadline expired on Sunday, June 21, and the watchTowr exploit is already in circulation.
A researcher identified a database with functional credentials for nearly 87,000 FortiGate devices across 21,600 domains, including Samsung, Mercedes-Benz, Chevron, and Accenture. The campaign remains active, according to SOCRadar.
Researcher Bob Diachenko found a database with 73,932 exposed Fortinet devices impacting Oracle, Siemens, Accenture, and PwC. Fortinet denies zero-day, CISA issues alert.
In 84 minutes, attackers reposted the @mastra scope on npm with the malicious dependency easy-day-js. @mastra/core accumulates around 4 million downloads per month. Tradecraft points to the North Korean group BlueNoroff.
Group claims to have exfiltrated 429,000 files from the Strasbourg-based organization by exploiting CVE-2026-35273 (CVSS 9.8). The Council states it is investigating; Oracle releases patch in June bulletin.
Group UNC6508 exploited REDCap servers and deployed INFINITERED malware in military, medical, and AI research networks between September 2023 and November 2025, according to the Google Threat Intelligence Group.
The group claims to have exfiltrated HR data, payroll records, and 409,000 pay slips since 2011. The Council of Europe had not publicly commented by the time of this report.