Saturday , June 20 2026
Analysis of the Bluesky ransomware in the ANY.RUN sandbox

Microsoft Tuesday fixed 90 flaws, including 10 zero days

infosecbulletin Wednesday , August 14 2024 Vulnerabilities

Microsoft on Tuesday fixed a total of 90 security flaws, including 10 zero-days, of which six have come under active exploitation in the wild.

Of the 90 bugs, seven are rated Critical, 79 are rated Important, and one is rated Moderate in severity. This is also in addition to 36 vulnerabilities that the tech giant resolved in its Edge browser since last month.

CISA: Splunk flaw under active exploit, patch by Sunday

By infosecbulletin / Saturday , June 20 2026
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has asked federal agencies to protect their systems by Sunday from a...
Read More
CISA: Splunk flaw under active exploit, patch by Sunday

Texas data breach exposes 3 million driver’s licenses

By infosecbulletin / Saturday , June 20 2026
The Texas Parks and Wildlife Department (TPWD) revealed a data leak at its license system provider. This leak exposed private...
Read More
Texas data breach exposes 3 million driver’s licenses

Critical Cisco ISE Vulnerability Enables Remote Code Execution

By infosecbulletin / Friday , June 19 2026
Cisco has revealed critical security flaws in its Identity Services Engine (ISE). These flaws could let attackers run harmful code...
Read More
Critical Cisco ISE Vulnerability Enables Remote Code Execution

F5 Patches NGINX Flaw for Code Execution and DoS Attacks

By infosecbulletin / Thursday , June 18 2026
F5 has shared a security warning about serious flaws in NGINX. These issues could let attackers run any code and...
Read More
F5 Patches NGINX Flaw for Code Execution and DoS Attacks

FortiBleed: 70,000 Fortinet Firewalls Compromised Globally

By infosecbulletin / Wednesday , June 17 2026
A vast cyber spying operation called “FortiBleed” has quietly compromised more than 73,932 different Fortinet firewall URLs in 194 countries....
Read More
FortiBleed: 70,000 Fortinet Firewalls Compromised Globally

New Rokarolla Android malware hits 217 banking and crypto apps

By infosecbulletin / Wednesday , June 17 2026
A new Android banking trojan called Rokarolla is hitting 217 banking and cryptocurrency apps with a wide range of 137...
Read More
New Rokarolla Android malware hits 217 banking and crypto apps

Phishing Campaign Exploits Legitimate Microsoft Login Flow

By infosecbulletin / Tuesday , June 16 2026
Attackers are using Microsoft’s OAuth 2.0 Device Authorization Grant (device code) flow in a campaign to take control of Microsoft...
Read More
Phishing Campaign Exploits Legitimate Microsoft Login Flow

ALERT
Cisco SD-WAN Zero-Day, FortiSandbox and cPanel flaws exploited in attacks

By infosecbulletin / Tuesday , June 16 2026
Cisco on Monday told customers about a new SD-WAN product flaw used in attacks. The flaw, called CVE-2026-20262, is a...
Read More
ALERT Cisco SD-WAN Zero-Day, FortiSandbox and cPanel flaws exploited in attacks

“Panthalassa” builds floating AI data centers powered by ocean waves

By infosecbulletin / Tuesday , June 16 2026
Every American data center story these days follows almost the same pattern. Someone has the chips, someone has the cash,...
Read More
“Panthalassa” builds floating AI data centers powered by ocean waves

Critical Wazuh Vuln Enables Alert Tampering and Evidence Deletion

By infosecbulletin / Monday , June 15 2026
A critical security flaw has affected the open-source security community. Recently, complete details and working exploit code were shared online....
Read More
Critical Wazuh Vuln Enables Alert Tampering and Evidence Deletion

The Patch Tuesday updates are notable for addressing six actively exploited zero-days :

CVE-2024-38189 (CVSS score: 8.8) – Microsoft Project Remote Code Execution Vulnerability

CVE-2024-38178 (CVSS score: 7.5) – Windows Scripting Engine Memory Corruption Vulnerability

CVE-2024-38193 (CVSS score: 7.8) – Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability

CVE-2024-38106 (CVSS score: 7.0) – Windows Kernel Elevation of Privilege Vulnerability

CVE-2024-38107 (CVSS score: 7.8) – Windows Power Dependency Coordinator Elevation of Privilege Vulnerability

CVE-2024-38213 (CVSS score: 6.5) – Windows Mark of the Web Security Feature Bypass Vulnerability

CVE-2024-38213, which allows attackers to bypass SmartScreen protections, requires an attacker to send the user a malicious file and convince them to open it. Credited with discovering and reporting the flaw is Trend Micro’s Peter Girnus, suggesting that it could be a bypass for CVE-2024-21412 or CVE-2023-36025, which were previously exploited by DarkGate malware operators.

Check Also

June

Microsoft June Patches 200 Vulnerabilities including 3 zero days

Microsoft’s June 2026 Patch Tuesday updates fix about 200 security flaws found in the company’s …

Mail: [email protected]
© Copyright 2026, All Rights Reserved InfoSecBulletin