TJS Cybersecurity News Center

Cybersecurity News Today: Threat Posture HIGH

The Tech Jacks Solutions Cybersecurity News Center is actively tracking 442 security intelligence items, including 87 critical threats, 160 flash alerts, and 0 CISA Known Exploited Vulnerabilities (KEV). 26 new items were published in the last 24 hours.

Cybersecurity News: Latest Threat Intelligence

• CVE-2026-48768: Path Traversal Vulnerability in baptisteArno typebot.io (CVE Vulnerability · CVE-2026-48768 · Jun 19, 2026)
• CVE-2026-12515: Katello Missing Authorization Enables Repository Information Disclosure in Red Hat Satellite (CVE Vulnerability · CVE-2026-12515 · Jun 19, 2026)
• CVE-2026-45357: Uncontrolled Resource Consumption (DoS) in LiquidJS Template Engine (CVE Vulnerability · CVE-2026-45357 · Jun 19, 2026)
• CVE-2026-2467: Critical Heap-Based Buffer Overflow in RTI Connext Professional Core Libraries (CVE Vulnerability · CVE-2026-2467 · Jun 19, 2026)
• CVE-2026-35603: Privilege Escalation via Insecure ProgramData in AI Coding Tools (CVE Vulnerability · CVE-2026-35603 · Jun 19, 2026)
• CVE-2026-11395: Server-Side Request Forgery in CF7 to Webhook Plugin for WordPress (CVE Vulnerability · CVE-2026-11395 · Jun 19, 2026)
• CVE-2026-50268: Plaintext Password Storage in SteeltoeOSS Steeltoe.Configuration.Encryption (CVE Vulnerability · CVE-2026-50268 · Jun 19, 2026)
• F5 NGINX Critical RCE and DoS Vulnerabilities, Emergency Out-of-Band Patches Released (CVE Vulnerability · CVE-2026-42530, CVE-2026-42055, CVE-2026-11311, CVE-2026-50107 · Jun 19, 2026)
• CVE-2026-48764: Server-Side Request Forgery in baptisteArno typebot.io (CVE Vulnerability · CVE-2026-48764 · Jun 19, 2026)
• Multiple Vulnerabilities in IBM WebSphere Application Server Shipped with WebSphere Service Registry and Repository (CVE Vulnerability · CVE-2026-10845, CVE-2026-8646, CVE-2026-9320, CVE-2026-9071, CVE-2026-9006 · Jun 19, 2026)
• Salesforce Data Exfiltration via Klue OAuth Integration Compromise (Data Breach · Jun 18, 2026)
• Misconfigured Entra Access Controls Nearly Handed World Cup Broadcast Streams to Outside Attackers (Security News · Jun 18, 2026)
• USB Worm Chains LNK Abuse, Clipboard Hijacking, and Tor C2 to Drain Cryptocurrency Wallets (Threat Campaign · Jun 18, 2026)
• Operation Endgame Dismantles SocGholish at Scale: 14,971 WordPress Sites Cleaned, Evil Corp Infrastructure Cut (Threat Campaign · Jun 18, 2026)
• Salesforce Third-Party App Compromise Campaign Expands: Klue Battlecards Joins Growing Supply Chain Attack Series (Threat Campaign · Jun 18, 2026)
• Malicious AI-Themed Plugins and Extensions Targeting Developer Credentials and AI API Keys (Threat Campaign · Jun 18, 2026)
• Icarus Exploits Klue OAuth Chain to Exfiltrate Salesforce CRM Data Across Multiple Enterprises (Threat Campaign · Jun 18, 2026)
• USB-Borne Windows Clipper Malware Uses Tor C2 and Runtime Code Execution to Target Cryptocurrency Users (Threat Campaign · Jun 18, 2026)
• INC Ransomware Reaches 830+ Victims: Rust-Rewritten RaaS Group Targets Downtime-Sensitive Sectors with Expanding Toolkit (Threat Campaign · CVE-2023-3519, CVE-2025-5777, CVE-2023-48788, CVE-2024-57727 · Jun 18, 2026)
• Rockwell FactoryTalk Historian SE Carries Authentication Bypass and DoS Flaws Across OT Environments (CVE Vulnerability · CVE-2025-13036, CVE-2025-44019, CVE-2025-36539 · Jun 18, 2026)
• Schneider Electric OT Products Affected by Session Hijacking Flaw (CVE-2026-4827) Across 30+ Critical Infrastructure Devices (CVE Vulnerability · CVE-2026-4827 · Jun 18, 2026)
• FortiBleed: Mass Credential Leak Exposes VPN Access for ~74,000 Fortinet Devices (Data Breach · Jun 18, 2026)
• A New Proof-of-Concept Shows an AI Worm Can Autonomously Discover and Exploit Vulnerabilities (Security News · Jun 18, 2026)
• USB-Delivered Crypto Clipper Combines Tor C2, Worm Propagation, and Runtime Code Execution in Active Campaign (Threat Campaign · Jun 18, 2026)
• Technology Sector Under Siege: China Dominates State-Sponsored Intrusions While DPRK and eCrime Groups Escalate Supply Chain and Extortion Operations (Threat Campaign · Jun 18, 2026)
• INC Ransomware's Sector-Targeting Strategy Keeps Healthcare in the Crosshairs (Threat Campaign · Jun 18, 2026)
• CVE-2026-50656: Public PoC for Unpatched Microsoft Defender SYSTEM Escalation Demands Immediate Attention (CVE Vulnerability · CVE-2026-50656 · Jun 18, 2026)
• NIST National Vulnerability Database (NVD) Expands to Include SSVC and "Affected" Information (Governance & Compliance · Jun 18, 2026)
• Data Breach at Crime Stoppers of Hamilton via Navigate360 Software (Data Breach · Jun 18, 2026)
• University of Nottingham Data Breach, Expert Analysis Published (Data Breach · Jun 18, 2026)

