Security Spotlight

Cybersecurity
iRhythm Confirms PHI Exfiltration via Social Engineering
iRhythm Technologies confirmed in an SEC 8-K that social engineering gave hackers access to patient cardiac monitoring data, which they then exfiltrated.
Application Security
Obsidian Finds CVSS 9.9 Attack Chain in LiteLLM AI Gateway
A three-CVE attack chain disclosed by Obsidian Security in LiteLLM AI Gateway lets low-privilege users escalate to root and steal all managed AI API keys.
Application Security
PromptSnatcher Extensions Stole AI Chats From 90,000 Users
Two Chrome ad blocker extensions captured conversations from 90,000 users across ChatGPT, Claude, Gemini, and five other AI platforms, researchers found.
Cybersecurity
Anthropic Releases Guardrail-Free Mythos 5 to Security Researchers
Anthropic released Claude Mythos 5 with safety guardrails intentionally removed to vetted security researchers alongside the public Claude Fable 5 launch.
Application Security
SAP Patches CVSS 9.9 SAML Flaw and ABAP Memory Corruption
SAP's June 2026 Patch Day addressed 15 security notes including CVE-2026-44748, a CVSS 9.9 XML Signature Wrapping flaw in NetWeaver SAML authentication.
Application Security
Veeam CVE-2026-44963 Exposes Backup Servers to Low-Privilege RCE
Veeam patched CVE-2026-44963, a CVSS 9.4 RCE flaw letting any domain user execute code on backup servers across its 550,000-customer install base.
Application Security
Claude Opus Finds 4-Year Zcash Flaw Enabling Silent Coin Forgery
Researcher Taylor Hornby used Claude Opus 4.8 to uncover a four-year-old Zcash Orchard flaw that could have enabled undetectable counterfeit ZEC creation.
CVE Vulnerability Alerts
CISA Orders Serv-U CVE-2026-28318 Patch After Active Exploitation
SolarWinds patches actively exploited Serv-U DoS bug CVE-2026-28318 while CISA adds it to the KEV catalog and orders remediation at federal civilian agencies.
CVE Vulnerability Alerts
Cisco SD-WAN Manager Hit by 7th Zero-Day of 2026, No Patch
Cisco disclosed CVE-2026-20245, a command injection zero-day in Catalyst SD-WAN Manager enabling root access via file upload, with no patch available.
Cybersecurity
TheGentlemen Hits Saudi Arabia, India, Thailand, and Portugal
TheGentlemen ransomware struck Saudi Arabia, India, Thailand, and Portugal in one day, including a first GCC target, as the group exceeds 330 victims in 2026.