radar.cysentrix

Security Radar

Page 1 of 10 · 329 stories from the last 30 days across 20 trusted sources.

Actively exploited 10 actively exploited CVEs in current coverage
View all CVEs →
  • CVE-2026-20253

    AICritical unauthenticated RCE in Splunk Enterprise (CVE-2026-20253) exploited in wild; CISA added to KEV, federal agencies must patch by June 21.

    5storiesEPSS 10%
  • CVE-2026-0257

    AIPalo Alto Networks warns of active exploitation of CVE-2026-0257, a PAN-OS GlobalProtect VPN flaw. Unknown threat actors are using it to gain unauthorized access to portals.

    2storiesEPSS 19%
  • CVE-2026-20262

    AICisco released updates for an actively exploited medium-severity flaw in Catalyst SD-WAN Manager, tracked as CVE-2026-20262 with a CVSS score of 6.5.

    2storiesEPSS 1%
  • CVE-2025-8088

    Russian Attackers Weaponize WinRAR Flaw Against Ukrainian Orgs

    1storyEPSS 81%
  • CVE-2026-42271

    CISA Adds Two Known Exploited Vulnerabilities to Catalog

    1storyEPSS 54%
  • CVE-2026-50751

    CISA Adds Two Known Exploited Vulnerabilities to Catalog

    1storyEPSS 41%
The Hacker News · BleepingComputer2 stories

The Gentlemen RaaS Uses GentleKiller EDR Framework Targeting 400 Security Processes

AIGentlemen RaaS uses GentleKiller EDR framework targeting over 400 security processes to disable defenses before deploying ransomware.

Open narrative →
ransomware
Show all coverage
Graham Cluley

Apple’s Hide My Email tweak leaves privacy fans fuming

Apple has long marketed itself as the privacy-first tech giant. So why is it making a change to Hide My Email that will make it easier for websites to block anonymous sign-ups - and harder for you to stay private online? Read more in my article on the Hot for Security blog.

The Hacker News

AutoJack Attack Lets One Web Page Hijack AI Agent for Host Code Execution

Microsoft researchers have detailed an exploit chain, named AutoJack, that turns an AI browsing agent into a delivery vehicle for remote code execution. Steer the agent to load an attacker's web page, and that page's JavaScript can reach a privileged local service on the same ...

microsoft
SOCRadar · Help Net Security · BleepingComputer · Security Affairs · SecurityWeek · The Hacker News6 stories

Critical Splunk Enterprise Flaw Lets Attackers Run Code Without Authentication

AICritical unauthenticated RCE in Splunk Enterprise (CVE-2026-20253) exploited in wild; CISA added to KEV, federal agencies must patch by June 21.

Open narrative →
vulnerabilityzero day Actively exploitedCVE-2026-20253 · EPSS 10%
Show all coverage
The Hacker News · Security Affairs · The Record · SecurityWeek · CyberScoop · Help Net Security · BleepingComputer7 stories

Operation Endgame Disrupts SocGholish Servers, Cleans 14,971 WordPress Sites

AIOperation Endgame disrupted SocGholish botnet infrastructure linked to Russia's Evil Corp, taking down 106 servers and cleaning nearly 15,000 infected WordPress sites.

Open narrative →
malware
Show all coverage
The Hacker News · BleepingComputer2 stories

CISA Warns Fortinet Customers as FortiBleed Hits 86,644 FortiGate Devices

AICISA urged Fortinet customers to secure devices after the "FortiBleed" data leak exposed credentials from tens of thousands of firewalls and VPN gateways.

Open narrative →
data breach
Show all coverage
Help Net Security

Klue breach lead to Salesforce data theft, Huntress affected

Cybersecurity vendor Huntress was among multiple companies hit by a breach originating at Klue, a market intelligence platform used to integrate CRM and sales data across various business tools. Huntress published a detailed account of the incident on June 18, framing it as a ...

data breach
BleepingComputer

Webinar: How attackers bypass MFA and how defenders can respond

Modern phishing attacks, including Device Code phishing, can undermine MFA protections and grant attackers access to corporate accounts without stealing passwords. This webinar explores how behavioral AI can help security teams detect compromised accounts faster and automate r...

phishing
The Hacker News

From Assistive to Agentic: The AI Shift That's Redefining Threat Management

Introduction The average enterprise security team has 40 or more security tools, giving a lot of visibility into internal telemetry and asset data. But often, these tools are working in siloes, generating (overlapping) alerts and data. And yet, breach dwell times remain stubbo...

data breach
SecurityWeek

CryptoBandits Malware Doubles as a Backdoor, Abuses Tor

CryptoBandits uses a local SOCKS5 proxy for traffic routing, blending data theft with remote code execution. The post CryptoBandits Malware Doubles as a Backdoor, Abuses Tor appeared first on SecurityWeek.

malware