Episode 82 — 16 Jun 2026
1. Cisco Releases Security Updates for Actively Exploited SD-WAN Manager Flaw
Source: The Hacker News
Cisco has released security updates for a medium-severity security flaw in Catalyst SD-WAN Manager that has come under active exploitation in the wild. The vulnerability, tracked as CVE-2026-20262, carries a CVSS score of 6.5 out of 10.0. "A vulnerability in the web UI of...
2. New attack turned Microsoft 365 Copilot into 1-click data theft tool
Source: Bleeping Computer
A critical vulnerability chain dubbed SearchLeak in Microsoft 365 Copilot Enterprise could allow attackers to steal sensitive data from a target's mailbox, OneDrive, or SharePoint account through a specially crafted URL. The exfiltrated information could be email content...
3. SimpleHelp bug lets hackers create rogue remote support accounts
Source: Bleeping Computer
A vulnerability in the SimpleHelp remote management software allows unauthenticated attackers to create privileged technician accounts on servers using the OpenID Connect (OIDC) authentication protocol. The flaw is tracked as CVE-2026-48558 and received a critical severity...
4. iRhythm discloses data breach, says hackers stole patient info
Source: Bleeping Computer
Digital healthcare company iRhythm Holdings has disclosed a data breach after hackers stole patients' personal and health information stored on third-party-hosted business applications. The company says its cardiac monitoring service has been used to analyze more than 2...
5. OptinMonster WordPress plugin hacked in CDN supply-chain attack
Source: Bleeping Computer
WordPress plugins OptinMonster, TrustPulse, and PushEngage have been compromised in a supply-chain attack impacting Awesome Motive's content distribution network (CDN). Of the three products, the OptinMonster lead-generation and conversion optimization platform is the most...
6. CISA Flags LiteSpeed cPanel Plugin Flaw Exploited for Root Privilege Escalation
Source: The Hacker News
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a security flaw impacting LiteSpeed cPanel Plugin to its Known Exploited Vulnerabilities (KEV) catalog, requiring Federal Civilian Executive Branch (FCEB) agencies to apply the fixes by June 18, 2026....
7. Fake Microsoft Alerts Used to Deploy North Korean NarwhalRAT Malware
Source: The Hacker News
The North Korean state-sponsored hacking group known as ScarCruft (aka APT37) has been observed using spear-phishing messages impersonating Microsoft Account security notifications to deliver malware called NarwhalRAT. "The attack email contained a message impersonating an MS...
8. LiteLLM Vulnerability Chain Lets Low-Privilege Users Take Over AI Gateway Servers
Source: The Hacker News
A default low-privilege account on a LiteLLM proxy can climb to full admin and run code on the server by chaining three vulnerabilities, researchers at Obsidian Security disclosed LiteLLM is a widely deployed open-source AI gateway that brokers calls to more than 100 model...
