Vulnerabilities & Patches

Attackers just got admin access to the system that was supposed to catch them. Splunk Enterprise has a CVSS 9.8 vulnerability — CVE-2026-20253 — that allows unauthenticated remote attackers to write arbitrary files on the Splunk server without any credentials. File write chains into full remote code execution. CISA confirmed active exploitation yesterday and added…

The tool you bought to catch malware is now being used as a foothold. Attackers started exploiting Fortinet FortiSandbox on June 15 — six weeks after patches were released. Three critical vulnerabilities. All three actively exploited. FortiSandbox is enterprise malware analysis infrastructure. You send suspicious files to it. It detonates them in isolation. It tells…

74,000 Fortinet firewalls. Admin passwords cracked. No CVE. If you run FortiGate infrastructure, the question is not whether to act — it is how fast. Security researcher Bob Diachenko discovered on June 17 an exposed server containing verified admin credentials for 73,932 Fortinet FortiGate devices across 194 countries. The campaign, now called FortiBleed, was confirmed…

Your Windows is fully patched. And there’s a public exploit on GitHub that gives attackers SYSTEM on it right now. On June 10 — hours after Microsoft shipped its June Patch Tuesday update — researcher Nightmare Eclipse published a working exploit called RoguePlanet. It targets a race condition in Microsoft Defender’s quarantine pipeline. Defender runs…

Your ERP system has no patch. Hackers are already inside. Oracle issued an emergency out-of-band security alert yesterday for CVE-2026-35273 — a critical unauthenticated remote code execution vulnerability in PeopleSoft PeopleTools 8.61 and 8.62. No password required. An attacker with HTTP access to the Environment Management Hub runs arbitrary code on your ERP server. ShinyHunters…