Ivanti, Fortinet, and SAP Release Patches, FireAnt Attack, JDY Botnet

THN Daily Updates Webinar ➞ Why Automated Pentesting Is Not Enough on Its Own Learn what automated pentesting tools actually validate, where they fall short, and how to build a complete security validation program that turns findings into clear, actionable priorities. Download Now Sponsored LATEST NEWS Jun 11, 2026 AI Broke Vulnerability Management. That's Why CISOs Are Moving Budget to BAS. For thirty years, vulnerability management ran on a buffer: the months between when a vulnerability was found and when someone could figure out how to weaponize it. The solution was straightforward enough; triage by sev... Read More OceanLotus Hits Vietnam Investors With SPECTRALVIPER in FireAnt Attack The Vietnam-aligned threat actor known as OceanLotus has been attributed to two distinct campaigns that targeted domestic entities and stock investors with a backdoor known as SPECTRALVIPER. The campaigns involve a pro... Read More AI Attacks Are Accelerating. Make Sure You Are Fixing the Right Things. PlexTrac ranks every finding by real exploitability and business impact. Fix what really matters. See it in action. Read More GitHub to Disable npm Install Scripts by Default to Stop Supply Chain Attacks GitHub has announced what it said are "breaking changes" coming to npm version 12, one of which turns off install scripts by default to combat software supply chain threats. The changes aim to combat attack techniques ... Read More China-Linked JDY Botnet Expands to 1,500+ Devices for Cyber Reconnaissance Cybersecurity researchers have warned of a "resurgence and expansion" of JDY, a covert network associated with China-nexus state-sponsored threat actors. "The JDY botnet comprises over 1,500 SOHO [small office and home... Read More Hacking Salesforce Sites With an LLM Agent AI agent exploited Salesforce sites; 263 objects, 55 Apex methods exposed at one portal, leading to PII and file leaks. Read More Ivanti, Fortinet, and SAP Release Patches for Multiple Critical Vulnerabilities Fortinet, Ivanti, and SAP have released security updates to address multiple critical security vulnerabilities that could result in arbitrary code execution and information disclosure. The security flaw patched by Fort... Read More Unpatched Langflow Flaw CVE-2026-5027 Exploited for Unauthenticated RCE A high-severity unpatched security flaw in Langflow, an open-source low-code platform to build artificial intelligence (AI) applications, has come under active exploitation in the wild, according to findings from VulnCh... Read More Webinar ➞ Why Automated Pentesting Is Not Enough on Its Own Learn what automated pentesting tools actually validate, where they fall short, and how to build a complete security validation program that turns findings into clear, actionable priorities. Download Now Sponsored This email was sent to sikubaycom.s3cr3tz@blogger.com. You are receiving this newsletter because you opted-in to receive relevant communications from THN. To manage your email newsletter preferences, please click here. Contact THN: info@thehackernews.com Unsubscribe THN | K.P BLock, Pitampura, Delhi