===================== = End-of-Day report = =====================
Timeframe: Dienstag 16-06-2026 18:00 − Mittwoch 17-06-2026 18:00 Handler: Alexander Riepl Co-Handler: n/a
===================== = News = =====================
∗∗∗ Kodak confirms data breach claimed by ShinyHunters extortion gang ∗∗∗ --------------------------------------------- Kodak has confirmed that its working with external cybersecurity experts to investigate a security breach after hackers gained access to some of the companys data. --------------------------------------------- https://www.bleepingcomputer.com/news/security/kodak-confirms-data-breach-cl...
∗∗∗ Historischer Anstieg: KI lässt Anzahl gemeldeter Sicherheitslücken explodieren ∗∗∗ --------------------------------------------- Neuen Hochrechnungen zufolge könnten 2026 etwa 66.000 neue Sicherheitslücken registriert werden. Im Vorjahr waren es noch deutlich weniger. --------------------------------------------- https://www.golem.de/news/historischer-anstieg-ki-laesst-anzahl-gemeldeter-s...
∗∗∗ Fußball-WM: Offizielles Streamingportal der Fifa gehackt ∗∗∗ --------------------------------------------- Eine Forscherin hat eine unzureichende Sicherheitsprüfung bei Systemen der Fifa entdeckt. Angreifer hätten Streams der laufenden WM sabotieren können. --------------------------------------------- https://www.golem.de/news/fussball-wm-offizielles-streamingportal-der-fifa-g...
∗∗∗ France To Stop Certifying Products Without Quantum-Safe Encryption ∗∗∗ --------------------------------------------- Starting in 2027, Frances cybersecurity agency ANSSI will stop certifying security products that lack quantum-resistant encryption, effectively forcing government agencies and critical infrastructure operators to phase out older cryptographic systems. Reuters reports: Samih Souissi, ANSSIs chief of staff, said at the France Quantum conference that .. --------------------------------------------- https://it.slashdot.org/story/26/06/16/181236/france-to-stop-certifying-prod...
∗∗∗ WordPress PBN Plugin Drops Dual Webshells via Database Injection ∗∗∗ --------------------------------------------- During a recent incident response engagement, our team uncovered a multi-stage WordPress infection that goes beyond the usual file-based malware. The attacker combined a fake plugin, a remote command-and-control server, and two PHP web shells stored directly inside the WordPress database.The campaign is operated by a Turkish-speaking threat actor .. --------------------------------------------- https://blog.sucuri.net/2026/06/wordpress-pbn-plugin-drops-dual-webshells-vi...
∗∗∗ CISA Warns of Actively Exploited Joomla JCE Flaw Allowing PHP Code Execution ∗∗∗ --------------------------------------------- The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added a maximum-severity security flaw impacting Widget Factory Joomla Content Editor (JCE) to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. --------------------------------------------- https://thehackernews.com/2026/06/cisa-warns-of-actively-exploited-joomla.ht...
∗∗∗ Three critical Fortinet sandbox bugs splattered by unknown attackers ∗∗∗ --------------------------------------------- All have patches, so make sure you upgrade to a fixed version --------------------------------------------- https://www.theregister.com/security/2026/06/16/three-critical-fortinet-sand...
∗∗∗ ‘Dangerous’ AI Models Are Coming No Matter What ∗∗∗ --------------------------------------------- The US government crackdown on Anthropic’s Claude Fable 5 and Mythos 5 hides a glaring truth: AI models with advanced hacking capabilities will soon be the norm. --------------------------------------------- https://www.wired.com/story/dangerous-ai-models-are-coming-no-matter-what/
∗∗∗ Mehrere Plug-ins für JetBrains-IDEs stehlen API-Keys für OpenAI, DeepSeek & Co. ∗∗∗ --------------------------------------------- Mindestens 15 Plug-ins für JetBrains-IDEs übermitteln API-Keys an einen externen Server. Dabei bieten sie ansonsten die versprochenen Funktionen. --------------------------------------------- https://www.heise.de/news/Mehrere-Plug-ins-fuer-JetBrains-IDEs-stehlen-API-K...
