📰 DAILY THREAT BRIEFING
Saturday, June 13, 2026
12 News Items
HN · BleepingComputer · Krebs · Dark Reading · SANS · THN Intel · Unit 42 · Security.com

📰 Cybersecurity News Headlines

Top stories from leading cybersecurity publications as of June 13, 2026.

  1. Tracing Digital Intent: New MacOS Tahoe 26 Artifact Discovered
    — Unit 42

    Unit 42 has discovered a new macOS Tahoe 26 forensic artifact that tracks user menu selections across the operating system. Learn more here.…
  2. ShinyHunters Uses Oracle Zero-Day to Rampage Higher Ed
    — Dark Reading

    A major bug in Oracle's ERP software disproportionately affected American universities, and hackers have capitalized by stealing gobs of dat…
  3. Maine disables data breach notification portal after fake disclosures
    — Bleeping Computer

    Maine has taken its public data breach reporting portal offline after fraudulent breach disclosures were published on the state's website, p…
  4. Over 400 Arch Linux AUR Packages Hijacked to Deploy Infostealer and eBPF Rootkit
    — The Hacker News

    Attackers took over more than 400 packages in the Arch User Repository (AUR) this week and rewrote their build scripts to install a credenti…
  5. Google Sues Chinese Smishing Network Accused of Using Gemini AI in Phishing
    — The Hacker News

    Google on Friday said it's pursuing legal action against a Chinese cybercrime network, accusing it of using its Gemini artificial intelligen…
  6. phpBB forum fixes auth bypass bug lurking for a decade
    — Bleeping Computer

    A 10-year-old authentication bypass vulnerability discovered in the phpBB forum software allows an attacker to log in as any user, including…
  7. China-Linked Hackers Backdoored Linux Login Software to Hide for Nearly a Decade
    — The Hacker News

    Instead of hiding on the laptops and servers defenders watch most closely, a China-nexus group spent close to a decade hidden inside the Lin…
  8. Ukrainian national pleads guilty to role in Conti ransomware operation
    — Bleeping Computer

    A Ukrainian national extradited from Ireland to the United States last year has pleaded guilty to conspiracy charges tied to the Conti ranso…
  9. Claude Fable 5 Doesn't Change the Mythos Security Story
    — Dark Reading

    Stay cool: Mythos 5 is an upgrade over Mythos Preview while Fable 5 is Mythos "made safe for general use," Anthropic explained.
  10. ISC Stormcast For Friday, June 12th, 2026 https://isc.sans.edu/podcastdetail/9970, (Fri, Jun 12th)
    — SANS ISC

    (c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
  11. Phishing Attack Volume Down 20%, But Risk Still Rising
    — Dark Reading

    Hackers are valuing quality over quantity, using AI to upgrade their phishing attacks rather than multiply them.
  12. Trust No Skill: Integrity Verification for AI Agent Supply Chains
    — Unit 42

    Protect enterprise AI agents from supply chain risks by auditing third-party skills for hidden vulnerabilities and multi-stage attack chains…

🪲 NVD — Last 20 Scored Vulnerabilities

Latest scored CVEs from the National Vulnerability Database (7036 in last 30 days).
Critical: 1 · High: 12 · Medium: 6 · Low: 1. View full dashboard →

  1. CVE-2026-11443
    — CVSS 4.6 (MEDIUM)

    Allegra downloadAttachment Cross-Site Scripting Authentication Bypass Vulnerability. This vulnerability allows remote attackers to execute arbitrary script on affected installations of Allegra. User interaction is requir…
  2. CVE-2026-11442
    — CVSS 6.5 (MEDIUM)

    Allegra exportReport Directory Traversal Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Allegra. Authentication is required…
  3. CVE-2026-6676
    — CVSS 7.8 (HIGH)

    Heap buffer out-of-bounds write vulnerability in Avira Antivirus engine when scanning a malformed POSIX tar archive may allow Local Execution of Code or Denial-of-Service of the antivirus engine process.

    This issue affe…

  4. CVE-2026-12068
    — CVSS 7.4 (HIGH)

    Information disclosure vulnerability in Avira Password Manager when used with Mozilla Firefox may allow a remote attacker operating a cross-origin iframe to obtain credentials autofilled for the parent web page via incor…
  5. CVE-2025-9033
    — CVSS 7.8 (HIGH)

    Heap buffer out-of-bounds read vulnerability in Avira Antivirus engine when scanning a malformed PDF file may allow Local Execution of Code or Denial-of-Service of the antivirus engine process.

