Summary
During the week of June 1–8, 2026, there were 15 advisories and 30 incidents (both up week-over-week), affecting roughly 4.8 million individuals, led by the 2.6 million-record DentaQuest breach. Most incidents were caused by malware/ransomware (9), software vulnerabilities (6), and unauthorized access (5), concentrated in the IT/technology and healthcare sectors. Notable threats included multiple actively exploited zero-days and critical RCE flaws (Cisco, Oracle WebLogic, VS Code, Windows Netlogon, and Android). Major ransomware and supply-chain breaches affect healthcare, hospitality, and financial organizations.
Take Action:
Apply Oracle's July 2024 Critical Patch Update (and all subsequent patches) to your WebLogic Server installations right away, as attackers are actively exploiting this flaw. In the meantime, restrict or disable access to the T3 and IIOP protocols. If the server does not serve public content for external visitors, make sure WebLogic servers are only reachable from trusted internal networks, not the open internet.
Read the full article on BeyondMachines
This article was originally published on BeyondMachines
Top comments (0)