Stay informed with today's critical security updates
Every organisation is different. The free "Daily Pulse" feed shows the broader threat landscape.
Want this specific and tailored to your organisation?
ThreatInsights – Click for more infoThe Daily Pulse is refreshed automatically every day at 9:00 AM GMT
Want to learn more about Cyber Threat Intelligence?
Check out our free online self-paced training course.
Start Learning NowWednesday, June 10, 2026
Ivanti: Max severity Sentry flaw allows code execution as root
Ivanti has patched two critical vulnerabilities in its Sentry secure mobile gateway solution, including a maximum-severity flaw that enables remote attackers to execute code with root privileges.
Review affected systems, apply patches immediately, monitor for exploitation attempts, and verify patch deployment across all endpoints.
Wednesday, June 10, 2026
Blame AI: Patch Tuesday Hits Record 206 CVEs
Voluminous patch updates could soon be the norm, as artificial intelligence accelerates the speed and scale of vulnerability discovery.
Review affected systems, apply patches immediately, monitor for exploitation attempts, and verify patch deployment across all endpoints.
Wednesday, June 10, 2026
No Patch Planned for Exploited Arista EOS Vulnerability
Organizations are advised to apply vendor-supplied mitigations or discontinue the vulnerable devices. The post No Patch Planned for Exploited Arista EOS Vulnerability appeared first on SecurityWeek.
Review affected systems, apply patches immediately, monitor for exploitation attempts, and verify patch deployment across all endpoints.
Wednesday, June 10, 2026
Hackers Used Meta’s AI Support Bot to Seize Instagram Accounts
The Instagram accounts for the Obama White House and the Chief Master Sergeant of the U. Space Force were briefly defaced with pro-Iranian images and messages over the weekend, after instructions began circulating on Telegram showing how to trick Meta's "AI support assistant" bot into resetting a...
Check if your organization uses affected services, reset credentials, monitor for phishing attempts using leaked data, and review third-party risk.
Wednesday, June 10, 2026
Six Proto6 Vulnerabilities in protobuf.js Expose Node.js Apps to RCE and DoS
Six Proto6 Vulnerabilities in protobuf. js Apps to RCE and DoS.
Assess potential impact to your environment, update security controls, inform relevant stakeholders, and monitor for related activity.
Wednesday, June 10, 2026
Microsoft Exchange Flaw Lets Attackers Spoof Any Email Address
"Ghost-Sender" uses Exchange Online or on-premises in hybrid mode with a third-party mail server or spam filter to achieve this level of spoofing.
Assess potential impact to your environment, update security controls, inform relevant stakeholders, and monitor for related activity.
Wednesday, June 10, 2026
SHub Reaper | macOS Stealer Spoofs Apple, Google, and Microsoft in a Single Attack Chain
SHub Reaper bypasses Apple's Terminal mitigation, steals credentials and documents, and plants a persistent backdoor for continued access after infection.
Assess potential impact to your environment, update security controls, inform relevant stakeholders, and monitor for related activity.
Wednesday, June 10, 2026
Liquid Glass for Linux? PearOS makes another Mac move - how it looks now
PearOS has been promising to become the MacOS of Linux for some time now, and the latest release just might deliver.
Assess potential impact to your environment, update security controls, inform relevant stakeholders, and monitor for related activity.
Wednesday, June 10, 2026
Anthropic's new Claude Fable 5 is the same base model as Mythos but with guardrails attached
Claude Fable 5 brings Mythos-class AI coding power to general users, but with cybersecurity guardrails, fallback models, and pricing that could make developers think twice.
Assess potential impact to your environment, update security controls, inform relevant stakeholders, and monitor for related activity.
Wednesday, June 10, 2026
Adobe Patches 123 Vulnerabilities
Nearly half of the security holes, most allowing arbitrary code execution, have been fixed in Adobe’s Experience Manager product. The post Adobe Patches 123 Vulnerabilities appeared first on SecurityWeek.
Review affected systems, apply patches immediately, monitor for exploitation attempts, and verify patch deployment across all endpoints.
Tuesday, June 9, 2026
Dreaming: Better memory for a more helpful ChatGPT — ChatGPT introduces a new memory system to better remember preferences, keeping context fresh and relevant across conversations.
ChatGPT introduces a new memory system to better remember preferences, keeping context fresh and relevant across conversations.
