Nottingham University data breach affects over 450,000 students (2026-06-11 07:27 UTC)
Kurz: The University of Nottingham confirmed on Wednesday that a hacking group gained access to its student records system in a breach affecting both current students and alums. […]
Max severity Ivanti Sentry vulnerability now exploited in attacks (2026-06-11 06:20 UTC)
Kurz: Attackers are now targeting a recently patched maximum-severity flaw in Ivanti Sentry, enabling them to execute code with root privileges on Internet-exposed secure mobile gateways. […]
Path traversal flaw in AI dev platform Langflow exploited in attacks (2026-06-10 21:23 UTC)
Kurz: Attackers are actively exploiting CVE-2026-5027, a high-severity path traversal vulnerability in the AI development platform Langflow, to write arbitrary files on exposed servers. […]
GitHub to Disable npm Install Scripts by Default to Stop Supply Chain Attacks (2026-06-11 06:23 UTC)
Kurz: GitHub has announced what it said are “breaking changes” coming to npm version 12, one of which turns off install scripts by default to combat software supply chain threats. The changes aim to combat attack techniques that abuse the “npm in…
China-Linked JDY Botnet Expands to 1,500+ Devices for Cyber Reconnaissance (2026-06-10 16:08 UTC)
Kurz: Cybersecurity researchers have warned of a “resurgence and expansion” of JDY, a covert network associated with China-nexus state-sponsored threat actors. “The JDY botnet comprises over 1,500 SOHO [small office and home office] and IoT devic…
Ivanti, Fortinet, and SAP Release Patches for Multiple Critical Vulnerabilities (2026-06-10 15:10 UTC)
Kurz: Fortinet, Ivanti, and SAP have released security updates to address multiple critical security vulnerabilities that could result in arbitrary code execution and information disclosure. The security flaw patched by Fortinet relates to a comm…
Kurz: A flaw was found in assisted-migration-agent. The application hardcodes insecure Transport Layer Security (TLS) connections when communicating with vCenter. This vulnerability allows a Man-in-the-Middle (MITM) attacker t…