Check Point Research found that CVE-2026-50751, a serious flaw in Check Point Remote Access VPN and Mobile Access, is being actively used by attackers. It can let them bypass authentication (CVSS 9.3). CVE-2026-50751 affects systems using the old IKEv1 key exchange method. A remote attacker can take advantage of a …
Read More »CVE-2026-50751
Hacker now exploits recently patched SolarWinds Serv-U flaw
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) said today that hackers are using a newly fixed serious SolarWinds Serv-U problem to crash servers. SolarWinds put out Serv-U 15.5.4 Hotfix 1 on Thursday to fix a denial-of-service problem (known as CVE-2026-28318). They said it comes from a weak point in …
Read More »Cisco SD-WAN Flaw Exploited and Trend Micro Flaws Allows to Security Bypass
Trend Micro’s Deep Security Agent for Linux has a design flaw. This issue lets a local attacker, who does not have special access, create short “blind spots.” During these moments, endpoint protections are not working temporarily. The issue stems from how the agent unloads and reloads its bmhook and tmhook …
Read More »
ALERT
Google patches one exploited Android zero-day and 124 issues
Google has shared the June 2026 Android security updates to fix 124 flaws, including one zero-day issue used in special attacks. Local attackers can take advantage of a serious Android Framework flaw (known as CVE-2025-48595) to run code and gain higher access on devices using Android 14 or newer. “There are …
Read More »Hackers Use Meta’s AI Bot to Take Over Instagram Accounts
Many Instagram users lost access to their accounts because attackers tricked Meta’s AI support tools into thinking they were the real owners. Many users can’t get back in because the platform only uses AI or chatbots for help, without any human support. On Monday, many people with valuable accounts said they …
Read More »
ALERT
FortiClient EMS Code Execution Flaw Exploited to Deploy Malware
A recent phishing attack aimed at FortiClient Endpoint Management Server (EMS) has used trusted admin systems to quietly install a new password thief on company devices. In May 2026, Arctic Wolf researchers found a group of bad actions using CVE-2026-35616, a flaw in FortiClient EMS that allows improper access. Attackers …
Read More »Microsoft patches SharePoint RCE flaw CVE-2026-45659 across servers
Microsoft patches to fix a security flaw in SharePoint. This issue could let hackers run harmful code without needing special conditions. The flaw, dubbed CVE-2026-45659, has a CVSS score of 8.8. It is rated as a serious issue. “Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker …
Read More »FBI alerts on Kali365 phishing targeting Microsoft 365 accounts
The FBI warns about the Kali365 phishing platform (PhaaS). It is used to take over Microsoft 365 accounts by misusing OAuth device code authentication to steal session tokens and get around multi-factor authentication (MFA). Kali365 appeared in April 2026, as per the FBI PSA. It is shared through Telegram channels …
Read More »SonicWall Firewall Targeted by Hackers; 597,000 Sessions Observed
A big increase in scanning across the internet for SonicWall firewall management interface has been observed. GreyNoise, a threat intelligence company, found a big increase in scans of SonicWall SonicOS management APIs from May 9 to May 18, 2026. The most notable spike occurred on May 12, when approximately 597,000 …
Read More »Malware Surge Hits Bangladesh: 55+ Strains Detected; 160+ Actively Spreading
More than 55 different types of malware were found last week, and over 160 malware types are spreading in Bangladesh. Some notable malware groups are Android.BadBox2, Android.Vo1d, Avalanche-Andromeda, and Mirai. This shows that both mobile devices and IoT systems are still being targeted. The malware strains targeted Bangladesh’s cyber landscape …
Read More »
InfoSecBulletin Cybersecurity for mankind