Top story watchTowr LabsCitrixBleed To Infinity And Beyond (Citrix NetScaler Pre-Auth Memory Overread CVE-2026-8451)Read full storyKEV CVE-2026-30558.8 CVE-2025-12101KEV CVE-2025-57773.3 CVE-2026-0050— CVE-2026-8451
Tue The Hacker News Summary only RustDuck Botnet Rebuilds in Rust to Hijack Routers and Servers for DDoS8.8 CVE-2017-172157.2 CVE-2018-8007KEV CVE-2025-296356.3 CVE-2024-1781
Tue The Hacker News Summary only Langflow RCE Exploited to Deploy Monero Miner on Exposed AI App EndpointsKEV CVE-2025-3248KEV CVE-2026-330178.8 CVE-2026-5027
Tue Help Net Security Summary only Oracle E-Business Suite Payments flaw under attack (CVE-2026-46817)KEV CVE-2025-618829.8 CVE-2026-46817KEV CVE-2025-61884
Tue SecurityWeek Summary only BlueHammer Vulnerability Exploited in Ransomware AttacksKEV CVE-2026-33825
Tue SecurityWeek Summary only Exploitation of Recent Oracle E-Business Suite Vulnerability Begins9.8 CVE-2026-46817
Tue The Hacker News Summary only Attackers Exploit SimpleHelp CVE-2026-48558 to Deploy TaskWeaver and Djinn StealerKEV CVE-2026-48558
Tue Help Net Security Summary only SimpleHelp vulnerability exploited to deliver mighty Djinn Stealer (CVE-2026-48558)KEV CVE-2026-48558
Tue SANS Internet Storm CenterJune 2026 Apple Updates - SANS Internet Storm Center9.1 CVE-2026-398688.8 CVE-2026-437058.8 CVE-2026-437158.1 CVE-2026-437357.8 CVE-2026-43724 + 23 more
Tue The Hacker News Summary only AirDrop and Quick Share Flaws Let Nearby Attackers Trigger Crashes and Bypass Checks7.5 CVE-2024-106684.8 CVE-2024-382714.3 CVE-2024-38272
Tue SecurityWeek Summary only Nissan Employee Data Breached in Oracle PeopleSoft HackKEV CVE-2026-35273
Tue BleepingComputer Summary only CISA: Windows BlueHammer flaw now exploited by ransomware gangsKEV CVE-2026-33825
Tue SecurityWeek Summary only Critical SimpleHelp Vulnerability Exploited for Malware DeliveryKEV CVE-2026-48558
Tue The Hacker News Summary only Progress Kemp LoadMaster Flaw Could Let Attackers Run Root Commands Pre-AuthKEV CVE-2024-12129.6 CVE-2026-80376.8 CVE-2026-33691
Tue The Hacker News Summary only Apple Patches 30+ iOS, macOS, Safari Flaws, Including AI-Discovered WebKit Bugs9.1 CVE-2026-398688.8 CVE-2026-437157.8 CVE-2026-437247.1 CVE-2026-437256.5 CVE-2026-43707 + 4 more
Tue The Hacker News Summary only Oracle E-Business Suite Flaw CVE-2026-46817 Actively Exploited in the WildKEV CVE-2025-61882KEV CVE-2026-352739.8 CVE-2026-46817
Mon Dark Reading Source-only NIST Enrichment Reductions Impact CVE Coverage, Accuracy7.7 CVE-2026-8856
Mon BleepingComputer Summary only Nissan discloses employee data breach linked to Oracle zero-day attacksKEV CVE-2026-35273
Mon BleepingComputer Summary only NAIC says public data stolen in ShinyHunters' PeopleSoft breachKEV CVE-2026-35273
Mon watchTowr LabsEnterprise Tech In, Shell Out (Progress Kemp LoadMaster Uninitialized Heap to Pre-Auth RCE CVE-2026-8037)9.6 CVE-2026-80376.8 CVE-2026-33691