Cybersecurity News Mapped to Compliance Frameworks

Every intelligence item is mapped to industry-standard compliance frameworks. Current coverage includes:

• NIST 800-53
• MITRE ATT&CK
• CIS Controls v8
• ISO 27001:2022
• NIST CSF 2.0
• HIPAA Security Rule
• SOC 2 Trust Services
• OWASP Top 10

Cybersecurity News Briefings: Weekly Intelligence Reports

• Weekly Security Intelligence Briefing -- Week of 2026-06-15 (Jun 15, 2026)
• Weekly Security Intelligence Briefing -- Week of 2026-06-08 (Jun 8, 2026)
• Weekly Security Intelligence Briefing -- Week of 2026-06-01 (Jun 1, 2026)
• Weekly Security Intelligence Briefing -- Week of 2026-05-25 (May 25, 2026)
• Weekly Security Intelligence Briefing -- Week of 2026-05-18 (May 18, 2026)

About This Cybersecurity News Dashboard

The Tech Jacks Solutions Cybersecurity News Center is an AI-powered threat intelligence platform that delivers real-time security analysis, CVE tracking, CISA KEV monitoring, and MITRE ATT&CK framework mapping. Our automated pipeline processes intelligence from NVD, CISA, vendor advisories, and security research feeds three times daily, producing executive briefings, IOC feeds, and prioritized action packs for security teams, CISOs, and compliance officers.

Features include:

• Real-time threat posture monitoring and flash alerts
• CVE vulnerability tracking with CVSS and EPSS scoring
• CISA Known Exploited Vulnerabilities (KEV) deadline tracking
• MITRE ATT&CK kill chain mapping across all intelligence items
• Compliance framework mapping: NIST 800-53, CIS v8, ISO 27001, HIPAA, SOC 2
• Executive briefings with downloadable PDF action packs
• Weekly security intelligence briefings
• Indicators of Compromise (IOC) feeds for SOC teams

Explore More from Tech Jacks Solutions

Dive deeper into cybersecurity, AI governance, risk management, and career development across our resource hubs.

