radar.cysentrix

Security Radar

Page 1 of 10 · 434 stories from the last 30 days across 20 trusted sources.

Actively exploited 11 actively exploited CVEs in current coverage
View all CVEs →
  • CVE-2026-20253

    AICritical unauthenticated RCE in Splunk Enterprise (CVE-2026-20253) exploited in wild; CISA added to KEV, federal agencies must patch by June 21.

    5storiesEPSS 92%
  • CVE-2026-0257

    Palo Alto Warns of Active Exploitation of PAN-OS GlobalProtect VPN Flaw

    2storiesEPSS 87%
  • CVE-2026-20262

    CVE-2026-20262: Cisco Catalyst SD-WAN Manager Zero-Day Leads to Root

    2storiesEPSS 1%
  • CVE-2026-35273

    ShinyHunters Exploits Oracle PeopleSoft Zero-Day (CVE-2026-35273) to Breach Universities

    1storyEPSS 90%
  • CVE-2025-8088

    Russian Attackers Weaponize WinRAR Flaw Against Ukrainian Orgs

    1storyEPSS 86%
  • CVE-2026-42271

    CISA Adds Two Known Exploited Vulnerabilities to Catalog

    1storyEPSS 75%
The Hacker News

GitHub Updates actions/checkout to Block Common Pwn Request Attack Patterns

GitHub is moving to strengthen software supply chain security by updating "actions/checkout" to block pwn request attacks that exploit the risky use of the "pull_request_target workflow" trigger to run malicious code with the workflow's full privileges. Effective June 18, 2026...

supply chain
BleepingComputer

LastPass confirms data breach in Klue supply chain attack

LastPass announced that hackers accessed customer data from its Salesforce environment after stealing the company's OAuth tokens in the Klue supply chain attack earlier this month. [...]

data breachsupply chain
Help Net Security

Using Reddit to manipulate AI search results is surprisingly easy

A Reddit comment that takes only a few seconds to write can end up influencing the answers generated by AI research tools. A Cornell Tech study found that a short snippet of user-generated text, sometimes as little as 13 words, was enough to affect the output of deep-research ...

The Record · Help Net Security2 stories

Two Scattered Spider members plead guilty over cyberattack that crippled London transit

AITwo Scattered Spider members, aged 20 and 18, pleaded guilty for the 2024 TfL cyberattack that disrupted London transit and caused £29 million in losses.

Open narrative →
Show all coverage
BleepingComputer

Webinar: Why email security teams are drowning in alerts

Phishing, BEC, and account takeover attacks continue to overwhelm security teams with alerts and investigations. This webinar explores how behavioral AI can help automate detection and response workflows, reducing alert fatigue and improving operational efficiency. [...]

phishing
The Hacker News

Agentic AI: The Weapon That No Longer Needs a Warrior

Every weapon begins as an extension of the hand that holds it. The spear lengthened the reach of the arm. The bow sent the point flying without the throw. The rifle placed a man's death a quarter mile beyond his sight, and the aircraft carried that death across oceans. At each...

Schneier on Security

Anthropic’s Fable 5 Model Jailbroken Within Days

Fable 5 is the supposed safe version of Anthropic’s Mythos Preview, with guardrails to ensure that it can’t be used to create cyberattacks. Well, that restriction was bypassed within days.

Help Net Security

GTA 6 early access offers are taking gamers’ crypto

Scam websites are circulating across the internet with a pitch aimed at millions of gamers: a way to play Grand Theft Auto VI before its release. The pages promise early access for a few hundred dollars in cryptocurrency, ask buyers to enter a payment code, and claim the game ...

SecurityWeek

Russian Initial Access Broker Behind FortiBleed Campaign

Using a custom sniffer, the threat actor has captured over 110 million credentials since at least February 2026. The post Russian Initial Access Broker Behind FortiBleed Campaign appeared first on SecurityWeek.

apt