Summary
During week 24 of 2026, there were 20 advisory/vulnerability events (including actively exploited zero-days in Check Point VPN, Langflow, Ivanti Sentry, Google Chrome, and Microsoft Defender, plus critical flaws patched by Microsoft, SAP, Fortinet, Veeam, and others) and 18 incidents affecting over 11.6 million individuals. The largest incident was a Kyushu Electric Power subsidiary breach exposing 10.9 million customer records. Incidents were driven mainly by malware/ransomware and third-party compromises, hitting education and healthcare hardest, with notable breaches at Novo Nordisk, Lincoln Financial, Oracle PeopleSoft (ShinyHunters), and multiple NHS trusts via the Synnovis ransomware attack.
Take Action:
This week prioritize Microsoft and Oracle products. Oracle has an actively exploited flaw that has been used to compromise multiple organizations.
Read the full article on BeyondMachines
This article was originally published on BeyondMachines
Top comments (0)