BuzzSec

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a high-severity security flaw impacting SolarWinds Serv-U multi-protocol file server software to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. The vulnerability, tracked as CVE-2026-28318 (CVSS score: 7.5), is a denial-of-service (DoS) bug that causes the service to crash from The Hacker News https://thehackernews.com/2026/06/cisa-adds-actively-exploited-solarwinds.html

Microsoft's GitHub repositories have become the latest to fall victim to the ongoing Miasma self-replicating supply chain attack campaign. The incident impacted 73 Microsoft repositories across four of its GitHub organizations, including Azure, Azure-Samples, Microsoft, and MicrosoftDocs, per OpenSourceMalware. The development has GitHub to disable access to those repositories. "Access to this from The Hacker News https://thehackernews.com/2026/06/miasma-worm-hits-73-microsoft-github.html

John N Just, Ed.D. - Chief Learning Officer I have said it before, and I will say it again. Every time I think the KB4 Studios UK team has peaked, they somehow manage to outdo themselves. Season 7 of The Inside Man is here, and I could not be more proud of what this team has created. We celebrated the world premiere at KB4-CON, and the reaction in that room said it all. We also had another premiere on June 1st at the iconic Odeon Cinema Leicester Square in London — the same legendary theater where we have gathered fans in the past from around the world to experience this series on the big screen. from KnowBe4 Blog https://blog.knowbe4.com/your-knowbe4-fresh-content-updates-from-may-2026

Eighteen months ago, the AI SOC was a marketing line. Today it's a budget item. The category has crossed over from interesting to inevitable, with billions of dollars now flowing into AI-powered security operations platforms, agentic SOC tools, and AI co-pilots built into every layer of the security stack. The data shows SOCs are buying, deploying, and standing up AI capabilities at the fastest from The Hacker News https://thehackernews.com/2026/06/only-10-of-socs-say-theyre-getting.html

Lead Analysts: Jeewan Singh Jalal, Prabhakaran Ravichandhiran and Anand Bodke from KnowBe4 Blog https://blog.knowbe4.com/silent-invitation-calendar-invite-phishing-threat-labs

Threat actors are actively exploiting a critical security flaw in Everest Forms Pro, a WordPress plugin with about 4,000 active installations, to execute arbitrary code, leading to a complete site compromise. The vulnerability in question is CVE-2026-3300 (CVSS score: 9.8), a remote code execution bug impacting all versions of the plugin up to, and including, 1.9.12. A patch for the flaw was from The Hacker News https://thehackernews.com/2026/06/hackers-exploit-critical-everest-forms.html