Resources
Veeam CVE-2026-44963 Exposes Backup Servers to Low-Privilege RCE
Gabby Lee
June 10, 2026
Veeam patched CVE-2026-44963, a CVSS 9.4 RCE flaw letting any domain user execute code on backup servers across its 550,000-customer install base.
Fortinet FortiSandbox CVE-2026-25089 Allows Unauthenticated RCE
Gabby Lee
June 10, 2026
Fortinet patched CVE-2026-25089, a CVSS 9.1 OS command injection in FortiSandbox's Web UI exploitable by unauthenticated attackers via crafted HTTP requests.
OpenSSL Patches 16 Flaws Including Heap Use-After-Free RCE Risk
Gabby Lee
June 10, 2026
OpenSSL released 16 security fixes, led by CVE-2026-45447, a HIGH severity heap use-after-free in PKCS7_verify() that may enable RCE via crafted S/MIME messages.
Akira Claims Industrial Finisher, NJ Country Club, Architecture Firm
Andrew Doyle
June 10, 2026
Akira ransomware posted three US victims on June 9: Spray Equipment with 26GB of W-2 records and engineering drawings, Rockaway River Country Club, and SMPC ...
Chaos Ransomware Lists Airespring as Iranian False-Flag History Looms
Andrew Doyle
June 10, 2026
Chaos ransomware listed US telecom provider Airespring on its leak site. Rapid7 documented Chaos as a MuddyWater Iranian APT false-flag tool, complicating attribution.
Microsoft Patches Exploited Exchange XSS as Secure Boot Deadline Looms
Andrew Doyle
June 9, 2026
Microsoft's June Patch Tuesday closes the actively exploited Exchange Server CVE-2026-42897 and sets a 17-day countdown to a critical Secure Boot deadline.
Check Point VPN CVE-2026-50751 Exploited by Qilin Before Patch Release
Andrew Doyle
June 9, 2026
Check Point disclosed CVE-2026-50751, a critical VPN authentication bypass exploited by Qilin ransomware for five weeks, and released an emergency hotfix.
TheGentlemen Ransomware Posts 12 Victims in One Day Across 8 Countries
Mitchell Langley
June 9, 2026
TheGentlemen ransomware posted 12 victims across 8 countries in one day, including two healthcare providers with HIPAA and NHS breach notification exposure.
Gogs 0.14.3 Patches Critical RCE Zero-Day After 10 Days Without Fix
Mitchell Langley
June 9, 2026
Gogs version 0.14.3 patches a critical CVSSv4 9.4 RCE zero-day that had exposed 2,300 internet-facing servers for ten days with a public Metasploit exploit.
Akira, Qilin, and Nightspire Post 4 Victims on Ransomware Leak Sites
Mitchell Langley
June 9, 2026
Akira, Qilin, and Nightspire claimed four victims including a port trade association, a German security firm, a youth nonprofit, and a commercial printer.
Weekly Newsletter
Weekly Cybersecurity Newsletter: 14th to 18th August
Andrew Doyle
July 19, 2025
Explore our latest cybersecurity podcast episodes featuring ransomware attacks, phishing campaigns, corporate breaches, legal showdowns, and deep dives into evolving threats and digital defenses.
This Week In Cybersecurity: 23rd June to 27th June
Andrew Doyle
June 30, 2025
News Stories New ‘FileFix’ Attack Exploits Windows File Explorer to Deliver Stealthy Commands Threat actors use the search-ms URI protocol ...
This Week In Cybersecurity: 26th to 30th May, 2025
Andrew Doyle
May 30, 2025
"Cybersecurity threats escalate as ransomware attacks target major organizations, exposing sensitive data and highlighting vulnerabilities in systems across various industries. Stay informed."
This Week In Cybersecurity: 19th to 23rd May, 2025
Andrew Doyle
May 23, 2025
This week, significant cybersecurity incidents include ransomware attacks, data breaches affecting major organizations, and ongoing threats from state-sponsored groups, highlighting vulnerabilities across various sectors.
This Week In Cybersecurity: 21st – 25th April, 2025
Andrew Doyle
April 25, 2025
Targeted malware, ransomware, phishing, and ad fraud hit SK Telecom, Baltimore schools, Google, and more this week—exposing critical data and abusing trusted systems.
Trending
Daily Briefing Newsletter
Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.