    This issue affects Avira …

  6. CVE-2025-9032
    — CVSS 7.8 (HIGH)

    Heap buffer out-of-bounds read vulnerability in Avira Antivirus engine when scanning a malformed Windows PE file may allow Local Execution of Code or Denial-of-Service of the antivirus engine process.

    This issue affects…

  7. CVE-2025-14098
    — CVSS 7.8 (HIGH)

    Heap buffer out-of-bounds write vulnerability due to integer overflow in Avira Antivirus engine when scanning a malformed MS-DOS executable file may allow Local Execution of Code or Denial-of-Service of the antivirus eng…
  8. CVE-2026-53868
    — CVSS 7.5 (HIGH)

    Capgo before 12.128.2 contains a denial of service vulnerability allowing attackers to register accounts using arbitrary email addresses without verification, then initiate deletion to lock emails in pending deletion sta…
  9. CVE-2026-53867
    — CVSS 4.3 (MEDIUM)

    Capgo before 12.128.2 fails to delete previously uploaded profile images from backend storage when users replace or remove them. Attackers can access orphaned image files through previously generated URLs, allowing unaut…
  10. CVE-2026-53839
    — CVSS 6.5 (MEDIUM)

    OpenClaw before 2026.5.7 contains a hostname validation vulnerability in retry endpoint checks that allows matching hostname prefixes instead of exact hostnames. Attackers can exploit this by crafting a hostname prefix r…
  11. CVE-2026-53838
    — CVSS 9.8 (CRITICAL)

    OpenClaw before 2026.5.27 contains a state mutation vulnerability in node pairing reconnection that allows paired nodes to confuse approval scope decisions. Attackers can exploit reconnection logic to restore or present …
  12. CVE-2026-53837
    — CVSS 3.7 (LOW)

    OpenClaw before 2026.5.6 contains an improper access control vulnerability in Mattermost event handlers that fails to validate channel type metadata. Attackers can bypass intended DM policy decisions by sending crafted M…
  13. CVE-2026-53836
    — CVSS 8.8 (HIGH)

    OpenClaw before 2026.5.12 contains an allowlist bypass vulnerability in PowerShell encoded-command handling that allows attackers to execute encoded commands using abbreviated flag aliases not recognized by the allowlist…
  14. CVE-2026-53835
    — CVSS 4.3 (MEDIUM)

    OpenClaw before 2026.5.6 contains a configuration enforcement bypass vulnerability in Feishu dynamic-agent bindings that allows authenticated senders to create or update bindings without honoring configured config-write …
  15. CVE-2026-53834
    — CVSS 7.5 (HIGH)

    OpenClaw before 2026.4.27 contains an authorization bypass vulnerability in QQBot pre-dispatch slash commands that allows authenticated senders to skip allowFrom policy checks. Attackers can invoke slash commands before …
  16. CVE-2026-53833
    — CVSS 7.7 (HIGH)

    OpenClaw before 2026.4.29 contains an authorization bypass vulnerability in the QQBot streaming command that allows authenticated senders to mutate configuration without explicit allowFrom restrictions. Attackers can mod…
  17. CVE-2026-53832
    — CVSS 7.7 (HIGH)

    OpenClaw before 2026.5.18 contains an identity header validation vulnerability allowing local same-host callers to forge trusted-proxy identity headers. Attackers with access to the proxy-facing Gateway port can supply f…
  18. CVE-2026-53831
    — CVSS 8.3 (HIGH)

    OpenClaw before 2026.5.18 contains a policy enforcement vulnerability in system.run safe-bin allowlist validation that allows shell expansion to modify command interpretation on POSIX nodes. Authenticated operators can e…
  19. CVE-2026-53830
    — CVSS 6.5 (MEDIUM)

    OpenClaw before 2026.4.22 contains a webhook secret revocation bypass vulnerability allowing callers with old Slack and Zalo webhook secrets to remain active after secrets.reload. Attackers can exploit the stale-secret w…
  20. CVE-2026-53829
    — CVSS 8.0 (HIGH)

    OpenClaw before 2026.5.18 contains an approval display truncation vulnerability allowing authenticated users to hide command suffixes from approvers. Attackers can submit oversized exec commands with benign prefixes and …

Source: NVD CVE API 2.0

Generated by CryptXNet.ai Threat Intelligence Platform · June 13, 2026 · Sources: The Hacker News, Bleeping Computer, Krebs on Security, Dark Reading, SANS ISC, THN Threat Intel, Unit 42, Security.com