Cuberk

---

Bishop Fox

• Popping Root on UniFi OS Server: Unauthenticated RCE Chain Detection & Analysis - A three-part vulnerability chain in UniFi OS Server allows unauthenticated attackers to bypass gateways and gain root access.
• Otto Support - Testing MCP Servers - Analysis of the new attack surface introduced by MCP servers, including discovery and exploitation of authorization gaps.

Trail of Bits

• The sorry state of skill distribution - Recent bypasses of malicious skill detectors and scanners in agentic ecosystems.

HackerOne Hacktivity

• Sony Music Center DLL Side-Loading - A DLL side-loading vulnerability was discovered in Sony Music Center for PC Ver. 2.7.2.
• HackerOne Platform Payload Injection - A vulnerability on the HackerOne platform allowed users to add malicious payloads to profile pages.
• KHealth Policy Update - Rewards policy for KHealth was updated on June 2, 2026, with recent activity in the last few days.

Medium.com (Tag: BugBounty & InfosecWriteups)

• Unauthenticated IDOR in HubSpot HubDB Legacy API - Detailed write-up on an IDOR allowing full data modification in HubSpot.
• How I Hijacked a CTF Platform with Four Lines of Burp Suite Rules - Exploiting a CTF platform using simple Burp Suite traffic manipulation.
• How I Hacked Any User Account in 5 Minutes - A critical account takeover story involving a simple yet effective vulnerability.
• The Bug That Almost Made Me Quit Cybersecurity - A career-focused reflection on a challenging bug hunt and the lessons learned.

Pentest-Report.com & getdisclosed.com Aggregators

• Disclosed. April 20, 2026 Issue - Latest curated newsletter covering Vercel compromises and Caido integrations.
• Bug Bounty Resources 2026 - Updated list of essential tools and resources for the 2026 bug bounty landscape.

Intigriti 'BugBytes' & YesWeHack Blog Writeups

• How LLMs are changing Bug Bounty: An interview with Aituglo - Discussion on the impact of Large Language Models on modern bug hunting strategies.
• Marketer by day, bug hunter by night: Interview with Stefan Goossens - Recent spotlight on a hybrid professional researcher's workflow and successes.

GitHub: arkadiyt/bounty-targets-data (Recent Changes)

• Ammocetes Serfhoods Update (06-09-2026) - Automated hourly update of bug bounty platform scopes.
• Youthy Rigorous Update (06-09-2026) - Latest scope data dump for HackerOne, Bugcrowd, and Intigriti targets.

Twitter/X

• Check Point Remote Access VPN Authentication Bypass (CVE-2026-50751) - Active exploitation of a critical authentication bypass vulnerability (CVSS 9.3) in Check Point Remote Access VPNs has been uncovered.
• Google Chrome Major Update Patches 429 Vulnerabilities - Google has released a massive stable update for Chrome, addressing 429 vulnerabilities.
• Critical Windows Netlogon RCE (CVE-2026-41089) Under Active Exploitation - A CVSS 10.0 remote code execution vulnerability in Windows Netlogon is being actively exploited in the wild.
• GitLab Duo AI & DoS Vulnerabilities - New vulnerabilities in GitLab's AI-powered development environments highlight ongoing risks in AI coding tools.

Mastodon Infosec.exchange

• Signal Statement on UK Surveillance Proposal - Signal opposes a UK proposal for mandatory device scanning, arguing it endangers privacy without safeguarding children.
• Meta Removes Facial Recognition Code from Smart Glasses App - Following public outcry and reports, Meta has stripped facial recognition capabilities from its smart glasses companion app.
• Tracking Tech Influence in 2026 Elections - Launch of Tech Influence Watch to track over $400 million in political spending by crypto and AI industries.
• Surveillance Product Links Bluetooth Devices to License Plates - A new product called SignalTrace correlates phones and smartwatches with license plate readers for expanded surveillance.

Other Sources

• Infosec Trending Updates - June 8, 2026 - Latest maintenance and security updates for vx-underground and PayloadsAllTheThings repositories.
• ReallyLong.Link Malicious Redirection Service - Brian Krebs warns of a "link extender" service being used by malware purveyors for obfuscated redirects.

