Attackers are actively exploiting a pair of critical Fortinet vulnerabilities in FortiSandbox, a security product customers use to identify and defend against emerging threats across their network, according to researchers. Fortinet disclosed and patched the vulnerabilities - CVE-2026-39808 and CVE-2026-39813 - in April, but it hasn't confirmed exploitation. The company did not respond to a request for comment. READ MORE...
Commercial printing and imaging technologies company Kodak has confirmed suffering a data breach after the ShinyHunters cybercrime group claimed to have stolen information from its systems. Kodak was named on the ShinyHunters website on June 15, with the hackers claiming to have obtained more than 2.2 million records of customer personal information and other corporate data. The hackers threatened to leak the stolen data on June 18 unless the company pays a ransom. READ MORE...
Hackers who once focused on stealing valuable Roblox items are now taking over entire games. Although Roblox operates the service, users can create and publish their own games on it. Successful games can generate substantial revenue through in-game purchases. Some developers have earned millions of dollars and built dedicated studios around their creations. Multiple Roblox developers told 404 Media that hackers had taken over their games and said Roblox support did little to help. READ MORE...
Atlassian and Splunk on Wednesday announced patches for multiple vulnerabilities in their products, including critical-severity flaws. Splunk resolved a critical issue in AI Toolkit that could allow authenticated attackers with admin roles to execute arbitrary OS commands on the host the Splunk Enterprise instance runs on. Tracked as CVE-2026-20266 (CVSS score of 9.1), the security defect was addressed in Splunk AI Toolkit version 5.7.4. READ MORE...
Cybersecurity company F5 has released out-of-band security updates to address multiple NGINX web server vulnerabilities, including two critical-severity flaws that could allow attackers to execute code on vulnerable systems. The two critical vulnerabilities can be exploited by unauthenticated remote attackers to trigger a denial-of-service (DoS) attack or code execution on NGINX systems with non-default configurations. READ MORE...
Researchers have analyzed a new Android banking Trojan called Rokarolla. It can effectively take over a device, steal banking and crypto login details from more than 200 apps, and quietly monitor much of what you do on your phone. On an infected device, Rokarolla steals banking and crypto login details. When you open one of the banking or crypto apps on Rokarolla's target list, the malware downloads and displays a matching fake login page over the real app. READ MORE...
Most ransomware operations leave the work of disabling endpoint security software to their affiliates. The ransomware-as-a-service gang Gentlemen runs a different model. Its operators develop and maintain a set of tools for shutting down endpoint detection and response (EDR) products, then provide these tools directly to the affiliates who rent the gang's encryptors. An internal data leak from the group in May 2026 confirmed the arrangement. READ MORE...
A publicly available exploit called RoguePlanet can give attackers the highest level of access on Windows systems. Microsoft has confirmed the vulnerability and says it's working on a security update. RoguePlanet is tracked under CVE-2026-50656, where it's described as a Microsoft Defender Elevation of Privilege (EoP) vulnerability. If successfully exploited, RoguePlanet can allow an attacker to elevate privileges from a standard user account to the highest privilege level on Windows. READ MORE...