📰 DAILY THREAT BRIEFING
Tuesday, June 16, 2026
12 News Items
HN · BleepingComputer · Krebs · Dark Reading · SANS · THN Intel · Unit 42 · Security.com

📰 Cybersecurity News Headlines

Top stories from leading cybersecurity publications as of June 16, 2026.

  1. Inside the Modern SOC: The 72-Minute Race
    — Unit 42

    Attackers can move from access to exfiltration in 72 minutes. Learn how modern SOC teams close the speed gap with Unit 42's AI-driven automa…
  2. DOJ seizes CFAKE, SOCFAKE deepfake nude sites under TAKE IT DOWN Act
    — Bleeping Computer

    The U.S. Department of Justice announced Friday that it has seized the CFAKE.com and SOCFAKE.com websites, which allegedly hosted nonconsens…
  3. SimpleHelp bug lets hackers create rogue remote support accounts
    — Bleeping Computer

    A vulnerability in the SimpleHelp remote management software allows unauthenticated attackers to create privileged technician accounts on se…
  4. Chinese Hackers Abused Google Workspace Rules to Steal Research and Defense Emails
    — The Hacker News

    A China-linked espionage group hid inside North American medical, academic, and military research networks for more than a year, quietly ste…
  5. North Korean Hackers Are Turning Developer Tools Into Malware Delivery Channels
    — The Hacker News

    Cybersecurity researchers have flagged two malicious cyber campaigns that exhibit similarities with a persistent North Korean threat cluster…
  6. Copilot 'SearchLeak' Attack Allows 1-Click Data Theft
    — Dark Reading

    The critical, three-stage attack is now patched, but it's part of a new group of AI prompt-injection issues that use hidden URLs and other v…
  7. OptinMonster WordPress plugin hacked in CDN supply-chain attack
    — Bleeping Computer

    WordPress plugins OptinMonster, TrustPulse, and PushEngage have been compromised in a supply-chain attack impacting Awesome Motive-s content…
  8. China-Nexus Actor Spy on US Researchers Undetected for a Year
    — Dark Reading

    Google discovered and disrupted the sprawling campaign, which stole RedCAP credentials to target numerous institutions and exfiltrate sensit…
  9. Most CISOs Report Pressure to Bury Bad Security News
    — Dark Reading

    Executive leaders may not be saying it aloud, but business objectives and priorities don't always promote timely disclosures.
  10. LiteLLM Vulnerability Chain Lets Low-Privilege Users Take Over AI Gateway Servers
    — The Hacker News

    A default low-privilege account on a LiteLLM proxy can climb to full admin and run code on the server by chaining three vulnerabilities, res…
  11. Evil MSI Background: BASE64 Statistical Analysis, (Mon, Jun 15th)
    — SANS ISC

    I like it when a fellow handler posts a diary entry about images with malicious content. Last one is Xavier: "The Evil MSI Background is Bac…
  12. ISC Stormcast For Monday, June 15th, 2026 https://isc.sans.edu/podcastdetail/9972, (Mon, Jun 15th)
    — SANS ISC

    (c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

🪲 NVD — Last 20 Scored Vulnerabilities

Latest scored CVEs from the National Vulnerability Database (6912 in last 30 days).
Critical: 5 · High: 9 · Medium: 6 · Low: 0. View full dashboard →

  1. CVE-2026-9262
    — CVSS 6.5 (MEDIUM)

    Use of a non-secure protocol as the default FTP configuration in Canon EOS Network Setting Tool Version 1.5.0 or earlier
  2. CVE-2026-9261
    — CVSS 6.8 (MEDIUM)

    Use of weak SSH cryptographic algorithms in Canon EOS Network Setting Tool Version 1.5.0 or earlier
  3. CVE-2026-9260
    — CVSS 6.2 (MEDIUM)

    Use of hard-coded cryptographic keys in Canon EOS Network Setting Tool Version 1.5.0 or earlier
  4. CVE-2026-9259
    — CVSS 6.5 (MEDIUM)

