{ "meta": { "generated": "2026-06-10T22:17:38.665Z", "schemaVersion": "1.0", "source": "https://defend.network", "docs": "https://defend.network/api/", "license": "CC BY 4.0", "licenseUrl": "https://creativecommons.org/licenses/by/4.0/", "attribution": "Data by defend.network (https://defend.network), licensed CC BY 4.0. Underlying CVE facts from NVD (NIST), the CISA KEV catalog, and FIRST.org EPSS.", "count": 30 }, "briefings": [ { "date": "2026-06-10", "title": "Microsoft 200-patch record, Veeam RCE critical, GitHub supply-chain worm ongoing", "url": "https://defend.network/briefings/microsoft-veeam-github-patch-rce-miasma-2026-06-10.html", "severity": "high", "threats": [ "vulnerability-exploit", "supply-chain", "apt" ], "industries": [ "technology", "government", "defense" ] }, { "date": "2026-06-09", "title": "Critical Check Point VPN and Linux kernel flaws under active exploitation; NSO spyware defies court order", "url": "https://defend.network/briefings/check-point-vpn-linux-kernel-nso-whatsapp-2026-06-09.html", "severity": "high", "threats": [ "zero-day", "vulnerability-exploit", "mobile-malware", "supply-chain", "apt", "phishing" ], "industries": [ "technology", "finance", "government", "defense" ] }, { "date": "2026-06-08", "title": "Miasma worm hits Microsoft GitHub, SolarWinds Serv-U actively exploited, WordPress Everest Forms RCE", "url": "https://defend.network/briefings/miasma-solarwinds-everest-forms-active-exploits-2026-06-08.html", "severity": "medium", "threats": [ "supply-chain", "vulnerability-exploit", "credential-theft", "data-breach" ], "industries": [ "technology", "government" ] }, { "date": "2026-06-07", "title": "Miasma worm hits Microsoft GitHub; SolarWinds actively exploited; Chrome 429 patches", "url": "https://defend.network/briefings/miasma-solarwinds-chrome-ffmpeg-exploits-2026-06-07.html", "severity": "medium", "threats": [ "supply-chain", "vulnerability-exploit", "apt", "ddos", "credential-theft" ], "industries": [ "technology", "government", "finance" ] }, { "date": "2026-06-06", "title": "Critical Exploits: npm Supply Chain, WordPress Plugin, SolarWinds, IIS Attacks", "url": "https://defend.network/briefings/npm-wordpress-solarwinds-iot-active-exploits-2026-06-06.html", "severity": "medium", "threats": [ "supply-chain", "vulnerability-exploit", "malware", "iot-ot", "credential-theft" ], "industries": [ "technology", "energy", "government" ] }, { "date": "2026-06-05", "title": "Cisco Unified CM RCE, Claude GitHub Action Hijack, AI Agent Exploits", "url": "https://defend.network/briefings/cisco-github-claude-ai-agent-exploits-2026-06-05.html", "severity": "medium", "threats": [ "vulnerability-exploit", "supply-chain", "credential-theft", "malware", "data-breach" ], "industries": [ "technology", "government", "healthcare", "finance" ] }, { "date": "2026-06-04", "title": "Google Gemini prompt injection, Microsoft 365 token theft, Redis RCE patched", "url": "https://defend.network/briefings/gemini-prompt-injection-microsoft-365-tokens-redis-rce-2026-06-04.html", "severity": "low", "threats": [ "mobile-malware", "credential-theft", "vulnerability-exploit", "ddos" ], "industries": [ "technology", "energy", "government" ] }, { "date": "2026-06-03", "title": "Android, WinRAR, WordPress Kirki: Three critical zero-days under active exploitation", "url": "https://defend.network/briefings/android-winrar-wordpress-kirki-active-exploits-2026-06-03.html", "severity": "high", "threats": [ "zero-day", "vulnerability-exploit", "apt", "malware", "ransomware" ], "industries": [ "technology", "government" ] }, { "date": "2026-06-02", "title": "Red Hat npm, WordPress, Instagram under active attack; critical Windows vulnerability patching urgent", "url": "https://defend.network/briefings/red-hat-npm-wordpress-instagram-critical-exploits-2026-06-02.html", "severity": "medium", "threats": [ "supply-chain", "vulnerability-exploit", "credential-theft", "malware" ], "industries": [ "technology", "government" ] }, { "date": "2026-06-01", "title": "PAN-OS GlobalProtect actively exploited; Russian infrastructure dismantled; Linux kernel flaw", "url": "https://defend.network/briefings/palo-alto-pantos-linux-kernel-cyberattacks-breach-2026-06-01.html", "severity": "high", "threats": [ "vulnerability-exploit", "apt", "data-breach", "malware", "credential-theft" ], "industries": [ "government", "technology", "finance", "transportation", "telecom" ] }, { "date": "2026-05-31", "title": "Active exploits: Palo Alto GlobalProtect, CISA credential leak, Linux kernel RCE", "url": "https://defend.network/briefings/pan-os-globalprotect-cisa-github-linux-kernel-exploits-2026-05-31.html", "severity": "high", "threats": [ "vulnerability-exploit", "credential-theft", "ddos", "phishing" ], "industries": [ "technology", "government" ] }, { "date": "2026-05-30", "title": "ChatGPT malware abuse, Marimo CVE-2026-39987 LLM exploitation, Russian infrastructure arrests", "url": "https://defend.network/briefings/chatgpt-marimo-russian-infrastructure-disruption-2026-05-30.html", "severity": "high", "threats": [ "phishing", "zero-day", "malware", "apt", "supply-chain", "credential-theft" ], "industries": [ "technology", "finance", "government" ] }, { "date": "2026-05-29", "title": "FortiClient EMS, GitHub secrets, CISA breach: critical exploitation ongoing", "url": "https://defend.network/briefings/forticlient-ems-github-cisa-credential-stealer-2026-05-29.html", "severity": "high", "threats": [ "vulnerability-exploit", "credential-theft", "data-breach", "malware", "mobile-malware", "phishing" ], "industries": [ "government", "technology", "finance", "healthcare" ] }, { "date": "2026-05-28", "title": "FortiClient EMS, Gogs RCE actively exploited; CISA GitHub leak exposes AWS keys", "url": "https://defend.network/briefings/forticlient-gogs-github-credential-theft-rce-2026-05-28.html", "severity": "high", "threats": [ "vulnerability-exploit", "credential-theft", "zero-day", "malware", "data-breach", "insider-threat" ], "industries": [ "government", "technology", "finance", "healthcare" ] }, { "date": "2026-05-27", "title": "Critical RCEs and credential leaks: Microsoft SharePoint, CISA AWS exposure, MuddyWater espionage", "url": "https://defend.network/briefings/sharepoint-rce-cisa-github-leak-muddywater-2026-05-27.html", "severity": "low", "threats": [ "zero-day", "vulnerability-exploit", "apt", "credential-theft", "data-breach" ], "industries": [ "technology", "government", "manufacturing", "education", "finance" ] }, { "date": "2026-05-26", "title": "Ghost CMS, Microsoft 365 phishing, and supply-chain malware in active exploitation", "url": "https://defend.network/briefings/ghost-cms-microsoft-365-supply-chain-exploits-2026-05-26.html", "severity": "medium", "threats": [ "vulnerability-exploit", "supply-chain", "phishing", "credential-theft", "ddos", "apt" ], "industries": [ "technology", "finance", "education", "government" ] }, { "date": "2026-05-25", "title": "GitHub npm supply chain attacks, LiteSpeed RCE, CISA credentials exposed", "url": "https://defend.network/briefings/github-npm-supply-chain-litespeed-cisa-credentials-leak-2026-05-25.html", "severity": "high", "threats": [ "supply-chain", "vulnerability-exploit", "data-breach", "credential-theft", "ddos" ], "industries": [ "technology", "government" ] }, { "date": "2026-05-24", "title": "GitHub, npm, and Drupal under attack: supply-chain threats and active CVE exploitation", "url": "https://defend.network/briefings/github-npm-supply-chain-drupal-cve-exploits-2026-05-24.html", "severity": "high", "threats": [ "supply-chain", "vulnerability-exploit", "zero-day", "credential-theft", "ddos" ], "industries": [ "technology", "education", "government" ] }, { "date": "2026-05-23", "title": "GitHub supply-chain attack, Drupal RCE, AWS GovCloud credential leak", "url": "https://defend.network/briefings/github-drupal-aws-credentials-active-exploits-2026-05-23.html", "severity": "high", "threats": [ "supply-chain", "vulnerability-exploit", "credential-theft", "ddos", "malware" ], "industries": [ "technology", "government", "finance", "healthcare" ] }, { "date": "2026-05-22", "title": "Critical RCEs: Microsoft Defender, Linux kernel, Cisco Workload; Showboat targets telcos", "url": "https://defend.network/briefings/microsoft-defender-linux-kernel-cisco-workload-critical-2026-05-22.html", "severity": "critical", "threats": [ "zero-day", "vulnerability-exploit", "malware", "apt", "data-breach" ], "industries": [ "telecom", "government", "technology", "education" ] }, { "date": "2026-05-21", "title": "GitHub breach, SonicWall VPN MFA bypass, Drupal critical flaw demand patching", "url": "https://defend.network/briefings/github-breach-sonicwall-drupal-critical-vulnerabilities-2026-05-21.html", "severity": "medium", "threats": [ "data-breach", "apt", "vulnerability-exploit", "malware", "supply-chain" ], "industries": [ "technology", "finance", "government", "education" ] }, { "date": "2026-05-20", "title": "Microsoft, Drupal, Linux critical patches; OAuth phishing bypasses MFA on 340+ orgs", "url": "https://defend.network/briefings/microsoft-drupal-oauth-phishing-mfa-bypass-2026-05-20.html", "severity": "low", "threats": [ "vulnerability-exploit", "phishing", "ransomware", "malware", "mobile-malware" ], "industries": [ "technology", "government", "finance", "education" ] }, { "date": "2026-05-19", "title": "Microsoft Exchange zero-day in active use; npm worm clones spread after source leak", "url": "https://defend.network/briefings/exchange-zero-day-npm-worm-interpol-arrests-2026-05-19.html", "severity": "medium", "threats": [ "zero-day", "supply-chain", "malware", "credential-theft", "data-breach", "vulnerability-exploit" ], "industries": [ "technology", "education", "government", "finance", "healthcare" ] }, { "date": "2026-05-18", "title": "Zero-days exploited: NGINX, MS Exchange, Cisco SD-WAN; TanStack hit", "url": "https://defend.network/briefings/nginx-exchange-supply-chain-critical-2026-05-18.html", "severity": "high", "threats": [ "zero-day", "vulnerability-exploit", "supply-chain", "data-breach", "credential-theft" ], "industries": [ "technology", "government", "finance", "healthcare", "education", "retail", "telecom" ] }, { "date": "2026-05-17", "title": "Critical RCEs exploited: Cisco SD-WAN, Exchange, Funnel Builder", "url": "https://defend.network/briefings/cisco-exchange-funnel-builder-critical-exploits-2026-05-17.html", "severity": "high", "threats": [ "zero-day", "vulnerability-exploit", "supply-chain", "credential-theft", "apt", "malware" ], "industries": [ "technology", "government", "finance", "retail", "defense", "telecom" ] }, { "date": "2026-05-16", "title": "MS Exchange zero-day exploited; npm hits OpenAI; Turla evolves Kazuar", "url": "https://defend.network/briefings/exchange-zero-day-npm-supply-chain-turla-botnet-2026-05-16.html", "severity": "high", "threats": [ "zero-day", "supply-chain", "apt", "vulnerability-exploit", "credential-theft", "malware", "data-breach" ], "industries": [ "technology", "government", "finance", "education", "defense", "retail" ] }, { "date": "2026-05-15", "title": "Cisco SD-WAN zero-day exploited; TanStack supply-chain hits OpenAI", "url": "https://defend.network/briefings/cisco-sd-wan-critical-rce-supply-chain-2026-05-15.html", "severity": "high", "threats": [ "zero-day", "vulnerability-exploit", "supply-chain", "apt", "phishing", "credential-theft", "data-breach", "ransomware" ], "industries": [ "technology", "government", "telecom", "education", "finance", "defense" ] }, { "date": "2026-05-14", "title": "BitLocker zero-day PoCs public; Exchange APT; Foxconn breached", "url": "https://defend.network/briefings/bitlocker-zero-day-exchange-apt-ransomware-2026-05-14.html", "severity": "medium", "threats": [ "zero-day", "vulnerability-exploit", "apt", "ransomware", "data-breach", "supply-chain" ], "industries": [ "technology", "energy", "education", "manufacturing" ] }, { "date": "2026-05-13", "title": "npm/PyPI supply-chain; Canvas ransomware; Microsoft 137 patches", "url": "https://defend.network/briefings/supply-chain-ransomware-critical-patches-2026-05-13.html", "severity": "medium", "threats": [ "supply-chain", "ransomware", "vulnerability-exploit", "mobile-malware", "data-breach" ], "industries": [ "technology", "education", "manufacturing", "finance" ] }, { "date": "2026-05-12", "title": "Checkmarx Jenkins compromise; AI-generated zero-day 2FA bypass", "url": "https://defend.network/briefings/checkmarx-jenkins-plugin-supply-chain-ai-zero-day-2026-05-12.html", "severity": "high", "threats": [ "supply-chain", "zero-day", "vulnerability-exploit", "malware", "data-breach", "credential-theft", "ransomware" ], "industries": [ "technology", "education", "finance", "government" ] } ] }