Microsoft Patches Exploited Exchange XSS as Secure Boot Deadline Looms
June 9, 2026
Microsoft’s June Patch Tuesday closes the actively exploited Exchange Server CVE-2026-42897 and sets a 17-day countdown to a critical Secure
News
Microsoft Patches Exploited Exchange XSS as Secure Boot Deadline Looms
Microsoft's June Patch Tuesday closes the actively exploited Exchange Server CVE-2026-42897 and sets a 17-day countdown to a critical Secure Boot deadline.
Check Point VPN CVE-2026-50751 Exploited by Qilin Before Patch Release
Check Point disclosed CVE-2026-50751, a critical VPN authentication bypass exploited by Qilin ransomware for five weeks, and released an emergency hotfix.
WhatsApp Files Contempt Motion Over New NSO Group Spyware Activity
WhatsApp detected new NSO Group activity violating a permanent court injunction and filed a federal contempt motion against the Israeli surveillance firm.
TheGentlemen Ransomware Posts 12 Victims in One Day Across 8 Countries
TheGentlemen ransomware posted 12 victims across 8 countries in one day, including two healthcare providers with HIPAA and NHS breach notification exposure.
Gogs 0.14.3 Patches Critical RCE Zero-Day After 10 Days Without Fix
Gogs version 0.14.3 patches a critical CVSSv4 9.4 RCE zero-day that had exposed 2,300 internet-facing servers for ten days with a public Metasploit exploit.
Akira, Qilin, and Nightspire Post 4 Victims on Ransomware Leak Sites
Akira, Qilin, and Nightspire claimed four victims including a port trade association, a German security firm, a youth nonprofit, and a commercial printer.
TVING Data Breach Triggers South Korean Government Probe
South Korea's largest streaming platform TVING suffered a data breach exposing user IDs, contact details, and encrypted national ID-derived identifiers.
AI Agent Finds 21 FFmpeg Zero-Days Including Unauthenticated RCE
Depthfirst's autonomous AI security agent spent $1,000 to find 21 zero-days in FFmpeg, including an unauthenticated RCE triggered by a 183-byte packet.
Anthropic Engineers Deploy Inside NSA to Run Mythos Cyber AI
Anthropic has deployed six engineers inside NSA to operate Mythos, an AI reported capable of zero-day exploitation across major operating systems and browsers.
Claude Opus Finds 4-Year Zcash Flaw Enabling Silent Coin Forgery
Researcher Taylor Hornby used Claude Opus 4.8 to uncover a four-year-old Zcash Orchard flaw that could have enabled undetectable counterfeit ZEC creation.
Check Point VPN CVE-2026-50751 Exploited by Qilin Before Patch Release
June 9, 2026
Check Point disclosed CVE-2026-50751, a critical VPN authentication bypass exploited by Qilin ransomware for five weeks, and released an emergency
WhatsApp Files Contempt Motion Over New NSO Group Spyware Activity
June 9, 2026
WhatsApp detected new NSO Group activity violating a permanent court injunction and filed a federal contempt motion against the Israeli
TheGentlemen Ransomware Posts 12 Victims in One Day Across 8 Countries
June 9, 2026
TheGentlemen ransomware posted 12 victims across 8 countries in one day, including two healthcare providers with HIPAA and NHS breach
Gogs 0.14.3 Patches Critical RCE Zero-Day After 10 Days Without Fix
June 9, 2026
Gogs version 0.14.3 patches a critical CVSSv4 9.4 RCE zero-day that had exposed 2,300 internet-facing servers for ten days with
Akira, Qilin, and Nightspire Post 4 Victims on Ransomware Leak Sites
June 9, 2026
Akira, Qilin, and Nightspire claimed four victims including a port trade association, a German security firm, a youth nonprofit, and
TVING Data Breach Triggers South Korean Government Probe
June 8, 2026
South Korea’s largest streaming platform TVING suffered a data breach exposing user IDs, contact details, and encrypted national ID-derived identifiers.
AI Agent Finds 21 FFmpeg Zero-Days Including Unauthenticated RCE
June 8, 2026
Depthfirst’s autonomous AI security agent spent $1,000 to find 21 zero-days in FFmpeg, including an unauthenticated RCE triggered by a
Anthropic Engineers Deploy Inside NSA to Run Mythos Cyber AI
June 8, 2026
Anthropic has deployed six engineers inside NSA to operate Mythos, an AI reported capable of zero-day exploitation across major operating
Claude Opus Finds 4-Year Zcash Flaw Enabling Silent Coin Forgery
June 8, 2026
Researcher Taylor Hornby used Claude Opus 4.8 to uncover a four-year-old Zcash Orchard flaw that could have enabled undetectable counterfeit
Trending
Daily Briefing Newsletter
Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.