The Hacker News

• One-Character Linux Kernel Flaw Enables Local Root Access, Exploits Now Public - Researchers published a working exploit for a Linux kernel use-after-free vulnerability (CVE-2026-23111) in nf_tables that allows local root escalation.
• Meta Blocks NSO Group's New WhatsApp Phishing Attack, Files Contempt Order - Meta detected and blocked spear-phishing attempts linked to NSO Group and is filing a federal court contempt order for violating a permanent injunction.
• Critical Check Point VPN Flaw Exploited to Bypass Passwords in IKEv1 Setups - A critical logic flow weakness in certificate validation (CVE-2026-50751) allows unauthenticated remote attackers to bypass user authentication in Check Point VPNs.
• AI Phishing Is Crushing SOCs with Alert Volume: How to Reduce Tier 1 Overload - AI-driven phishing campaigns are significantly increasing alert volumes for Security Operations Centers, requiring new strategies to manage Tier 1 overload.
• VerdantBamboo Deploys BSD Variant of BRICKSTORM on Linux Appliances - A China-nexus cyber espionage group is targeting Linux systems with a BSD variant of the BRICKSTORM backdoor and other malware families.
• UNC3753 Used Vishing and Physical Intrusions in U.S. Data Theft Extortion Campaign - A financially motivated threat actor is using voice phishing and social engineering to gain remote access for data theft and extortion in the U.S.
• VS Code Adds 2-Hour Extension Auto-Update Delay to Limit Supply Chain Attacks - Microsoft is implementing a delay in automatic extension updates to provide a window for detecting and blocking malicious extension versions.

BleepingComputer

• NFCShare Android malware spreads via fake banking app updates on GitHub - New variants of NFCShare malware are being distributed through GitHub repositories disguised as legitimate banking application updates.
• SoFi confirms third-party data breach at Hong Kong subsidiary - SoFi Hong Kong warned customers of a data breach involving a third-party vendor database containing sensitive user information.
• New Apple feature automatically changes your compromised passwords - Apple announced an AI-powered feature for iOS 27 that can automatically detect and fix weak or compromised passwords within Safari.
• New Shai-Hulud attack trojanizes 19 science-focused PyPI packages - A supply-chain attack compromised multiple PyPI packages to deliver malware designed to steal developer credentials and secrets.
• CISA: Hackers now exploit SolarWinds Serv-U flaw to crash servers - Threat actors are actively exploiting a vulnerability in SolarWinds Serv-U to cause denial-of-service conditions by crashing the service.
• Cisco warns of unpatched SD-WAN zero-day exploited in attacks - Cisco alerted users to an unpatched zero-day vulnerability in its SD-WAN solution that is being exploited to gain root privileges.
• Credit card theft campaign abuses Stripe to host stolen payment info - Attackers are misusing Stripe's infrastructure to host and manage stolen credit card information in a new theft campaign.

Risky Business

• Risky Business News: June 8, 2026 - Latest newsletter covers the exploitation of Check Point VPN flaws and the ongoing impact of the Miasma supply chain attack.

SecurityWeek

• A Security Raises $37 Million for Autonomous Offensive Security Platform - A new cybersecurity startup emerged from stealth with significant funding to develop an autonomous offensive security platform.
• WhatsApp Catches Spyware Firm NSO Defying No-Hacking Court Order - Meta's WhatsApp is taking legal action against NSO Group for allegedly continuing to target its users despite a court injunction.
• Everest Forms Vulnerability Exploited to Hack WordPress Sites - A remote code execution flaw in the Everest Forms plugin is being actively exploited to compromise WordPress websites.
• Silent Ransom Group Uses DNS Fast Flux in Attacks - The Silent Ransom Group is utilizing DNS fast flux techniques to conceal its command-and-control infrastructure while targeting U.S. law firms.
• Meta Says 20,000 Instagram Accounts Hacked via AI Tool Abuse - Meta revealed that a significant number of Instagram accounts were compromised through the exploitation of an AI-powered account recovery tool.

Dark Reading

• Check Point VPN Flaw Exploited Since Early May - A critical zero-day vulnerability in Check Point VPNs has been under active exploitation by ransomware affiliates for over a month.

DataBreaches.net

• KR: Tving CEO Apologizes for Unprecedented Data Leak - The CEO of South Korean OTT platform Tving issued a personal apology following a significant leak of member personal information.

