Your Windows is fully patched. And there’s a public exploit on GitHub that gives attackers SYSTEM on it right now.

By Editorial Team | June 16, 2026

Your Windows is fully patched. And there’s a public exploit on GitHub that gives attackers SYSTEM on it right now. On June 10 — hours after Microsoft shipped its June Patch Tuesday update — researcher Nightmare Eclipse published a working exploit called RoguePlanet. It targets a race condition in Microsoft Defender’s quarantine pipeline. Defender runs…

Read More

Your ERP system has no patch. Hackers are already inside.

By Editorial Team | June 15, 2026

Your ERP system has no patch. Hackers are already inside. Oracle issued an emergency out-of-band security alert yesterday for CVE-2026-35273 — a critical unauthenticated remote code execution vulnerability in PeopleSoft PeopleTools 8.61 and 8.62. No password required. An attacker with HTTP access to the Environment Management Hub runs arbitrary code on your ERP server. ShinyHunters…

Read More

Your backup server just became a CVSS 9.4 problem.

By Editorial Team | June 12, 2026

Your backup server just became a CVSS 9.4 problem. Veeam disclosed CVE-2026-44963 on June 9: any authenticated domain user — not an admin, not a privileged account — can execute code directly on a Veeam Backup & Replication server. A standard Active Directory login is enough. The flaw was discovered by watchTowr researcher Sina Kheirkhah.…

Read More

The biggest Patch Tuesday in Microsoft history dropped yesterday: 200 vulnerabilities. 33 Critical. 3 disclosed zero-days.

By Editorial Team | June 11, 2026

The biggest Patch Tuesday in Microsoft history dropped yesterday: 200 vulnerabilities. 33 Critical. 3 disclosed zero-days. And then — hours after the patches shipped — a researcher published an unpatched one that works on fully updated Windows 10 and 11. You patched everything available. You still have a gap. Here is what the June 9…

Read More