These news items are automatically aggregated from industry sources and are not individually reviewed. Any inaccuracies are unintentional —
let us know and we'll correct or remove it.
Microsoft’s June 2026 Patch Tuesday is the largest in the programme’s history, addressing 198 vulnerabilities including three actively exploited or publicly known zero-days and critical remote code execution flaws that allow VM guest escape from Windows Hyper-V. Organisations running unpatched Windows environments face significant exposure across virtualisation, remote desktop, and core kernel components.
Veeam has patched a critical remote code execution vulnerability in Backup and Replication v12 that allows any authenticated domain user to execute arbitrary code on the backup server. Rated CVSS 9.4, CVE-2026-44963 was disclosed and patched on 9 June 2026. Given the speed at which previous Veeam CVEs have been weaponised, organisations running v12 builds should patch immediately.
The European Data Protection Board has launched its 2026 Coordinated Enforcement Framework action, with 25 national data protection authorities simultaneously auditing organisations across Europe for compliance with GDPR transparency and information obligations. Investigations are underway now, and any organisation processing personal data in Europe should treat this as an immediate review priority.
Microsoft Threat Intelligence disclosed a prompt injection flaw in the Claude Code GitHub Action that allows an attacker to steal CI/CD workflow secrets using a single crafted GitHub issue. Fixed in version 2.1.128, the case illustrates that AI agents processing untrusted content inside pipelines require a fundamentally different security model from traditional pipeline tooling.
At today’s WWDC 2026 keynote, Apple confirmed iOS 27, macOS 27, and a rebuilt Siri powered by Google Gemini routed through Private Cloud Compute. For European organisations, the announcements bring immediate MDM policy questions and longer-term implications under the EU AI Act.
Cisco has disclosed that CVE-2026-20245, a command injection flaw in Catalyst SD-WAN Manager, is being actively exploited in the wild. No patch or workaround is available, making this the seventh Cisco SD-WAN zero-day confirmed exploited this year. Organisations relying on Cisco SD-WAN for branch connectivity or hybrid cloud networking should act immediately.
The Netherlands’ national cyber agency reviewed multiple recent incidents and found that misconfigured cloud environments, not sophisticated intrusions, are increasingly the root cause of data breaches across European organisations.
NIS2 and DORA frameworks now treat email authentication as a mandatory security control for in-scope organisations. With only 10.7% of domains holding a strict DMARC reject policy, most European businesses are simultaneously non-compliant and exposed to spoofing attacks.
On 8 June the European Data Protection Supervisor, the German Federal Commissioner for Data Protection, and the Bavarian Data Protection Commissioner are bringing together lawmakers, regulators, and business representatives in Brussels to debate how the EU Digital Omnibus package reshapes the GDPR. For businesses, the debate signals that regulatory change is moving from proposal to politics.
Fortinet FortiGuard Labs has issued a formal Outbreak Alert for CVE-2026-3055, a critical memory overread in Citrix NetScaler ADC and NetScaler Gateway that targets SAML Identity Provider configurations. Patches have been available since March but thousands of appliances remain unpatched and are actively targeted.
This site uses cookies. By continuing to use this website, you agree to their use.
We’ll help you resolve your infrastructure challenges
Our team of experts is ready to help you with your infrastructure challenges. We’ll give you honest and personal treatment. Get in touch to learn more.