Microsoft Copilot 1-Click Exploit, LiteSpeed Flaw, Fortinet Bugs and SprySOCKS Backdoor

THN Daily Updates Webinar ➞ Why Automated Pentesting Is Not Enough on Its Own Learn what automated pentesting tools actually validate, where they fall short, and how to build a complete security validation program that turns findings into clear, actionable priorities. Download Now Sponsored LATEST NEWS Jun 16, 2026 Survey: 94% of Incidents Involve Anonymized Infrastructure. Teams Are Still Reactive Security teams have never had more IP data at their disposal. Every day, analysts ingest enrichment feeds, geolocation data, reputation scores, telemetry, and threat intelligence from a growing ecosystem of vendors and ... Read More Attackers Exploit Three Fortinet FortiSandbox Flaws, One Patched Last Week Bad actors are exploiting multiple security vulnerabilities in Fortinet FortiSandbox, according to threat intelligence firm Defused Cyber. In a post shared on X, the company said it has observed exploitation of CVE-202... Read More How SDLC Risk is Reshaping Application Security The new 2026 State of SDLC Report shares how risk is shifting upstream into the software development lifecycle. Learn more. Read More China-Linked SprySOCKS Backdoor Expands to Windows with Driver-Based Stealth Cybersecurity researchers have flagged two previously undocumented Windows variants of what was believed to be a Linux-only backdoor called SprySOCKS. "The Windows variants discovered are internally marked as WIN_DRV a... Read More Fake Microsoft Alerts Used to Deploy North Korean NarwhalRAT Malware The North Korean state-sponsored hacking group known as ScarCruft (aka APT37) has been observed using spear-phishing messages impersonating Microsoft Account security notifications to deliver malware called NarwhalRAT. ... Read More Why Runtime Scanning Is Too Late for Your CI/CD Supply Chain Security Runtime scanners detect threats after malicious packages enter CI/CD. Ingestion-point governance blocks risky dependencies before damage starts. Read More Cisco Releases Security Updates for Actively Exploited SD-WAN Manager Flaw Cisco has released security updates for a medium-severity security flaw in Catalyst SD-WAN Manager that has come under active exploitation in the wild. The vulnerability, tracked as CVE-2026-20262, carries a CVSS score... Read More CISA Flags LiteSpeed cPanel Plugin Flaw Exploited for Root Privilege Escalation The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a security flaw impacting LiteSpeed cPanel Plugin to its Known Exploited Vulnerabilities (KEV) catalog, requiring Federal Civilian Executive Bra... Read More Webinar ➞ Why Automated Pentesting Is Not Enough on Its Own Learn what automated pentesting tools actually validate, where they fall short, and how to build a complete security validation program that turns findings into clear, actionable priorities. Download Now Sponsored This email was sent to sikubaycom.s3cr3tz@blogger.com. You are receiving this newsletter because you opted-in to receive relevant communications from THN. To manage your email newsletter preferences, please click here. Contact THN: info@thehackernews.com Unsubscribe THN | K.P BLock, Pitampura, Delhi