Fortinet and Ivanti on Tuesday rolled out fixes for multiple vulnerabilities in their products, including critical-severity OS command injection flaws. Fortinet published three advisories describing security defects in FortiSandbox, FortiOS, FortiProxy, and FortiPortal. The most severe of the three bugs… Read More "Critical Vulnerabilities Patched in Fortinet, Ivanti Products"
On June 9, Anthropic released Claude Fable 5, the most capable model it has ever made, generally available. It also did something unusual: it shipped one model as two products, split not by capability but by a layer of safety… Read More "Anthropic Releases Claude Fable 5, Its Most Powerful AI Yet, With Cyber Safeguards"
There’s an app for everything nowadays… right? Well, looking up call records for a phone number of choice is not one of those things, as potentially millions of Android users found out after paying for app subscriptions promising just that.… Read More "How CallPhantom tricks Android users"
System administrators are in for a busy few weeks after Microsoft published updates to fix 200 vulnerabilities including three publicly disclosed zero-days June’s Patch Tuesday. A total of 33 critical CVEs were tackled, with most (28) remote code execution (RCE)… Read More "Microsoft Fixes 200 CVEs This Patch Tuesday"
ICS Patch Tuesday advisories were published this month by Siemens, Schneider Electric, and Phoenix Contact. Siemens published only four new advisories. In Sinec INS, the industrial giant fixed authenticated command execution, information disclosure, privilege escalation, and password exposure flaws. The… Read More "ICS Patch Tuesday: Vulnerabilities Fixed by Siemens, Schneider, Phoenix Contact"
Ravie LakshmananJun 10, 2026Cyber Attack / Vulnerability ServiceNow has warned about a security incident in which unknown threat actors exploited a flaw to obtain deeper unauthorized access to susceptible instances. “On June 5, 2026, ServiceNow applied a security update to… Read More "ServiceNow Flaw Exploited to Gain Unauthorized Access to Customer Instances"
The Trump administration’s shift in tone and approach toward traditional allies has understandably unsettled many nations, raising doubts about U.S. reliability and concerns over dependence on American technology. Many had become used to China and Russia’s often belligerent tone, flexing their… Read More "The quest for greater tech independence"
Cybercriminals and fraudsters have dedicated entire ecosystems to scamming and stealing from Formula 1 fans, a new report has warned. According to the Bitdefender Cybersecurity Grand Prix Fan Threat Index, the growing global digital ecosystem around motorsport makes it an… Read More "Fake Streams, Counterfeit Merch & Scams: How Fraudsters Target F1 Fans"
Hackers have been exploiting a vulnerability in Arista Extensible Operating System (EOS) as a zero-day that will not be patched. Arista EOS is a modular, Linux-based network operating system designed for the vendor’s high-performance switches for data center, cloud, and… Read More "No Patch Planned for Exploited Arista EOS Vulnerability"
Ravie LakshmananJun 10, 2026Vulnerability / JavaScript Cybersecurity researchers have flagged half a dozen vulnerabilities in protobuf.js, a JavaScript and TypeScript implementation of Protocol Buffers (Protobuf), that, if successfully exploited, could result in remote code execution (RCE) and denial-of-service (DoS) attacks.… Read More "Six Proto6 Vulnerabilities in protobuf.js Expose Node.js Apps to RCE and DoS"