∗∗∗ Android 17 hat direkt Sicherheitspatches mit an Bord ∗∗∗ --------------------------------------------- Googles Entwickler haben in der Launchversion von Android 17 diverse Sicherheitslücken geschlossen. --------------------------------------------- https://www.heise.de/news/Android-17-hat-direkt-Sicherheitspatches-mit-an-Bo...
∗∗∗ Angriffe auf FortiSandbox-Schwachstellen ∗∗∗ --------------------------------------------- Schwachstellen in FortiSandbox sind derzeit Ziel von Angriffen im Internet. Patches zum Absichern stehen seit April bereit. --------------------------------------------- https://www.heise.de/news/Angriffe-auf-FortiSandbox-Schwachstellen-11335667....
∗∗∗ NIS2-Mahnung: BSI setzt neue Frist zur Registrierung bis Ende Juli ∗∗∗ --------------------------------------------- Die Registrierungszahlen zum IT-Sicherheitsgesetz enttäuschen. Das BSI mahnt Firmen, NIS2-Vorgaben einzuhalten, und gibt eine neue Deadline vor. --------------------------------------------- https://www.heise.de/news/NIS2-Mahnung-BSI-setzt-neue-Frist-zur-Registrierun...
∗∗∗ GitHub dismissed security reports on flaws now exploited by supply-chain worm, researchers say ∗∗∗ --------------------------------------------- GitHub rejected two formal vulnerability reports identifying design flaws that researchers say are enabling variants of the Shai-Hulud supply-chain worm to infect and compromise hundreds of software packages and developer accounts worldwide. --------------------------------------------- https://therecord.media/github-dismissed-reports-shai-hulud-deep-specter
∗∗∗ Reducing Microsoft Sentinel Costs Without Compromising Detection – Part 1: The Summary Rules Quest ∗∗∗ --------------------------------------------- This blog is the first in a series exploring how Summary Rules, together with Auxiliary or Data Lake storage, can help organizations optimize SIEM costs without compromising core threat detection and monitoring capabilities. --------------------------------------------- https://blog.nviso.eu/2026/06/17/reducing-microsoft-sentinel-costs-without-c...
∗∗∗ FortiBleed — 75k Fortinet firewalls have admin passwords cracked ∗∗∗ --------------------------------------------- An interesting post popped up on LinkedIn at the weekend from Voldymyr Diachenko saying plain text passwords were found in the wild by Hunt Intelligence Inc for Fortinet firewalls .. --------------------------------------------- https://doublepulsar.com/fortibleed-75k-fortinet-firewalls-have-admin-passwo...
∗∗∗ Threat tactic spotlight: Subdomain takeover ∗∗∗ --------------------------------------------- In this blog post you’ll learn how to detect and prevent subdomain takeover – a tactic where threat actors exploit dangling DNS records to redirect traffic to attacker-controlled resources. We’ll explain the issue, how the situation arises, and how you can use various AWS features and services to help mitigate the impact of this tactic. --------------------------------------------- https://aws.amazon.com/blogs/security/threat-tactic-spotlight-subdomain-take...
===================== = Vulnerabilities = =====================
∗∗∗ Critical Security Patch Update Advisory - June 2026 ∗∗∗ --------------------------------------------- https://www.oracle.com/security-alerts/cspujun2026.html
∗∗∗ Multiple Vulnerabilities in Quanos Content Solutions SCHEMA ST4 ∗∗∗ --------------------------------------------- https://sec-consult.com/vulnerability-lab/advisory/multiple-vulnerabilities-...
∗∗∗ A 27-Year-Old Authentication Bypass in OpenBSDs PPP Stack ∗∗∗ --------------------------------------------- https://blog.argus-systems.ai/blog/openbsd-pap-27-year-auth-bypass.html