Episode 86 — 20 Jun 2026
1. CISA: Splunk Enterprise flaw actively exploited, patch by Sunday
Source: Bleeping Computer
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has urged federal agencies to secure their systems by Sunday against a critical Splunk Enterprise vulnerability that is being exploited in attacks. Tracked as CVE-2026-20253 , this security flaw affects Splunk...
2. Klue OAuth breach victim list grows as Icarus hackers claim attack
Source: Bleeping Computer
Market intelligence platform Klue has publicly confirmed a recent security incident that allowed threat actors to steal OAuth tokens used to connect to customers' Salesforce environments, as the new "Icarus" extortion group publicly claims the attack. The disclosure comes...
3. Texas govt data breach exposes over 3 million driver’s licenses
Source: Bleeping Computer
The Texas Parks and Wildlife Department (TPWD) disclosed a data breach at its license system vendor that exposed personal information for more than three million individuals. The Texas Cyber Command discovered the intrusion and launched an investigation to determine the...
4. Operation Endgame Disrupts SocGholish Servers, Cleans 14,971 WordPress Sites
Source: The Hacker News
Dutch law enforcement authorities, along with counterparts from Canada , Germany, and the U.S., have disrupted malicious infrastructure associated with SocGholish and cleaned up nearly 15,000 infected WordPress websites. "With these actions we deprive cybercriminals of access...
5. Gentlemen ransomware uses multiple EDR killers to disable defenses
Source: Bleeping Computer
The Gentlemen ransomware-as-a-service (RaaS) is actively developing and maintaining a suite of endpoint detection and response (EDR) killers to help affiliates evade detection in attacks. The gang employs a collection of EDR-killing tools, most notably a utility that...
6. Unpatchable 'usbliter8' Exploit Breaks Apple A12 and A13 SecureROM Boot Chain
Source: The Hacker News
Security researchers at Paradigm Shift have published a working exploit, dubbed usbliter8, that achieves arbitrary code execution inside the SecureROM of Apple's A12 and A13 chips. That code is burned into the silicon at manufacture. No software update can reach it. Affected...
7. Apple Patches Beats Studio Buds Flaw Letting Nearby Attackers Spy via Microphone
Source: The Hacker News
Apple has updated its Beats Studio Buds wireless earbuds to patch a high-severity vulnerability that could be exploited by nearby hackers to eavesdrop on users. The vulnerability, tracked as CVE-2025-20701 (CVSS score: 8.8), refers to a case of incorrect authorization...
8. The Gentlemen RaaS Uses GentleKiller EDR Framework Targeting 400 Security Processes
Source: The Hacker News
The Gentlemen ransomware-as-a-service (RaaS) operation is actively developing and maintaining a suite of endpoint detection and response (EDR) killers that it hands out to affiliates for impairing system defenses before deploying the encryptor. This mature portfolio of...
