MUST READ

Cisco fixed a critical ISE vulnerability that lets attackers to gain root access

 | 

F5 Patches Critical NGINX Vulnerabilities Enabling Unauthenticated Code Execution

 | 

Microsoft Confirms RoguePlanet Zero-Day in Defender, Patch Under Development

 | 

FortiBleed Exposes Admin Passwords for 75,000 Fortinet Firewalls

 | 

DragonForce Hid Inside Microsoft Teams and Nobody Noticed for Two Months

 | 

U.S. CISA adds Widget Factory Joomla Content Editor flaw to its Known Exploited Vulnerabilities catalog

 | 

New Rokarolla Android Trojan Targets 217 Banking and Crypto Apps

 | 

EdTech Faces a Cybersecurity Crisis: Data Breaches Surge

 | 

FulcrumSec Targets Novo Nordisk, Leaks Clinical and Research Data

 | 

China-Linked FishMonger Ports SprySOCKS to Windows With Kernel-Level Stealth and UEFI Bootkit Hints

 | 

iRhythm Hit by Cyberattack, Patient Data Stolen and Ransom Demanded

 | 

Fortinet Warned as Three Critical FortiSandbox Bugs Come Under Attack

 | 

CVE-2026-20262: CISCO Catalyst SD-WAN Flaw Under Active Targeted Exploitation

 | 

U.S. CISA adds Cisco Catalyst and LiteSpeed cPanel plugin flaws to its Known Exploited Vulnerabilities catalog

 | 

China-linked actor spent two years inside medical research networks

 | 

Australian Sugar Producer Mackay Sugar Reports Cyber Incident

 | 

Novo Nordisk Confirms Data Theft: What Attackers Took and What They Didn't

 | 

Palo Alto Warns of Exploitation of VPN Bypass Exploits (CVE-2026-0257) in PAN-OS Flaw

 | 

Supply Chain Attack Hits Popular WordPress Plugins Through Awesome Motive CDN

 | 

Infostealers, AI, and a 90% Affiliate Cut Fuel The Gentlemen group’s Rise

 | 

Hacking

Pierluigi Paganini June 16, 2026
iRhythm Hit by Cyberattack, Patient Data Stolen and Ransom Demanded

iRhythm disclosed a cyberattack via third-party apps where patient and proprietary data was stolen, followed by a ransom demand. iRhythm Technologies is a U.S.-based digital healthcare company specializing in remote cardiac monitoring and arrhythmia detection. Its best-known product is the Zio, a wearable patch that continuously records a patient’s heart rhythm for up to several […]

Pierluigi Paganini June 16, 2026
Fortinet Warned as Three Critical FortiSandbox Bugs Come Under Attack

Three FortiSandbox flaws, including one patched last week, are being actively exploited, highlighting the shrinking window for defenders. Cybersecurity firm Defused Cyber confirmed it’s seen active exploitation of three vulnerabilities in Fortinet FortiSandbox within a 24-hour window. Two of them had patches sitting available since April. The third got fixed last week, which, apparently, wasn’t […]

Pierluigi Paganini June 16, 2026
CVE-2026-20262: CISCO Catalyst SD-WAN Flaw Under Active Targeted Exploitation

Cisco warned that CVE-2026-20262, a Catalyst SD-WAN Manager vulnerability allowing arbitrary file writes, is being actively exploited. Cisco confirmed active exploitation of CVE-2026-20262, an arbitrary file write vulnerability affecting Catalyst SD-WAN Manager. CVE-2026-20262 (CVSS score of 6.5) is an arbitrary file write vulnerability in the web interface of Cisco Catalyst SD-WAN Manager. The flaw is […]

Pierluigi Paganini June 16, 2026
U.S. CISA adds Cisco Catalyst and LiteSpeed cPanel plugin flaws to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Cisco Catalyst and LiteSpeed cPanel plugin flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Cisco Catalyst and LiteSpeed cPanel plugin flaws to its Known Exploited Vulnerabilities (KEV) catalog. The two flaws added to the catalog are: CVE-2026-20262 is an arbitrary […]

Pierluigi Paganini June 16, 2026
China-linked actor spent two years inside medical research networks

China’s UNC6508 hid in North American medical research networks for 2 years, stealing credentials and forwarding emails to Gmail Google’s Threat Intelligence Group published a report this week on UNC6508, a China-linked cyberespionage group that breached North American medical and military research organizations and stayed hidden for more than two years. The earliest confirmed intrusion […]

Pierluigi Paganini June 15, 2026
Australian Sugar Producer Mackay Sugar Reports Cyber Incident

Mackay Sugar, Australia’s second-largest sugar producer, disclosed a cyberattack on June 10, potentially affecting key processing operations. Mackay Sugar is one of Australia’s largest sugar producers and the country’s second-largest sugar manufacturer. The company is based in the Mackay region of tropical North Queensland and has more than 140 years of history in sugar cane […]

Pierluigi Paganini June 15, 2026
Novo Nordisk Confirms Data Theft: What Attackers Took and What They Didn’t

Novo Nordisk suffered a cyberattack where clinical trial data was copied. The breach is confirmed, but no threat actor has claimed responsibility. The Danish pharmaceutical giant Novo Nordisk disclosed a cybersecurity breach that resulted in unauthorized access to internal IT systems and the theft of personal data. The company sells some of the most in-demand […]

Pierluigi Paganini June 15, 2026
Palo Alto Warns of Exploitation of VPN Bypass Exploits (CVE-2026-0257) in PAN-OS Flaw

Palo Alto Networks warns that attackers are actively exploiting CVE-2026-0257, a PAN-OS flaw that lets unauthorized users bypass authentication and establish VPN connections. Palo Alto Networks has confirmed active exploitation of CVE-2026-0257, a PAN-OS authentication bypass vulnerability affecting GlobalProtect portals and gateways. Palo Alto Networks addressed the vulnerability on May 13. Two weeks later, cybersecurity firm Rapid7 […]

Pierluigi Paganini June 15, 2026
Supply Chain Attack Hits Popular WordPress Plugins Through Awesome Motive CDN

Attackers compromised Awesome Motive CDN files, backdooring WordPress sites running OptinMonster, TrustPulse, and PushEngage. Sansec researchers discovered an active supply chain attack hitting WordPress sites running OptinMonster, TrustPulse, and PushEngage, three plugins operated by Awesome Motive, one of the largest WordPress plugin companies in the world. The malicious JavaScript wasn’t sitting on any victim’s server. […]

Pierluigi Paganini June 15, 2026
Infostealers, AI, and a 90% Affiliate Cut Fuel The Gentlemen group’s Rise

The Gentlemen ransomware used infostealer credentials, AI tools, and affiliates to hit 483 victims across 66 countries in under a year. The Gentlemen surfaced as a ransomware operation in September 2025 and by June 13, 2026 had listed 483 victims on their dark-web leak site, 380 of them in 2026 alone. That makes them the […]

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

Cisco fixed a critical ISE vulnerability that lets attackers to gain root access

Uncategorized / June 18, 2026

F5 Patches Critical NGINX Vulnerabilities Enabling Unauthenticated Code Execution

Security / June 18, 2026

Microsoft Confirms RoguePlanet Zero-Day in Defender, Patch Under Development

Security / June 18, 2026

FortiBleed Exposes Admin Passwords for 75,000 Fortinet Firewalls

Hacking / June 18, 2026

DragonForce Hid Inside Microsoft Teams and Nobody Noticed for Two Months

Security / June 17, 2026