![Cybersecurity News | Daily Recap [18 Jun 2026]](https://www.hendryadrian.com/tweet/image/DailyRecap.png "Cybersecurity News | Daily Recap [18 Jun 2026]")
Daily Recap, Klue linked an OAuth breach to Icarus-associated Salesforce data theft activity, while Kodak confirmed a breach after ShinyHunters claims, and FortiBleed reports exposed up to 75,000 Fortinet firewall/VPN devices with leaked credentials. Apple patched a Beats Studio Buds eavesdropping flaw, F5 delivered out-of-band fixes for critical NGINX issues, and Microsoft confirmed a RoguePlanet Defender zero-day is being patched as attackers rapidly exploit recently disclosed Fortinet flaws. #Klue #Icarus #Salesforce #Kodak #ShinyHunters #FortiBleed #Fortinet #BeatsStudioBuds #F5 #NGINX #RoguePlanetDefender #Microsoft #MFA #CISA #Telegram #EU #Ukraine
Breaches & Leaks
- Klue’s OAuth breach has been tied to Icarus-linked Salesforce data theft activity, while Kodak confirmed a data breach after ShinyHunters claims, highlighting continued cloud-app compromise campaigns – Klue OAuth, Kodak Breach
- FortiBleed exposure reports say up to 75,000 Fortinet firewalls/VPN devices may be affected, with leaked credentials and claims of broader enterprise impact – FortiBleed, VPN Leak, Fortinet Exploits
Vulnerabilities & Patching
- Apple patched a Beats Studio Buds flaw that could let attackers eavesdrop on conversations, underscoring risks in audio-access devices – Beats Fix
- F5 issued out-of-band fixes for critical NGINX vulnerabilities, while Microsoft separately addressed Windows Server 2016 update failures and Office launch issues after June updates – NGINX Patches, Server Fix, Office Issues
- Microsoft confirmed a RoguePlanet Defender zero-day is under patch development, signaling another active exploitation risk – RoguePlanet
- Attackers are already exploiting critical Fortinet flaws disclosed in April, showing how quickly patch gaps turn into real-world intrusions – Fortinet Exploits
Cloud, MFA & Account Security
- A crypto clipper campaign is using fake reviews, AI narrators, and VirusTotal comments to spread malware, while broader reporting warns that modern breaches increasingly bypass MFA and evade detection – Crypto Clipper, MFA Bypass
- Analysis on rising account takeovers says identity attacks are becoming more common and harder to stop, reinforcing the need for stronger authentication controls – ATO Rise
- A junior hacker reportedly used Tailscale and OpenSSH to maintain access after his C2 went offline, illustrating resilient post-compromise persistence tactics – Persistent Access
Government & Geopolitics
- The EU granted Ukraine access to its cybersecurity reserve for major attacks, while a new warning says hostile states are behind roughly three-quarters of attacks on Britain‘s critical infrastructure – Ukraine Aid, UK Threats
- Warner warned of CISA cuts and staffing shortages in a letter to the acting chief, raising concerns about U.S. cyber defense capacity – CISA Cuts
- India‘s Telegram crackdown affected exam-leak channels and reportedly spilled over into the UAE, as court proceedings highlighted platform moderation limits – Telegram Court, Telegram Ban
Privacy & Platform Policy
- Google plans to use UK and EU user IP addresses for ad personalization, a move likely to draw fresh privacy scrutiny – Google Ads
- Dream raised $260 million at a $3 billion valuation, marking a major funding event in the security market – Dream Funding