DEV Community: BeyondMachines

State of (in)security - Week 24, 2026

BeyondMachines — Mon, 15 Jun 2026 18:01:04 +0000

Summary

During week 24 of 2026, there were 20 advisory/vulnerability events (including actively exploited zero-days in Check Point VPN, Langflow, Ivanti Sentry, Google Chrome, and Microsoft Defender, plus critical flaws patched by Microsoft, SAP, Fortinet, Veeam, and others) and 18 incidents affecting over 11.6 million individuals. The largest incident was a Kyushu Electric Power subsidiary breach exposing 10.9 million customer records. Incidents were driven mainly by malware/ransomware and third-party compromises, hitting education and healthcare hardest, with notable breaches at Novo Nordisk, Lincoln Financial, Oracle PeopleSoft (ShinyHunters), and multiple NHS trusts via the Synnovis ransomware attack.

Take Action:

This week prioritize Microsoft and Oracle products. Oracle has an actively exploited flaw that has been used to compromise multiple organizations.

Read the full article on BeyondMachines

This article was originally published on BeyondMachines

Caldwell Sutter Capital Discloses Data Breach Following Third-Party Vendor Cyberattack

BeyondMachines — Mon, 15 Jun 2026 17:01:05 +0000

Summary

Caldwell Sutter Capital disclosed a data breach affecting 663 individuals after a cyberattack on its third-party software provider, FoxTrot LLC, exposed Social Security numbers and financial account details.

Read the full article on BeyondMachines

This article was originally published on BeyondMachines

Maine Attorney General Disables Breach Portal Following Fraudulent Reports

BeyondMachines — Mon, 15 Jun 2026 16:01:05 +0000

Summary

The Maine Attorney General Office disabled its public breach reporting portal after unknown actors submitted fraudulent notifications impersonating VRChat and Discord.

Read the full article on BeyondMachines

This article was originally published on BeyondMachines

Paylogix Insurtech Platform Breached by Akira Ransomware Group

BeyondMachines — Sun, 14 Jun 2026 09:01:14 +0000

Summary

Paylogix, a New York insurance tech company, suffered a data breach in November 2025 that the Akira ransomware group later claimed involved the theft of 185 GB of sensitive data.

Read the full article on BeyondMachines

This article was originally published on BeyondMachines

HDFC Asset Management Company Discloses Data Breach Affecting Investor PII

BeyondMachines — Sun, 14 Jun 2026 08:01:14 +0000

Summary

HDFC Asset Management Company suffered a data breach after an anonymous attacker gained access to its IT systems, potentially exposing investor PII such as PAN and bank details. The firm has advised investors to reset passwords and monitor for SIM-swap fraud.

Read the full article on BeyondMachines

This article was originally published on BeyondMachines

Ubiquiti Patches Critical Command Injection Flaws in UniFi OS

BeyondMachines — Sat, 13 Jun 2026 18:01:15 +0000

Summary

Ubiquiti patched five vulnerabilities in UniFi OS and UID Enterprise Agent, including three critical command injection and privilege escalation flaws with CVSS scores of 9.9. These vulnerabilities allow attackers with network access to take full control of networking hardware or steal sensitive data.

Take Action:

Make sure all your UniFi OS devices and UID Enterprise Agents are isolated from the internet and reachable only from trusted networks. Prioritize fixing any devices that are currently internet-facing. Then update everything to the fixed versions right away: UID Enterprise Agent 1.61.4, UniFi OS 5.1.15 (or 5.1.16 for UNAS storage appliances), and Express 4.0.15.

Read the full article on BeyondMachines

This article was originally published on BeyondMachines

Norfolk and Norwich University Hospital Patient Data Stolen in Synnovis Ransomware Attack

BeyondMachines — Sat, 13 Jun 2026 08:01:14 +0000

Summary

Norfolk and Norwich University Hospital suffered a data breach after the Qilin ransomware group attacked its third-party provider, Synnovis, leaking sensitive medical records of tens of thousands of patients.

