Cybersecurity News | Daily Recap [10 Jun 2026]

Microsoft shipped a record 206 vulnerabilities fixes in June 2026 Patch Tuesday, including 3 zero-days such as YellowKey, GreenPlasma, MiniPlasma, and RoguePlanet, while also releasing Windows 10 and Windows 11 cumulative updates and noting some upgraded PCs may fail to install the latest monthly updates – MS Patch, June Patch, Zero-Days, RoguePlanet, Win10 ESU, Win11 Updates, Install Failures

ServiceNow patched a vulnerability that was already exploited against some customers and separately disclosed a security incident exposing customer data, highlighting active risk for cloud service users – ServiceNow Patch, Data Leak
Veeam Backup & Replication and related backup servers were found vulnerable to RCE, with flaws allowing domain users or attackers to run remote code and threaten backup infrastructure – Veeam RCE, Backup RCE
Ivanti disclosed a max-severity Sentry flaw that can enable root code execution, while Cisco customers faced another SD-WAN zero-day under attack – Ivanti Sentry, Cisco SD-WAN
SAP fixed critical flaws in NetWeaver and Commerce Cloud, adding more pressure on enterprise admins to patch widely used business platforms – SAP Fixes
OpenSSL patched a high-severity vulnerability reportedly found with AI, underscoring continued supply-chain and library risk – OpenSSL Flaw

Infostealers have turned millions of devices into credential-theft machines, with attackers using stolen logins at scale to fuel broader account compromise – Infostealers
GitHub disabled Microsoft repositories that were pushing password-stealing malware, reflecting ongoing abuse of trusted development platforms for distribution – GitHub Malware

Anthropic launched Claude Fable 5 with cybersecurity guardrails, while XBOW tested the Mythos preview for offensive security use cases – Fable 5, Mythos Leash, XBOW Tests
OpenClaw, an AI agent, was found falling for phishing attacks and spilling user data, showing that AI tools can be tricked into leaking sensitive information – OpenClaw Phish
Meta said it will use off-site business data for feed ranking and AI personalization, raising privacy and data-use concerns – Meta Data

Cyera raised $600 million at a $12 billion valuation, and Aryon Security secured $29 million in Series A funding, signaling continued investor interest in cybersecurity startups – Cyera Raise, Aryon Raise
CISA is reconsidering how it prioritizes risks and vulnerabilities for both the federal and private sectors, potentially reshaping future patch and defense guidance – CISA Priorities

SHARE THIS STORY