Deploy adversarial robustness testing, implement input anomaly detection, use ensemble models for critical decisions, and add confidence thresholds.
Tuesday, June 9, 2026
174,000 Impacted by Lansing Community College Data Breach — Hackers accessed personal information stored on certain Lansing Community College systems in February 2025. The post 174,000 Impacted by Lansing Community College Data Breach appeared first on Secu...
Hackers accessed personal information stored on certain Lansing Community College systems in February 2025. The post 174,000 Impacted by Lansing Community College Data Breach appeared first on SecurityWeek. ]]>
Deploy adversarial robustness testing, implement input anomaly detection, use ensemble models for critical decisions, and add confidence thresholds.
Tuesday, June 9, 2026
Rust-Written IronWorm Hits NPM Supply Chain — Like Shai-Hulud, the campaign targets developers to steal credentials and reuses them to propagate across the software supply channel.
Like Shai-Hulud, the campaign targets developers to steal credentials and reuses them to propagate across the software supply channel.
Audit ML dependencies, implement package pinning with hash verification, use isolated training environments, and scan for known malicious packages.
Tuesday, June 9, 2026
Out of the Crypt: The Evolving Cyber Extortion Economy — Unit 42 explores trends in data theft and extortion, outlining key strategies for organizations as frontier AI models advance. The post Out of the Crypt: The Evolving Cyber Extortion Economy appear...
Unit 42 explores trends in data theft and extortion, outlining key strategies for organizations as frontier AI models advance. The post Out of the Crypt: The Evolving Cyber Extortion Economy appeared first on Unit 42. ]]>
Deploy adversarial robustness testing, implement input anomaly detection, use ensemble models for critical decisions, and add confidence thresholds.
Tuesday, June 9, 2026
AI brands as bait: How threat actors are using the AI hype in social engineering — As threat actors operationalize AI to accelerate attacks, they are also leveraging the wider global interest around AI itself as a social engineering lure. The post AI brands as bait: How threat ac...
As threat actors operationalize AI to accelerate attacks, they are also leveraging the wider global interest around AI itself as a social engineering lure. The post AI brands as bait: How threat actors are using the AI hype in social engineering appeared first on Microsoft Security Blog. ]]>
Deploy adversarial robustness testing, implement input anomaly detection, use ensemble models for critical decisions, and add confidence thresholds.
Tuesday, June 9, 2026
SHub Reaper | macOS Stealer Spoofs Apple, Google, and Microsoft in a Single Attack Chain — SHub Reaper bypasses Apple's Terminal mitigation, steals credentials and documents, and plants a persistent backdoor for continued access after infection.
SHub Reaper bypasses Apple's Terminal mitigation, steals credentials and documents, and plants a persistent backdoor for continued access after infection.
Verify model provenance and checksums, scan for backdoor signatures, implement data validation pipelines, and use trusted model sources only.
Tuesday, June 9, 2026
UNC3753 Used Vishing and Physical Intrusions in U.S. Data Theft Extortion Campaign
UNC3753 Used Vishing and Physical Intrusions in U.S. Data Theft Extortion Campaign
Deploy adversarial robustness testing, implement input anomaly detection, use ensemble models for critical decisions, and add confidence thresholds.
Tuesday, June 9, 2026
Trump AI Order Seeks Voluntary Frontier Model Testing — The White House's executive order establishes voluntary framework for early government access to frontier models while investing in federal security.
The White House's executive order establishes voluntary framework for early government access to frontier models while investing in federal security.
Deploy adversarial robustness testing, implement input anomaly detection, use ensemble models for critical decisions, and add confidence thresholds.
Tuesday, June 9, 2026
'Hades' Campaign Against PyPI Puts New Spin on Shai-Hulud — The latest attacks, which hit 37 PyPI wheels and 19 code packages, show a continued evolution of the persistent software supply chain threat.
The latest attacks, which hit 37 PyPI wheels and 19 code packages, show a continued evolution of the persistent software supply chain threat.
Audit ML dependencies, implement package pinning with hash verification, use isolated training environments, and scan for known malicious packages.
Tuesday, June 9, 2026
ISO 42001:2023 and the New Reality of Cloud AI Data Risk
ISO 42001:2023 and the New Reality of Cloud AI Data Risk
Deploy adversarial robustness testing, implement input anomaly detection, use ensemble models for critical decisions, and add confidence thresholds.