Your Security Digest · 13 jun

Today, 67 things to read.

67 critical · 0 to skim · nothing on fire

Data source: supabase

tracked67

critical67

active exploit0

67 incidents · criticalupdated live

Jun 122d ago

…

criticalzero-day

Ukrainian national pleads guilty to role in Conti ransomware operation

A Ukrainian national extradited from Ireland to the United States last year has pleaded guilty to conspiracy charges tied to the Conti ransomware operation. The U.S.

aeo—socialX 0% · Reddit 0% · GitHub 100%

Jun 122d ago

…

criticalzero-dayexploited in the wild

CISA orders feds to patch actively exploited Ivanti flaw by Sunday

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) ordered government agencies to patch an actively exploited Ivanti Sentry flaw within three days, as mandated by the newly issued Binding Operational

aeo31socialX 0% · Reddit 0% · GitHub 100%

Today, 67 things to read.

Ukrainian national pleads guilty to role in Conti ransomware operation

CISA orders feds to patch actively exploited Ivanti flaw by Sunday

Oracle mitigates PeopleSoft zero-day exploited in data theft attacks

CISA tells govt agencies to patch critical exploited flaws in 3 days

Nottingham University data breach affects over 450,000 students

Max severity Ivanti Sentry vulnerability now exploited in attacks

Path traversal flaw in AI dev platform Langflow exploited in attacks

Oracle PeopleSoft servers hacked in ShinyHunters data theft attacks

Who Runs the Ransomware Group ‘The Gentlemen?’

Microsoft patches YellowKey, GreenPlasma, MiniPlasma zero-days

Ivanti: Max severity Sentry flaw allows code execution as root

Anthropic rolls out Claude Fable 5, but it's available for a limited time

Microsoft Defender 'RoguePlanet' zero-day grants SYSTEM privileges

SAP fixes critical flaws in NetWeaver and Commerce Cloud

Microsoft June 2026 Patch Tuesday fixes 3 zero-day, 200 flaws

CISA gives feds 3 days to patch Check Point VPN bug exploited as zero-day

Google patches new Chrome zero-day flaw exploited in the wild

WhatsApp says it disrupted new NSO spyware phishing attacks

Gogs patches critical zero-day enabling remote code execution

Critical UniFi OS bug lets hackers gain root without authentication

Check Point links VPN zero-day attacks to Qilin ransomware gang

CISA: Hackers now exploit SolarWinds Serv-U flaw to crash servers

Chinese APT deploys new malware to keep access to hacked networks

Over 900 US gas station tank gauge systems exposed to attacks

Cisco warns of unpatched SD-WAN zero-day exploited in attacks

UN food agency discloses breach affecting 600,000 Gaza households

Hackers Are After the Gaps in Your Vulnerability Program: Here's Their Playbook

Cisco warns of critical Unified CM flaw with PoC exploit code

U.S. sanctions Nobitex crypto exchange used by Iranian ransomware actors

CISA warns of cyberattacks targeting fuel tank monitoring systems

New 'HTTP/2 Bomb' DoS attack crashes web servers in under a minute

CISA warns of active attacks exploiting Android, Linux bugs

Acer working to patch max severity zero-days in Wave 7 routers

CISA flags two-year-old Oracle flaw as actively exploited in attacks

Google fixes one actively exploited Android zero-day, 124 flaws

Race Against Time: Why Faster Vulnerability Alerts Matter

Critical Windows Netlogon RCE flaw now exploited in attacks

Palo Alto GlobalProtect VPN auth bypass flaw now exploited in attacks

Google Chrome adds session cookie theft protection for all users

Hackers exploit FortiClient EMS flaw to push infostealer malware

New Gogs zero-day flaw lets hackers get remote code execution

Romanian gets 5 years in prison for hacking Oregon govt network

CISA gives feds 4 days to patch actively exploited cPanel plugin flaw

KnowledgeDeliver flaw exploited as a zero-day to install web shells

Microsoft Defender can now automatically isolate hacked endpoints

CISA orders feds to patch actively exploited Drupal vulnerability

Ghost CMS SQL injection flaw exploited in large-scale ClickFix campaign

Trend Micro warns of Apex One zero-day exploited in the wild

Google accidentally exposed details of unfixed Chromium flaw

Max severity Cisco Secure Workload flaw gives Site Admin privileges

Microsoft warns of new Defender zero-days exploited in attacks

Hackers bypass SonicWall VPN MFA due to incomplete patching

Drupal critical update to fix bug with high exploitation risk

Exploit released for new PinTheft Arch Linux root escalation flaw

Microsoft shares mitigation for YellowKey Windows zero-day

Cybercrime service disrupted for abusing Microsoft platform to sign malware

Discord rolls out end-to-end encryption on voice, video calls

FBI: Americans lost over $388 million to scams using crypto ATMs in 2025

Grafana says stolen GitHub token let hackers steal codebase

Exploit available for new DirtyDecrypt Linux root escalation flaw

Hackers earn $1,298,250 for 47 zero-days at Pwn2Own Berlin 2026

New Windows 'MiniPlasma' zero-day exploit gives SYSTEM access, PoC released

Microsoft rejects critical Azure vulnerability report, no CVE issued

Russian hackers turn Kazuar backdoor into modular P2P botnet

Microsoft Exchange, Windows 11 hacked on second day of Pwn2Own

Microsoft backpedals: Edge to stop loading passwords into memory

Microsoft warns of Exchange zero-day flaw exploited in attacks