Kurz: Es sind wichtige Sicherheitsupdates für unter anderem Cisco Identity Services Engine (ISE) erschienen. Netzwerkadmins sollten zeitnah tätig werden.
Klue OAuth breach victim list grows as Icarus hackers claim attack (2026-06-19 22:31 UTC)
Kurz: Market intelligence platform Klue has publicly confirmed a recent security incident that allowed threat actors to steal OAuth tokens used to connect to customers’ Salesforce environments, as the new “Icarus” extortion group publicly claims …
Hackers exploit info disclosure bug in Gravity SMTP WordPress plugin (2026-06-19 20:25 UTC)
Kurz: Threat actors are exploiting an unauthenticated information disclosure vulnerability in the WordPress plugin Gravity SMTP, active on 100,000 sites. […]
Texas govt data breach exposes over 3 million driver’s licenses (2026-06-19 16:12 UTC)
Kurz: The Texas Parks and Wildlife Department (TPWD) disclosed a data breach at its license system vendor that exposed personal information for more than three million individuals. […]
Unpatchable ‘usbliter8’ Exploit Breaks Apple A12 and A13 SecureROM Boot Chain (2026-06-19 18:37 UTC)
Kurz: Security researchers at Paradigm Shift have published a working exploit, dubbed usbliter8, that achieves arbitrary code execution inside the SecureROM of Apple’s A12 and A13 chips. That code is burned into the silicon at manufacture. No sof…
Kurz: The Gentlemen ransomware-as-a-service (RaaS) operation is actively developing and maintaining a suite of endpoint detection and response (EDR) killers that it hands out to affiliates for impairing system defenses before deploying the encryp…
AutoJack Attack Lets One Web Page Hijack AI Agent for Host Code Execution (2026-06-19 15:30 UTC)
Kurz: Microsoft researchers have detailed an exploit chain, named AutoJack, that turns an AI browsing agent into a delivery vehicle for remote code execution. Steer the agent to load an attacker’s web page, and that page’s JavaScript can reach a …