Read the full article on BeyondMachines

This article was originally published on BeyondMachines

Elmwood Home Care Ransomware Attack Exposes Patient Medical and Personal Data

BeyondMachines — Fri, 12 Jun 2026 15:01:14 +0000

Summary

Elmwood Home Care reported a ransomware attack by the Lockbit 5.0 group, resulting in the theft of sensitive personal and medical data from its systems between January and February 2026.

Read the full article on BeyondMachines

This article was originally published on BeyondMachines

Palo Alto Networks Patches High-Severity Flaw in Cortex XSOAR and XSIAM

BeyondMachines — Fri, 12 Jun 2026 14:01:16 +0000

Summary

Palo Alto Networks patched nine vulnerabilities across PAN-OS, Cortex XSOAR/XSIAM, Prisma Access Agent, GlobalProtect, and Prisma Browser, the most severe being CVE-2026-0274, an unauthenticated credential-validation flaw in the CommvaultSecurityIQ integration that allows access and modification of protected resources by default.

Take Action:

Make sure your firewall and security management interfaces are isolated from the internet and reachable only from trusted internal networks, since most of these Palo Alto flaws are far more dangerous when those interfaces are exposed. Then update all affected products right away, especially the Cortex XSOAR/XSIAM CommvaultSecurityIQ integration.

Read the full article on BeyondMachines

This article was originally published on BeyondMachines

Splunk Patches Critical Unauthenticated File Manipulation Vulnerability

BeyondMachines — Fri, 12 Jun 2026 12:01:15 +0000

Summary

Splunk patched a critical vulnerability (CVE-2026-20253, CVSS 9.8) in Splunk Enterprise and Cloud Platform that allows unauthenticated attackers to create or truncate arbitrary files via a PostgreSQL sidecar service.

Take Action:

If you run Splunk Enterprise, update immediately to version 10.4.0, 10.2.4, or 10.0.7. And make sure to isolate the system from the internet and untrusted networks. If you use Splunk Cloud Platform, Splunk is already patching your instances, but verify you're on a fixed version (10.4.2604.3 or 10.2.2510.14 or higher) since there are no other ways to block this attack.

Read the full article on BeyondMachines

This article was originally published on BeyondMachines

Critical Vertiv UPS Management Card Flaws Threaten Data Center Power Stability

BeyondMachines — Fri, 12 Jun 2026 11:01:15 +0000

Summary

Vertiv patched two critical vulnerabilities (CVE-2025-46412 and CVE-2025-41426) in its UPS management cards that allow attackers to bypass authentication and execute remote code to shut down data center power.

Take Action:

Make sure your Vertiv Liebert UPS network cards (IS-UNITY-DP and RDU101) are isolated from the internet and reachable only from trusted internal networks or via VPN. Then apply the firmware updates ASAP. Review your UPS logs for any unexpected configuration changes or strange web requests.

Read the full article on BeyondMachines

This article was originally published on BeyondMachines

Microsoft Defender Zero-Days GreatXML and RoguePlanet Bypass BitLocker and Escalate Privileges

BeyondMachines — Fri, 12 Jun 2026 10:01:14 +0000

Summary

Microsoft is dealing with multiple zero-day exploits, including GreatXML and RoguePlanet, which allow attackers to bypass BitLocker encryption and escalate privileges to SYSTEM by targeting Microsoft Defender.

Take Action:

If you use Windows BitLocker encryption, switch it from TPM-only to TPM+PIN mode right away, so your drive requires a PIN at startup and can't be unlocked through the recovery environment. Keep an eye out for Microsoft patches for these two flaws (RoguePlanet and GreatXML), and limit physical access to your machines since the BitLocker bypass needs someone to physically touch the device.

Read the full article on BeyondMachines

This article was originally published on BeyondMachines