Mon Help Net Security Summary only JSP webshells being dropped on unpatched PTC Windchill instances10.0 CVE-2026-4681KEV CVE-2026-12569
Mon The Hacker News Summary only ⚡ Weekly Recap: Linux Kernel Flaws, AI Malware Tricks, Turla Backdoor, Infostealers and More9.8 CVE-2024-3765KEV CVE-2026-125699.6 CVE-2026-130289.6 CVE-2026-130329.0 CVE-2026-11374 + 18 more
Mon Check Point Research29th June – Threat Intelligence ReportKEV CVE-2026-34908KEV CVE-2026-34909KEV CVE-2026-349109.9 CVE-2026-55255KEV CVE-2026-33017 + 3 more
Mon BleepingComputer Summary only Critical SimpleHelp flaw exploited to deploy new stealer malwareKEV CVE-2026-48558
Mon BleepingComputer Summary only Hackers now exploit critical Oracle E-Business flaw in attacksKEV CVE-2025-61882KEV CVE-2026-352739.8 CVE-2026-46817KEV CVE-2024-21182
Mon SecurityWeek Summary only Insurance Regulators Group NAIC Hit in Oracle PeopleSoft HackKEV CVE-2026-35273
Mon Dark Reading Source-only Amazon Q VS Extension Flaw Leads to Cloud Credential Theft8.8 CVE-2025-595368.0 CVE-2026-306157.8 CVE-2026-129577.5 CVE-2026-218527.2 CVE-2025-54136
Mon The Hacker News Summary only Gamaredon Expands Ukraine Attacks with New Malware and Cloud Service AbuseKEV CVE-2025-8088
Mon SecurityWeek Summary only ‘DirtyClone’ Linux Kernel Vulnerability Leads to Root Access8.8 CVE-2026-432848.8 CVE-2026-435037.8 CVE-2026-435007.8 CVE-2026-46300
Mon The Hacker News Summary only Public PoC Released for Critical libssh2 CVE-2026-55200 Client-Side SSH Flaw8.8 CVE-2019-38558.1 CVE-2026-552006.5 CVE-2025-156615.9 CVE-2026-55199
Sun Help Net Security Summary only Week in review: Fortibleed campaign’s impact on orgs, Cisco Unified CM flaw exploitedKEV CVE-2026-20230
Fri BleepingComputer Summary only CISA sets urgent deadline to fix Cisco flaw exploited in attacksKEV CVE-2026-12569KEV CVE-2026-20230
Fri Rapid7 BlogWeekly Metasploit Update: Modules for Audiobookshelf, LiteLLM, Next.js, Dalfox and more10.0 CVE-2026-45087KEV CVE-2026-422089.1 CVE-2025-299278.2 CVE-2025-25205
Fri The Hacker News Summary only New SharkLoader Malware Deploys Cobalt Strike in StrikeShark CyberattacksKEV CVE-2023-20198KEV CVE-2025-55182KEV CVE-2016-4437KEV CVE-2021-36260KEV CVE-2022-40684 + 9 more
Fri SecurityWeek Summary only Amazon Q Flaw Enabled Cloud Credential Theft via Malicious Repositories7.8 CVE-2026-129577.8 CVE-2026-12958
Fri The Hacker News Summary only New Linux pedit COW Exploit Enables Root Access by Poisoning Cached Binaries7.8 CVE-2026-46331
Fri The Hacker News Summary only Amazon Q Developer Flaw Could Let Malicious Repos Run Code via MCP Configs8.8 CVE-2025-595368.0 CVE-2026-306157.8 CVE-2026-129577.8 CVE-2026-129587.2 CVE-2025-54136
Fri The Hacker News Summary only CISA Adds Exploited PTC Windchill RCE Flaw to KEV as Web Shell Attacks ContinueKEV CVE-2026-12569
Fri Daily CyberSecurity (securityonline.info) Summary only Cisco SD-WAN Zero-Day Exploited in AttacksKEV CVE-2026-20245