• Information Security Hub — GRC, incident response, and compliance frameworks
• AI News — Latest AI developments, regulation, and market trends
• Job Displacement Tracker — AI workforce impact, layoff data, and industry analysis
• AI Knowledge Hub — Chatbots, generative AI, agentic AI, MCP, and RAG
• AI Governance Hub — EU AI Act, NIST AI RMF, ISO 42001, and risk management
• AI Risk Management Hub — Risk assessment guides, vendor risk, and threat landscape
• AI Tools Hub — AI tools directory, comparisons, and enterprise solutions
• IT Certifications Hub — CISSP, CISM, CEH, Azure, Google Cloud career paths

Vendor Vulnerability Rollups

Aggregated vulnerability intelligence by vendor, including CVE counts, severity distribution, and remediation timelines.

• JetBrains / Google Chrome (Developer Tooling) — Vulnerability Rollup (2026-06-18) (Jun 18, 2026)
• WordPress (Automattic) — Vulnerability Rollup (2026-06-18) (Jun 18, 2026)
• F5 (NGINX) — Vulnerability Rollup (2026-06-18) (Jun 18, 2026)
• Salesforce — Vulnerability Rollup (2026-06-18) (Jun 18, 2026)
• Microsoft — Vulnerability Rollup (2026-06-18) (Jun 18, 2026)
• Veeam — Vulnerability Rollup (2026-06-18) (Jun 18, 2026)
• SimpleHelp — Vulnerability Rollup (2026-06-18) (Jun 18, 2026)
• Fortinet — Vulnerability Rollup (2026-06-18) (Jun 18, 2026)
• Citrix — Vulnerability Rollup (2026-06-18) (Jun 18, 2026)
• Cross-vendor / Emerging Threat (AI Security) — Vulnerability Rollup (2026-06-18) (Jun 18, 2026)
• Cross-vendor / Sector (INC Ransomware — Healthcare) — Vulnerability Rollup (2026-06-18) (Jun 18, 2026)
• npm / axios (open-source supply chain) — Vulnerability Rollup (2026-06-18) (Jun 18, 2026)
• LiteLLM — Vulnerability Rollup (2026-06-18) (Jun 18, 2026)
• Rockwell Automation — Vulnerability Rollup (2026-06-18) (Jun 18, 2026)
• Schneider Electric — Vulnerability Rollup (2026-06-18) (Jun 18, 2026)

Executive Intelligence Briefs

Concise threat posture assessments with key items, IR lifecycle guidance, and board-ready risk analysis.

• SCC Executive Brief - 2026-06-18 (Jun 18, 2026)

Situation Reports (SitReps)

Multi-item intelligence synthesis reports grouping related threats by actor, vendor, sector, or technique.

• Authentication Dead Zones: Supply Chain Poisoning, OAuth Bypass, and Kernel Privilege Escalation Converge Against Technology Sector Infrastructure (May 2, 2026)
• Technology Sector Under Sustained Multi-Vector Attack: Supply Chain Compromise, Critical Infrastructure Vulnerabilities, and Expanding Social Engineering Surface Converge in May 2026 (May 2, 2026)
• Technology Sector Under Siege: Credential Theft, Supply Chain Compromise, and AI-Accelerated Exploitation Converge in a Multi-Vector Assault (May 2, 2026)
• Technology Sector Under Coordinated Pressure: Supply Chain Poisoning, Developer Infrastructure Exploitation, and AI Governance Failures Converge (May 1, 2026)
• AI-Era Attack Surface Expansion: Perimeter Implants, Browser Credential Theft, and Governance Blind Spots Converge Across Technology and Government Sectors (May 1, 2026)