Hacker News (YC)

• Attackers had month-long head start on patched Check Point VPN zero-day - Discussion on the delayed discovery and patching of the critical Check Point VPN vulnerability that was exploited in the wild.

CIO ET

• CERT-In finds multiple bugs in Microsoft Edge, advises users to update - The Indian computer emergency response team issued an advisory regarding multiple vulnerabilities in Microsoft Edge that could lead to remote code execution.

Krebs on Security

• Hackers Used Meta’s AI Support Bot to Seize Instagram Accounts - Pro-Iranian hackers successfully hijacked high-profile Instagram accounts by tricking Meta's AI customer support bot into resetting passwords.

NIST NVD & CVE Mitre

• CVE-2026-44631 - Buffer Underwrite vulnerability in Apache HTTP Server on crafted regular expressions.
• CVE-2026-47724 - API endpoints lack ownership checks in nebula-mesh, enabling cross-operator privilege escalation.
• CVE-2026-47252 - AppleScript/JXA Code Injection via Unescaped URL in macOS Chrome Plugin for Anyquery.
• CVE-2026-45034 - PHPSpreadsheet has a patch bypass for a previously identified vulnerability.

PoC-in-GitHub & GitHub Advisories List

• achnouri/CVE-2026-24061-GNU-InetUtils-telnetd - Authentication bypass vulnerability in GNU Inetutils telnetd via USER environment variable.
• K3ysTr0K3R/CVE-2026-24061 - PoC exploit for GNU InetUtils telnetd Argument Injection Authentication Bypass.
• CarlosEduardoPM/CVE-2026-4480 - Remote code execution in Samba printing subsystem via unescaped shell meta characters.
• 0xBlackash/CVE-2026-50751 - Logic flow weakness in Remote Access and Mobile Access certificate validation allows unauthenticated bypass.

GitHub Search: 'CVE-2026' OR 'CVE-2025' created:today

• HORKimhab/CVE-2026-23111 - Linux kernel vulnerability draft repository created today.
• Moon-Harvest/CVE-2025-59528 - Go PoC exploit for Flowise CustomMCP Remote Code Execution (RCE) created today.

Exploit-DB & Packet Storm Security

• [No new updates found in the last 24 hours.]

GitHub: GhostTroops/TOP

• theori-io/copy-fail-CVE-2026-31431 - 9-year-old Linux kernel LPE found by Theori's Xint Code, updated within 24 hours.
• DepthFirstDisclosures/Nginx-Rift - Exploit for CVE-2026-42945 updated within 24 hours.
• rootsecdev/cve_2026_31431 - Exploit POC for CVE-2026-31431 updated within 24 hours.

Help Net Security Tools

• Tools for parsing Dropbox configuration and cache files - Dropbox Reader is a suite of command-line tools for parsing configuration and cache files associated with Dropbox cloud storage software.

CTFtime.org

• Anti-Slop CTF 2026 - Jeopardy-style online CTF starting June 13, 2026.
• CyberSci Nationals 2025-2026 - Upcoming national CTF event held in Ottawa.

TryHackMe News

• Hackerverse CTF - The monthly Hackerverse CTF is coming to a close with only 24 hours remaining.

Infosec-Conferences.com

• Phoenix Summit Dhaka 2026 - Bangladesh's biggest cybersecurity event is currently live.

LinkedIn / Indeed Jobs (Last 24h)

• Offensive Security Specialist at DeepSeas - Penetration testing role based in San Diego, CA.
• Penetration Tester at Pyramid Consulting, Inc - Early applicant opportunity for a penetration tester in Johns Creek, GA.
• Cybersecurity Penetration Testing Expert at Alignerr - New York-based role for a penetration testing expert.
• AI Security Penetration Tester at Alignerr - Remote role focused on AI security and penetration testing.
• Senior Penetration Tester - AVP at Barclays - High-level penetration testing role at Barclays in Whippany, NJ.
• Information Security Analyst at NeerInfo Solutions - Security analyst position based in Texas.
• Security Analyst – Security Operations at TriCom Technical Services - SOC analyst role in Tampa, FL.
• Information Security Analyst at Insight Global - Entry-level to associate security analyst role in Boston, MA.
• IT Security Analyst at Code Metal - Security analyst role focused on IT infrastructure in Boston.
• Cyber Security Analyst at Raymond James - Security analyst role in St. Petersburg, FL, focusing on penetration attempts.

---