June Patch Tuesday digs into 67 bugs
An extremely Windows-heavy month, with a surprise cameo by… Sophos?!
Similar Posts
Fortinet, Ivanti, and SAP Issue Urgent Patches for Authentication and Code Execution Flaws
Bys sFortinet, Ivanti, and SAP have moved to address critical security flaws in their products that, if successfully exploited, could result in an authentication bypass and code execution. The Fortinet vulnerabilities affect FortiOS, FortiWeb, FortiProxy, and FortiSwitchManager and relate to a case of improper verification of a cryptographic signature. They are tracked as CVE-2025-59718 and
Researchers Detail Tuoni C2’s Role in an Attempted 2025 Real-Estate Cyber Intrusion
Bys sCybersecurity researchers have disclosed details of a cyber attack targeting a major U.S.-based real-estate company that involved the use of a nascent command-and-control (C2) and red teaming framework known as Tuoni. “The campaign leveraged the emerging Tuoni C2 framework, a relatively new, command-and-control (C2) tool (with a free license) that delivers stealthy, in-memory payloads,”
Maine House Passes Strong Privacy Bill
Bys sEPIC writes: A strong comprehensive privacy bill passed the Maine House of Representatives today. The bill, LD 1822, closely mirrors the privacy law Maryland passed in 2024 and would extend essential privacy protections to Mainers. The bill includes strong data minimization requirements, enhanced protections for sensitive data, and civil rights protections prohibiting data-driven discrimination. EPIC has testified in support of……
Critical AdonisJS Bodyparser Flaw (CVSS 9.2) Enables Arbitrary File Write on Servers
Bys sUsers of the “@adonisjs/bodyparser” npm package are being advised to update to the latest version following the disclosure of a critical security vulnerability that, if successfully exploited, could allow a remote attacker to write arbitrary files on the server. Tracked as CVE-2026-21440 (CVSS score: 9.2), the flaw has been described as a path traversal issue…
SSK Plastic Surgery discloses it experienced a hack and extortion attempt in 2024
Bys sAnother plastic surgery practice has revealed that it was the victim of a cyberattack with an extortion demand. SSK Plastic Surgery in California recently notified the California Attorney General’s Office of an incident. The state’s website indicates that SSK Plastic Surgery reported that the breach occurred on March 20, 2024 and was discovered or ended…
Liberty Township in Ohio has recovered its network after a ransomware attack
Bys sWith so many cyberattacks being disclosed every day, a lof ot them never get reported on in the media. That’s not necessarily a bad thing, but some of them do contain sensitive personal information or could expose people — or the entity itself — to increased risk of future attacks. One such incident involved Liberty Township…