Attackers hit pair of critical Fortinet vulnerabilities the vendor disclosed in April
Attackers are actively exploiting a pair of critical Fortinet vulnerabilities in FortiSandbox, a security product customers use to identify and defend against emerging threats across their network, according to researchers. Fortinet disclosed and patched the vulnerabilities - CVE-2026-39808 and CVE-2026-39813 - in April, but it hasn't confirmed exploitation. The company did not respond to a request for comment. READ MORE...
Kodak Admits Data Breach After ShinyHunters Hack Claims
Commercial printing and imaging technologies company Kodak has confirmed suffering a data breach after the ShinyHunters cybercrime group claimed to have stolen information from its systems. Kodak was named on the ShinyHunters website on June 15, with the hackers claiming to have obtained more than 2.2 million records of customer personal information and other corporate data. The hackers threatened to leak the stolen data on June 18 unless the company pays a ransom. READ MORE...
Malware attacks strip Roblox developers of entire games
Hackers who once focused on stealing valuable Roblox items are now taking over entire games. Although Roblox operates the service, users can create and publish their own games on it. Successful games can generate substantial revenue through in-game purchases. Some developers have earned millions of dollars and built dedicated studios around their creations. Multiple Roblox developers told 404 Media that hackers had taken over their games and said Roblox support did little to help. READ MORE...
Atlassian, Splunk Patch Critical Vulnerabilities
Atlassian and Splunk on Wednesday announced patches for multiple vulnerabilities in their products, including critical-severity flaws. Splunk resolved a critical issue in AI Toolkit that could allow authenticated attackers with admin roles to execute arbitrary OS commands on the host the Splunk Enterprise instance runs on. Tracked as CVE-2026-20266 (CVSS score of 9.1), the security defect was addressed in Splunk AI Toolkit version 5.7.4. READ MORE...
F5 issues out-of-band patches for critical NGINX vulnerabilities
Cybersecurity company F5 has released out-of-band security updates to address multiple NGINX web server vulnerabilities, including two critical-severity flaws that could allow attackers to execute code on vulnerable systems. The two critical vulnerabilities can be exploited by unauthenticated remote attackers to trigger a denial-of-service (DoS) attack or code execution on NGINX systems with non-default configurations. READ MORE...
Rokarolla Android malware can take over your phone and steal banking logins
Researchers have analyzed a new Android banking Trojan called Rokarolla. It can effectively take over a device, steal banking and crypto login details from more than 200 apps, and quietly monitor much of what you do on your phone. On an infected device, Rokarolla steals banking and crypto login details. When you open one of the banking or crypto apps on Rokarolla's target list, the malware downloads and displays a matching fake login page over the real app. READ MORE...
GentleKiller targets more than 400 security processes across 48 products
Most ransomware operations leave the work of disabling endpoint security software to their affiliates. The ransomware-as-a-service gang Gentlemen runs a different model. Its operators develop and maintain a set of tools for shutting down endpoint detection and response (EDR) products, then provide these tools directly to the affiliates who rent the gang's encryptors. An internal data leak from the group in May 2026 confirmed the arrangement. READ MORE...
Microsoft working on a fix for RoguePlanet, a flaw that grants full PC control
A publicly available exploit called RoguePlanet can give attackers the highest level of access on Windows systems. Microsoft has confirmed the vulnerability and says it's working on a security update. RoguePlanet is tracked under CVE-2026-50656, where it's described as a Microsoft Defender Elevation of Privilege (EoP) vulnerability. If successfully exploited, RoguePlanet can allow an attacker to elevate privileges from a standard user account to the highest privilege level on Windows. READ MORE...
- ...in 1812, the United States declares war on the United Kingdom, beginning the War of 1812.
- ...in 1815, British and Prussian forces led by Wellington and Blucher defeat Napoleon Bonaparte's army at Waterloo.
- ...in 1942, singer-songwriter Paul McCartney is born in Liverpool, England.
- ...in 1983, astronaut Sally Ride becomes the first American woman in space, aboard the STS-7 mission.