    Improper validation of server certificates in Canon EOS Network Setting Tool Version 1.5.0 or earlier
  5. CVE-2026-9258
    — CVSS 6.5 (MEDIUM)

    Improper validation of SSH host keys in Canon EOS Network Setting Tool Version 1.5.0 or earlier
  6. CVE-2026-48723
    — CVSS 7.8 (HIGH)

    The browserstack-cypress-cli is BrowserStack's CLI which allows users to run Cypress tests on BrowserStack. Versions prior to 1.36.4 are vulnerable to OS command injection via the cypress_config_file configuration parame…
  7. CVE-2026-48714
    — CVSS 9.1 (CRITICAL)

    i18next-http-middleware is a middleware to be used with Node.js web frameworks like express or Fastify and also for Deno. In versions prior to 3.9.7, the missingKeyHandler blocked the literal request-body keys __proto__,…
  8. CVE-2026-48713
    — CVSS 9.1 (CRITICAL)

    Versions prior to 2.6.6 are vulnerable to prototype pollution via crafted missing-key strings when used to persist missing translation keys (e.g. via i18next-http-middleware's missingKeyHandler exposed to untrusted input…
  9. CVE-2026-48157
    — CVSS 6.1 (MEDIUM)

    Slim is a PHP micro framework that enables users to write simple web applications and APIs. In versions 4.4.0 through 4.15, if an application uses HttpException::setTitle() and/or setDescription() to include untrusted/re…
  10. CVE-2026-48017
    — CVSS 8.8 (HIGH)

    DbGate is cross-platform database manager. In versions 7.1.8 and prior, the POST /runners/load-reader endpoint in DbGate accepts a functionName parameter that is directly interpolated into a JavaScript code template with…
  11. CVE-2026-9691
    — CVSS 9.8 (CRITICAL)

    Unauthenticated PHP Object Injection in Integration for ActiveCampaign and Contact Form 7, WPForms, Elementor, Ninja Forms <= 1.1.1 versions.
  12. CVE-2026-52703
    — CVSS 9.6 (CRITICAL)

    Unauthenticated Path Traversal in FastDup <= 2.7.2 versions.
  13. CVE-2026-52702
    — CVSS 7.1 (HIGH)

    Unauthenticated Cross Site Scripting (XSS) in SEO Redirection <= 9.17 versions.
  14. CVE-2026-52700
    — CVSS 8.5 (HIGH)

    Subscriber SQL Injection in WCMultiShipping <= 3.0.2 versions.
  15. CVE-2026-52699
    — CVSS 7.5 (HIGH)

    Unauthenticated Insecure Direct Object References (IDOR) in VikRentCar <= 1.4.5 versions.
  16. CVE-2026-52697
    — CVSS 8.5 (HIGH)

    Subscriber SQL Injection in Taskbuilder <= 5.0.7 versions.
  17. CVE-2026-52695
    — CVSS 7.5 (HIGH)

    Unauthenticated Sensitive Data Exposure in ABC Crypto Checkout <= 1.8.2 versions.
  18. CVE-2026-52694
    — CVSS 7.5 (HIGH)

    Unauthenticated Sensitive Data Exposure in Signature Add-On for WooCommerce <= 2.0 versions.
  19. CVE-2026-52693
    — CVSS 9.3 (CRITICAL)

    Unauthenticated SQL Injection in eCommerce Product Catalog <= 3.5.5 versions.
  20. CVE-2026-52692
    — CVSS 7.5 (HIGH)

    Unauthenticated Sensitive Data Exposure in Affiliates Manager <= 2.9.50 versions.

Source: NVD CVE API 2.0

Generated by CryptXNet.ai Threat Intelligence Platform · June 16, 2026 · Sources: The Hacker News, Bleeping Computer, Krebs on Security, Dark Reading, SANS ISC, THN Threat Intel, Unit 42, Security.com