> TritonInfoSec News

# Archive

Browse past daily curated stories

Jun 11 Jun 10 Jun 09 Jun 08 Jun 07 Jun 06 Jun 02 May 31 May 30 May 29 May 28 May 27 May 26 May 24 May 23 May 22 May 21 May 20 May 19 May 18 May 17 May 15 May 14 May 13 May 12 May 10 May 09 May 08 May 05 May 03

Thursday, June 11, 2026

  1. 1
    0
    The Hacker News general
    Microsoft Patches Record 206 Flaws, Including Three Zero-Days and Critical RCE Bugs

    Microsoft's June 2026 Patch Tuesday set a record with 206 CVEs patched, including 39 Critical and 167 Important severity issues spanning 63 privilege escalation, 56 RCE, and 27 spoofing flaws. Three zero-days were publicly disclosed prior to patching, with at least one actively exploited. Microsoft's security leadership has attributed the surge in vulnerability volume to AI-accelerated discovery tooling.

  2. 2
    0
    BleepingComputer general
    Microsoft June 2026 Patch Tuesday fixes 6 zero-days, 200 flaws

    Microsoft's June 2026 Patch Tuesday addressed 200 flaws including five publicly disclosed zero-days and one actively exploited vulnerability. The release includes fixes for the YellowKey, GreenPlasma, and MiniPlasma zero-days that granted SYSTEM privileges or BitLocker drive access on fully patched Windows systems. Security teams should prioritize immediate deployment given the active exploitation status of at least one flaw.

  3. 3
    0
    BleepingComputer general
    Microsoft patches YellowKey, GreenPlasma, MiniPlasma zero-days

    Microsoft patched three named zero-days — YellowKey, GreenPlasma, and MiniPlasma — in June 2026 Patch Tuesday, where YellowKey and GreenPlasma enable SYSTEM privilege escalation on fully patched Windows, and MiniPlasma grants unauthorized access to BitLocker-protected drives. These were publicly disclosed before patches were available, increasing exploitation risk. Administrators should treat these as priority deployments given the pre-patch disclosure window.

  4. 4
    0
    The Hacker News general
    Microsoft Defender RoguePlanet Zero-Day Grants SYSTEM Access on Updated Windows

    Anonymous researcher Nightmare-Eclipse (also known as Chaotic Eclipse, now operating as 'MSNightmare' on GitHub) released a PoC exploit called RoguePlanet targeting a race condition in Microsoft Defender that achieves SYSTEM-level privilege escalation on fully updated Windows systems. The researcher reports achieving 100% success rate on tested systems despite the race condition nature of the exploit. This continues an ongoing public feud with Microsoft, with multiple Defender zero-days dropped in succession.

  5. 5
    0
    BleepingComputer general
    Oracle PeopleSoft servers hacked in ShinyHunters data theft attacks

    ShinyHunters extortion gang has compromised Oracle PeopleSoft servers across more than 100 organizations in an ongoing data theft campaign. The attacks specifically target PeopleSoft deployments, and ShinyHunters is leveraging stolen data for extortion. Organizations running Oracle PeopleSoft should audit external exposure and review access logs for indicators of compromise immediately.

  6. 6
    0
    Krebs on Security threat-intel
    Who Runs the Ransomware Group ‘The Gentlemen?’

    Krebs on Security investigates 'The Gentlemen,' a ransomware group that has rapidly become the second most active by victim count, operating an affiliate model offering 90% ransom splits to attract high-skill hackers. The analysis includes OSINT-derived clues pointing toward the identity of the group's administrator. Security teams tracking ransomware affiliates should add The Gentlemen to active threat monitoring given their accelerating victim count.

  7. 7
    0
    The Hacker News general
    Unpatched Langflow Flaw CVE-2026-5027 Exploited for Unauthenticated RCE

    CVE-2026-5027 (CVSS 8.8), a path traversal vulnerability in Langflow — the open-source low-code AI application development platform — is under active exploitation in the wild, confirmed by VulnCheck. The flaw allows unauthenticated attackers to write files to arbitrary locations via the 'POST /' endpoint, enabling effective RCE on exposed servers. No patch was available at time of active exploitation, making immediate exposure reduction critical for organizations running Langflow.

  8. 8
    0
    BleepingComputer general
    Microsoft patches Exchange Server zero-day exploited in attacks

    Microsoft patched an actively exploited Exchange Server zero-day enabling arbitrary JavaScript execution via cross-site scripting (XSS) in Outlook Web Access, allowing attackers to target OWA users in hybrid or on-premises Exchange deployments. The flaw was under active attack at patch time, making it a critical priority for organizations still running on-premises or hybrid Exchange. The Ghost-Sender technique separately allows spoofing of any email address via Exchange Online in hybrid configurations.

  9. 9
    0
    The Hacker News general
    Ivanti, Fortinet, and SAP Release Patches for Multiple Critical Vulnerabilities

    Fortinet, Ivanti, and SAP released coordinated security updates addressing multiple critical vulnerabilities, including CVE-2026-25089 (CVSS 9.1) — a command injection flaw in FortiSandbox, FortiSandbox Cloud, and FortiSandbox PaaS WEB UI enabling RCE. Ivanti's patches include a maximum-severity flaw in Sentry secure mobile gateway allowing root-level code execution by unauthenticated remote attackers. SAP's June 2026 package covers 15 vulnerabilities including four critical flaws in NetWeaver and Commerce Cloud.

  10. 10
    0
    BleepingComputer general
    China-linked JDY botnet expands targeting of U.S. military networks

    The China-linked JDY botnet has expanded to over 1,500 compromised SOHO and IoT devices and is now actively targeting U.S. military networks for reconnaissance, according to Lumen research. Previously associated with Volt Typhoon, JDY operates as a centrally controlled high-performance scanner designed to fingerprint and map exposed services at scale. The botnet's expansion signals escalating Chinese state-sponsored pre-positioning activity against critical U.S. infrastructure.