Today's cybersecurity landscape is dominated by a record-breaking Patch Tuesday from Microsoft, addressing numerous critical vulnerabilities, including several zero-days. Additionally, CISA has updated its KEV catalog with actively exploited flaws, and the China-linked JDY botnet is expanding its reconnaissance efforts.

Unpatched Langflow Flaw CVE-2026-5027 Exploited for Unauthenticated RCE — A high-severity path traversal vulnerability in the Langflow AI platform (CVE-2026-5027) is under active exploitation, allowing attackers to write files to arbitrary locations. Read more →
CISA Adds Cisco, Chrome, and Arista Flaws to KEV Catalog Amid Active Exploitation — CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog: CVE-2026-20245 (Cisco Catalyst SD-WAN Manager), CVE-2026-11645 (Google Chromium V8), and CVE-2026-7473 (Arista Extensible Operating System). Read more →
Microsoft patches Exchange Server zero-day exploited in attacks — Microsoft has released a patch for an actively exploited Exchange Server zero-day vulnerability that allowed threat actors to execute arbitrary JavaScript code via cross-site scripting (XSS) attacks targeting Outlook Web Access users. Read more →
Microsoft patches YellowKey, GreenPlasma, MiniPlasma zero-days — Microsoft patched two zero-day vulnerabilities (YellowKey, GreenPlasma) allowing SYSTEM privileges on Windows, and a third (MiniPlasma) granting access to BitLocker-protected drives. Read more →
Microsoft Patches Record 206 Flaws, Including Three Zero-Days and Critical RCE Bugs — Microsoft's June 2026 Patch Tuesday addressed a record 206 vulnerabilities, including 39 critical and 167 important flaws, with three zero-days publicly disclosed at the time of release. Read more →
Oracle PeopleSoft servers hacked in ShinyHunters data theft attacks — The ShinyHunters extortion group claims to have stolen data from over 100 organizations by targeting Oracle PeopleSoft servers in ongoing data theft attacks. Read more →
Nightmare-Eclipse Drops Yet Another Microsoft Exploit, RoguePlanet — A disgruntled researcher has released a new proof-of-concept (PoC) exploit, "RoguePlanet," for a Windows Defender bug that allows for system takeover, continuing their feud with Microsoft. Read more →
China-Linked JDY Botnet Expands to 1,500+ Devices for Cyber Reconnaissance — The China-linked JDY botnet has expanded to over 1,500 SOHO and IoT devices, operating as a high-performance scanner for discovering and mapping exposed services, with increased targeting of U.S. military networks. Read more →