Ivanti tells Sentry customers to patch now as critical bugs hit 10.0 and 9.9
Remote, unauthenticated RCE with root privileges is about as bad as it gets
Security & Lifecycle News
Aggregated from vendor advisories, security research, and industry publications.
NSO Group Hacking WhatsApp Despite Court Order
WhatsApp has caught the NSO Group phishing its users, in violation of a court order.
After AI Reaches Production: 12 Ways Security Teams Can Take Control
Security teams need more than visibility into AI applications, they need a repeatable framework for monitoring, investigating, and defending them in production. The post After AI R…
Brussels' datacenter efficiency scorecard may come with a credit warning
Moody's says proposed A-to-G green grades for bit barns could affect financing
Your Automated Pentest Looks Clean. See What It Missed in This Expert Webinar
Your pentest report looks clean. That might be the problem. Run automated pentesting long enough, and the new findings start to dry up. By the third or fourth run, fewer issues ap…
Microsoft patches YellowKey, GreenPlasma, MiniPlasma zero-days
On Tuesday, Microsoft patched two zero-day vulnerabilities that let attackers gain SYSTEM privileges on fully patched Windows systems, and a third one that grants access to BitLock…
ServiceNow Patches Vulnerability Exploited Against Some Customers
The company updated hosted customer instances to patch a security issue it reportedly had known about since April 7. The post ServiceNow Patches Vulnerability Exploited Against Som…
Microsoft Patches Record 206 Flaws, Including Three Zero-Days and Critical RCE Bugs
Microsoft on Tuesday released fixes for a record 206 security vulnerabilities impacting its software portfolio, including three flaws that have been publicly disclosed at the time …
Node4 CEO Neil Muller found dead at home after suspected stabbing
MSP says it is 'absolutely devastated' as woman arrested on suspicion of murder
SpacemiT shows off usably quick RISC-V mini desktop
Actual RVA23 hardware and useful performance – for a certain price
Critical Vulnerabilities Patched in Fortinet, Ivanti Products
Two OS command injection flaws can be exploited remotely, without authentication, for arbitrary code execution. The post Critical Vulnerabilities Patched in Fortinet, Ivanti Produc…
France and Germany agree to disagree, ditch joint next-gen Euro fighter
Aircraft at core of the Future Combat Air System canned as parties could not decide who leads on the work
ICS Patch Tuesday: Vulnerabilities Fixed by Siemens, Schneider, Phoenix Contact
In addition, Rockwell Automation announced some enhancements to its SecureOT cybersecurity solution for OT. The post ICS Patch Tuesday: Vulnerabilities Fixed by Siemens, Schneider,…
Anthropic Releases Claude Fable 5, Its Most Powerful AI Yet, With Cyber Safeguards
On June 9, Anthropic released Claude Fable 5, the most capable model it has ever made, generally available. It also did something unusual: it shipped one model as two products, spl…
ServiceNow Flaw Exploited to Gain Unauthorized Access to Customer Instances
ServiceNow has warned about a security incident in which unknown threat actors exploited a flaw to obtain deeper unauthorized access to susceptible instances. "On June 5, 2026, Se…
Logitech knows when to fold 'em
Meet Mobi Fold - creased popster or clever portable mouse
No Patch Planned for Exploited Arista EOS Vulnerability
Organizations are advised to apply vendor-supplied mitigations or discontinue the vulnerable devices. The post No Patch Planned for Exploited Arista EOS Vulnerability appeared firs…
Ivanti: Max severity Sentry flaw allows code execution as root
Ivanti has patched two critical vulnerabilities in its Sentry secure mobile gateway solution, including a maximum-severity flaw that enables remote attackers to execute code with r…
Microsoft Defender RoguePlanet Zero-Day Grants SYSTEM Access on Updated Windows
The anonymous security researcher going by the name Chaotic Eclipse (aka Nightmare-Eclipse) has released a proof-of-concept (PoC) exploit for yet another Microsoft Defender zero-da…
Six Proto6 Vulnerabilities in protobuf.js Expose Node.js Apps to RCE and DoS
Cybersecurity researchers have flagged half a dozen vulnerabilities in protobuf.js, a JavaScript and TypeScript implementation of Protocol Buffers (Protobuf), that, if successfully…
Anthropic rolls out Claude Fable 5, but it's available for a limited time
Anthropic has begun rolling out a new model called "Fable," which is based on the same underlying model as Mythos, its most powerful AI model class. [...]
Microsoft Defender 'RoguePlanet' zero-day grants SYSTEM privileges
A security researcher has released a new Microsoft Defender zero-day exploit named "RoguePlanet" just hours after Microsoft fixed two previously disclosed flaws during June 2026 Pa…
AI is making Patch Tuesday (kinda) fun again
Unless you're an admin or vulnerability manager – then you're totally screwed
A Record-Breaking Patch Tuesday for June 2026
Microsoft today released software updates to plug nearly 200 security holes across its Windows operating systems and supported software, a record number of fixes for the company's …
Salesforce cuts staff amid acquisition spree and $50 billion share buyback
The layoffs come after CEO Marc Benioff boasted of record revenue and 'incredible cashflow' two weeks ago
The Invisible Battlefield: How Cyberwar Is Reshaping Everyday Life
Former National Cyber Director Chris Inglis warns that cyberattacks threaten hospitals, utilities, and essential services.
Blame AI: Patch Tuesday Hits Record 206 CVEs
Voluminous patch updates could soon be the norm, as artificial intelligence accelerates the speed and scale of vulnerability discovery.
ServiceNow discloses security incident exposing customer data
ServiceNow is warning about a security incident after attackers exploited an unauthenticated access flaw through a vulnerable API endpoint, allowing them to query data from custome…
OpenClaw AI agent found falling for phishing attacks, spills user data
Phishing simulation on an OpenClaw email agent with various configuration profiles showed that it was susceptible to tactics commonly used to compromise human users. [...]
If your sex life is dead, you can blame Steve Jobs
Economists find signs of a ‘large and causal relationship between iPhones and fertility' in AT&T exclusivity-era data