SimpleHelp CVE-2026-48558 RMM Bypass Exploited

SimpleHelp CVE-2026-48558

A critical SimpleHelp CVE-2026-48558 authentication bypass is letting attackers forge a login token and seize a fully authenticated technician session in the remote monitoring and management (RMM) software thousands of managed service providers use to run client networks. CISA added the flaw to its Known Exploited Vulnerabilities catalog on June 29, and researchers have already…

Read More

PTC Windchill RCE CVE-2026-12569: Web Shells Actively Deployed

The PTC Windchill RCE CVE-2026-12569 (CVSS 9.3) is actively exploited — and this is the second attack wave targeting the same product in three months. Attackers are deploying persistent JSP web shells inside Windchill PDMLink and FlexPLM installations right now. CISA added the flaw to its Known Exploited Vulnerabilities catalog on June 25, 2026; the…

Read More

Top 5 Cybersecurity News Stories June 26, 2026

Top 5 Cybersicherheit News Stories vom 26. Juni 2026

The five stories in this week’s Cybersecurity News Stories June 26, 2026 do not share an attacker technique or a common entry point. They share a common target: the foundational infrastructure organisations treat as settled — the code supply chain that delivers the software their developers build with, the integration layer that connects their business…

Read More

Top 5 Cybersecurity News Stories June 19, 2026

Cybersecurity News Stories June 19, 2026

The five stories in this week’s Cybersecurity News Stories June 19, 2026 do not describe attacks that broke through the perimeter. They describe the infrastructure organisations depend on to stay connected, productive, and operational being compromised or left permanently undefended. An AI API gateway routing requests to OpenAI and Anthropic, now exploitable without credentials. An…

Read More

Top 5 Cybersecurity News Stories May 22, 2026

Cybersecurity News Stories May 22, 2026

This week’s Top 5 Cybersecurity News Stories May 22, 2026 are not a recap. They are a strategic read of where trust is breaking down across the layers organisations have never modelled as attack surface. A Visual Studio Code extension used by developers at GitHub, OpenAI, and Mistral AI. The antivirus engine running on nearly…

Read More