Your Security Digest · 13 jun

Quiet today.

491 scanned. Nothing on fire. Read at your own pace.

Data source: supabase

tracked53

critical0

active exploit0

53 incidents · highupdated live

Jun 122d ago

…

highidentity

phpBB forum fixes auth bypass bug lurking for a decade

A 10-year-old authentication bypass vulnerability discovered in the phpBB forum software allows an attacker to log in as any user, including administrators.

aeo—socialX 0% · Reddit 0% · GitHub 100%

Jun 122d ago

…

highexploitationexploited in the wild

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog , based on evidence of active exploitation.

aeo—socialX 0% · Reddit 0% · GitHub 100%

Quiet today.

phpBB forum fixes auth bypass bug lurking for a decade

CISA Adds One Known Exploited Vulnerability to Catalog

Authorities dismantle 'AudiA6' ransomware crypto-laundering service

Why AI-driven threats are exposing the limits of MSP security stacks

CISA Adds One Known Exploited Vulnerability to Catalog

China-linked JDY botnet expands targeting of U.S. military networks

A Record-Breaking Patch Tuesday for June 2026

ServiceNow discloses security incident exposing customer data

CISA Adds Three Known Exploited Vulnerabilities to Catalog

CISA Adds Two Known Exploited Vulnerabilities to Catalog

Over 20,000 Instagram accounts stolen in Meta AI support hack

C0XMO botnet spreads via DD-WRT router flaw, kills rival malware

Silent Ransom Group targets law firms with fake IT support calls

Critical Everest Forms Pro flaw exploited to take over WordPress sites

What 2026 DBIR Confirms: Attacks Are Living in the Browser

CISA Adds One Known Exploited Vulnerability to Catalog

Credit card theft campaign abuses Stripe to host stolen payment info

CISA Adds One Known Exploited Vulnerability to Catalog

Critical Kirki flaw exploited to hijack WordPress admin accounts

AI-built ransomware toolkit automates EDR evasion, AD discovery

CISA Adds Two Known Exploited Vulnerabilities to Catalog

Hackers hijack thousands of sites for ClickFix and FakeUpdate attacks

Spain arrests doxer leaking sensitive data of govt employees

CISA Adds One Known Exploited Vulnerability to Catalog

WP Maps Pro bug exploited to create admin accounts on WordPress sites

Dutch govt disrupts malware botnet with 17 million infected devices

CISA Adds One Known Exploited Vulnerability to Catalog

Supply Chain Compromises Impact Nx Console and GitHub Repositories

Carnival Cruise confirms data breach affecting nearly 6 million people

Sextortionist sentenced to 33 years for targeting 145 children

CISA Adds Three Known Exploited Vulnerabilities to Catalog

FBI warns of in-person data theft attacks from extortion gang

Dutch police arrests suspect linked to Ajax football club hack

CISA Adds One Known Exploited Vulnerability to Catalog

7-Eleven data breach exposes personal information of 185,000 people

Italy disrupts CINEMAGOAL piracy app that stole streaming auth codes

Netherlands seizes 800 servers of hosting firm enabling cyberattacks

Former US execs plead guilty to aiding tech support scammers

Drupal: Critical SQL injection flaw now targeted in attacks

Ubiquiti patches three max severity UniFi OS vulnerabilities

CISA Adds One Known Exploited Vulnerability to Catalog

Inside a Crypto Drainer: How to Spot it Before it Empties Your Wallet

Police seize “First VPN” service used in ransomware, data theft attacks

CISA Adds Two Known Exploited Vulnerabilities to Catalog

GitHub links repo breach to TanStack npm supply-chain attack

CISA Adds Seven Known Exploited Vulnerabilities to Catalog

GitHub confirms breach of 3,800 repos via malicious VSCode extension

Max-severity flaw in ChromaDB for AI apps allows server hijacking

ScadaBR

Funnel Builder WordPress plugin bug exploited to steal credit cards

Popular node-ipc npm package compromised to steal credentials

Avada Builder WordPress plugin flaws allow site credential theft

CISA Adds One Known Exploited Vulnerability to Catalog