📰 DAILY THREAT BRIEFING
Saturday, June 6, 2026
12 News Items
HN · BleepingComputer · Krebs · Dark Reading · SANS · THN Intel · Unit 42 · Security.com

📰 Cybersecurity News Headlines

Top stories from leading cybersecurity publications as of June 6, 2026.

  1. Suspicious Polyfill login prompts pop up on Toshiba, Muji websites
    — Bleeping Computer

    Tech giant Toshiba and mega-retailer Muji warned visitors that suspicious sign-in screens popping up on their websites could collect credent…
  2. CISA: Hackers now exploit SolarWinds Serv-U flaw to crash servers
    — Bleeping Computer

    CISA warned today that hackers are now actively exploiting a recently patched high-severity SolarWinds Serv-U flaw to crash servers. […]
  3. Exposed Fuel Tank Gauges Under Attack in the US
    — Dark Reading

    Threat actors are taking advantage of Internet-exposed tank gauges by breaching gas stations, opening the door to disruption.
  4. Chinese APT deploys new malware to keep access to hacked networks
    — Bleeping Computer

    A Chinese espionage group tracked as UNC5221 has been accessing Microsoft 365 environments using the Brickstorm backdoor and previously undo…
  5. IronWorm and New Miasma Worm Variant Hit npm in Supply Chain Attacks
    — The Hacker News

    Multiple software supply chain attacks have hit the npm ecosystem, with threat actors using both malicious and poisoned versions of over 50 …
  6. Android Spyware Asin Targets Arabic Users via Fake News, PDF and War Map Apps
    — The Hacker News

    Arabic-speaking users have emerged as the target of a new Android spyware codenamed Asin, according to findings from ESET. The Slovakian cyb…
  7. Adaptive, Agentic AI Worms Loom as Next Enterprise Threat
    — Dark Reading

    AI worms, or "viruses with wings and brains," adapt to new environments, seek out vulnerabilities, and will likely strike within a year, res…
  8. Threat Brief: Active Exploitation of PAN-OS CVE-2026-0257
    — Unit 42

    We include indicators of activity and mitigations for PAN-OS vulnerability CVE-2026-0257. The post Threat Brief: Active Exploitation of PAN-…
  9. Trump AI Order Seeks Voluntary Frontier Model Testing
    — Dark Reading

    The White House's executive order establishes voluntary framework for early government access to frontier models while investing in federal …
  10. New Threat Cluster OP-512 Targets Microsoft IIS Servers with Custom Web Shell Framework
    — The Hacker News

    Cybersecurity researchers have discovered a previously unreported threat cluster dubbed OP-512 (where "OP" stands for "opponent") that has b…
  11. The Evil MSI Background is Back!, (Fri, Jun 5th)
    — SANS ISC

    A few months ago, I wrote a diary about a payload that was embedded into a JPEG picture. It was a MSI-branded background[1]. Yesterday, I sp…
  12. ISC Stormcast For Friday, June 5th, 2026 https://isc.sans.edu/podcastdetail/9960, (Fri, Jun 5th)
    — SANS ISC

    (c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

🪲 NVD — Last 20 Scored Vulnerabilities

Latest scored CVEs from the National Vulnerability Database (7292 in last 30 days).
Critical: 1 · High: 6 · Medium: 12 · Low: 1. View full dashboard →

  1. CVE-2026-9719
    — CVSS 4.3 (MEDIUM)

    The LatePoint – Calendar Booking Plugin for Appointments and Events plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 5.6.0. This is due to missing or incorrect nonc…
  2. CVE-2026-9290
    — CVSS 7.5 (HIGH)

    The WP User Manager – User Profile Builder & Membership plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 2.9.17 via the (profile template scope) function. This makes it p…
  3. CVE-2026-8976
    — CVSS 4.3 (MEDIUM)

    The RSS Aggregator by Feedzy – Feed to Post, Autoblogging, News & YouTube Video Feeds Aggregator plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 5.1.7. This is due to th…
  4. CVE-2026-8900
    — CVSS 6.4 (MEDIUM)

    The Simple SEO Slideshow plugin for WordPress is vulnerable to Stored Cross-Site Scripting via Shortcode Attributes in all versions up to, and including, 1.2.8 due to insufficient input sanitization and output escaping. …
  5. CVE-2026-8893
    — CVSS 6.4 (MEDIUM)

    The Express Payment For Stripe plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'type' attribute of the [stripe-express] shortcode in versions up to, and including, 1.28.0. This is due to insuffi…
  6. CVE-2026-8608
    — CVSS 5.3 (MEDIUM)

    The Event Monster – Event Management, Events Calendar, Tickets plugin for WordPress is vulnerable to Insufficient Verification of Data Authenticity in versions up to, and including, 2.1.0. This is due to the capture_pa…
  7. CVE-2026-7047
    — CVSS 4.3 (MEDIUM)

    The Frontend User Notes plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.1.1. This is due to missing or incorrect nonce validation on the funp_ajax_modify_notes fun…
  8. CVE-2026-6448
    — CVSS 4.9 (MEDIUM)

    The Quiz and Survey Master (QSM) – Easy Quiz and Survey Maker plugin for WordPress is vulnerable to time-based blind SQL Injection via the 'order' parameter in all versions up to, and including, 11.1.2 due to insuffici…
  9. CVE-2026-10038
    — CVSS 4.3 (MEDIUM)

    The Charitable – Donation Plugin for WordPress – Fundraising with Recurring Donations & More plugin for WordPress is vulnerable to Insecure Direct Object Reference / Authorization Bypass leading to Arbitrary Attachme…
  10. CVE-2025-12656
    — CVSS 3.8 (LOW)

    The Migration, Backup, Staging – WPvivid Backup & Migration plugin for WordPress is vulnerable to arbitrary directory deletion due to insufficient file path validation in the delete_cancel_staging_site() function in al…
  11. CVE-2026-7654
    — CVSS 8.8 (HIGH)

    The Admin Columns plugin for WordPress is vulnerable to PHP Object Injection leading to Remote Code Execution in versions up to and including 7.0.18. This is due to the use of `unserialize()` without an `allowed_classes`…
  12. CVE-2026-7523
    — CVSS 4.3 (MEDIUM)

    The Alba Board plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 2.1.3. This is due to the plugin not properly verifying that a user is authorized to perform an action. This…
  13. CVE-2026-11416
    — CVSS 8.1 (HIGH)

    MoviePilot contains a path traversal vulnerability in the AliPan, U115, and Rclone cloud storage download handlers where the local destination path is constructed by concatenating the configured download directory with a…
  14. CVE-2026-11422
    — CVSS 7.1 (HIGH)

    Markdown Preview Enhanced 0.8.x with crossnote engine 0.9.28 contains a code injection vulnerability in the WaveDrom rendering pipeline that allows attackers to execute arbitrary JavaScript by embedding malicious content…
  15. CVE-2026-46493
    — CVSS 7.5 (HIGH)

    HAX CMS helps manage microsite universe with PHP or NodeJs backends. Versions prior to 26.0.1 use `uniqid` for generating salts, which is unsuitable. Version 26.0.1 fixes the issue.
  16. CVE-2026-46397
    — CVSS 6.5 (MEDIUM)

    HAX CMS helps manage microsite universe with PHP or NodeJs backends. Prior to version 26.0.0, an Authenticated Local File Inclusion (LFI) vulnerability in the HAXCMS saveOutline endpoint allows a low-privileged user to r…
  17. CVE-2026-46357
    — CVSS 6.5 (MEDIUM)

    HAX CMS helps manage microsite universe with PHP or NodeJs backends. Prior to version 26.0.0, the HAX CMS NodeJS application crashes when an authenticated attacker sends a specially crafted site creation request to the c…
  18. CVE-2026-45758
    — CVSS 9.6 (CRITICAL)

    Guardrails AI is a Python framework that helps build AI applications. On May 11, 2026 at approximately 6:00 PM Pacific, an attacker published a malicious version of `guardrails-ai` (0.10.1) to PyPI. Aany user who install…
  19. CVE-2026-45300
    — CVSS 7.4 (HIGH)

    The AsyncHttpClient (AHC) library allows Java applications to easily execute HTTP requests and asynchronously process HTTP responses. Versions on the 2.x branch prior to 2.15.0 and the 3.x branch prior to 3.0.10 leak `Co…
  20. CVE-2026-25624
    — CVSS 5.7 (MEDIUM)

    An administrative cross-site scripting (XSS) vulnerability exists in the web user interface dashboard layout of Arista Edge Threat Management – Arista Next Generation Firewall (NGFW). Unvalidated user-supplied variables …

Source: NVD CVE API 2.0

Generated by CryptXNet.ai Threat Intelligence Platform · June 6, 2026 · Sources: The Hacker News, Bleeping Computer, Krebs on Security, Dark Reading, SANS ISC, THN Threat Intel, Unit 42, Security.com